0)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 3: ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x2d3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x2e200) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x10000000, 0x0, 0x0, 0x0}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @private0}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000240)=ANY=[@ANYRES32=0x0], &(0x7f000095dffc)=0x8) perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0xfb, 0x3, 0xf1, 0x52, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000440), 0x4}, 0x1, 0x9f8, 0x7, 0x0, 0x0, 0x6, 0x5b3c, 0x0, 0x401, 0x0, 0x1ff}, 0x0, 0xa, 0xffffffffffffffff, 0x1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000002c0)={0x0, 0xfffffffffffffffd, 0x1b, 0x5, @scatter={0x2, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/23, 0x17}, {&(0x7f0000000140)=""/75, 0x4b}]}, &(0x7f0000000240)="c35fbe2a422c2dad30b603b590e642cf6714d5407d93a7f8aa48c2", &(0x7f0000000740)=""/4096, 0x101, 0x0, 0x3, &(0x7f0000000280)}) mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000880)=ANY=[]) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x2, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) r2 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000340)='./file0\x00', 0x8, 0x2) close(r2) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r3, 0x5608) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x2d3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x2e200) (async) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x10000000, 0x0, 0x0, 0x0}) (async) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @private0}], 0x1c) (async) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000240)=ANY=[@ANYRES32=0x0], &(0x7f000095dffc)=0x8) (async) perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0xfb, 0x3, 0xf1, 0x52, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000440), 0x4}, 0x1, 0x9f8, 0x7, 0x0, 0x0, 0x6, 0x5b3c, 0x0, 0x401, 0x0, 0x1ff}, 0x0, 0xa, 0xffffffffffffffff, 0x1) (async) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) mkdir(0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0) (async) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000002c0)={0x0, 0xfffffffffffffffd, 0x1b, 0x5, @scatter={0x2, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/23, 0x17}, {&(0x7f0000000140)=""/75, 0x4b}]}, &(0x7f0000000240)="c35fbe2a422c2dad30b603b590e642cf6714d5407d93a7f8aa48c2", &(0x7f0000000740)=""/4096, 0x101, 0x0, 0x3, &(0x7f0000000280)}) (async) mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000880)=ANY=[]) (async) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) (async) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x2, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) (async) socket$inet(0x2b, 0x801, 0x0) (async) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) (async) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000340)='./file0\x00', 0x8, 0x2) (async) close(r2) (async) syz_open_dev$tty20(0xc, 0x4, 0x0) (async) ioctl$VT_DISALLOCATE(r3, 0x5608) (async) [ 73.068629][ T2646] loop0: detected capacity change from 0 to 176 [ 73.089499][ T2670] loop4: detected capacity change from 0 to 176 [ 73.099080][ T2671] loop1: detected capacity change from 0 to 1024 14:57:20 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 73.120112][ T2671] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 73.153112][ T2675] loop5: detected capacity change from 0 to 256 14:57:20 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 3: ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x2d3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x2e200) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x10000000, 0x0, 0x0, 0x0}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @private0}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000240)=ANY=[@ANYRES32=0x0], &(0x7f000095dffc)=0x8) perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0xfb, 0x3, 0xf1, 0x52, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000440), 0x4}, 0x1, 0x9f8, 0x7, 0x0, 0x0, 0x6, 0x5b3c, 0x0, 0x401, 0x0, 0x1ff}, 0x0, 0xa, 0xffffffffffffffff, 0x1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000002c0)={0x0, 0xfffffffffffffffd, 0x1b, 0x5, @scatter={0x2, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/23, 0x17}, {&(0x7f0000000140)=""/75, 0x4b}]}, &(0x7f0000000240)="c35fbe2a422c2dad30b603b590e642cf6714d5407d93a7f8aa48c2", &(0x7f0000000740)=""/4096, 0x101, 0x0, 0x3, &(0x7f0000000280)}) mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000880)=ANY=[]) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, 0x0, 0x2, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x8000) r2 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), &(0x7f0000000340)='./file0\x00', 0x8, 0x2) close(r2) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r3, 0x5608) 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 73.185864][ T2697] loop0: detected capacity change from 0 to 176 [ 73.193185][ T2698] FAT-fs (loop2): Unrecognized mount option "hash" or missing value [ 73.198664][ T2700] loop4: detected capacity change from 0 to 176 14:57:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 73.257286][ T2704] loop1: detected capacity change from 0 to 1024 [ 73.271080][ T2707] loop5: detected capacity change from 0 to 256 [ 73.286073][ T2708] loop3: detected capacity change from 0 to 1024 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)) [ 73.300519][ T2712] FAT-fs (loop2): Unrecognized mount option "hash" or missing value [ 73.307991][ T2704] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 73.321063][ T2714] loop4: detected capacity change from 0 to 176 [ 73.323646][ T2708] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:20 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 73.355336][ T2719] loop5: detected capacity change from 0 to 256 [ 73.368720][ T2722] FAT-fs (loop2): Unrecognized mount option "hash" or missing value [ 73.394187][ T2726] loop1: detected capacity change from 0 to 1024 14:57:20 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb, 0x810, r0, 0xa62c7000) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000001400)={0x4, &(0x7f00000013c0)=[{0x81, 0x5, 0x2}, {0x8, 0x7d, 0x7, 0x5}, {0x0, 0xff, 0x6, 0x4}, {0x7, 0x1, 0x4, 0x4}]}) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000001340)) ftruncate(r0, 0x8001) r1 = fsmount(r0, 0x1, 0x2) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000001640)={'syzkaller0\x00', &(0x7f0000001500)=ANY=[@ANYBLOB="20000000fb000000777f6c012e0103d70931448c531a488899a8b3c7e7d553c5d39552722f94c14bfcd9b8339a928d0d7a02dc89d67652ebde14c877ed86ba22e28ac553bb2dc8912d8f61022fa91ca2fe986bb1decc6388d414c48524fecdbe7b8c076ab6ba7de72dc7aa62254dc3808309fdd594a948895199565a72e22034d579fdbee1bcdb11616fe2e68fad5e3837ba1cac6db92efe3a74ca2003d8cf43af47171fd2a2f8dc214184324288ea33906b9dd6c3bc420b10fc568dff28e8af8502366a5364d094d4ac8697c57af2ee75c9ca890242c8f36d5ff6eadfdbd8c52e764759272252b67766c3e864ce9dd0c6379215ea52ff1c4a98000000000000000000"]}) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000280)) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001440), 0x905082, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r3, 0x80605414, &(0x7f0000001480)) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000001680)) r4 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r4) syz_genetlink_get_family_id$nl80211(&(0x7f0000001380), r4) recvmsg(r4, &(0x7f0000001300)={&(0x7f0000000140)=@generic, 0x80, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/168, 0xa8}], 0x1, &(0x7f0000000300)=""/4096, 0x1000}, 0x2040) 14:57:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb, 0x810, r0, 0xa62c7000) (async) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000001400)={0x4, &(0x7f00000013c0)=[{0x81, 0x5, 0x2}, {0x8, 0x7d, 0x7, 0x5}, {0x0, 0xff, 0x6, 0x4}, {0x7, 0x1, 0x4, 0x4}]}) (async) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000001340)) (async) ftruncate(r0, 0x8001) (async) r1 = fsmount(r0, 0x1, 0x2) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) (async) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000001640)={'syzkaller0\x00', &(0x7f0000001500)=ANY=[@ANYBLOB="20000000fb000000777f6c012e0103d70931448c531a488899a8b3c7e7d553c5d39552722f94c14bfcd9b8339a928d0d7a02dc89d67652ebde14c877ed86ba22e28ac553bb2dc8912d8f61022fa91ca2fe986bb1decc6388d414c48524fecdbe7b8c076ab6ba7de72dc7aa62254dc3808309fdd594a948895199565a72e22034d579fdbee1bcdb11616fe2e68fad5e3837ba1cac6db92efe3a74ca2003d8cf43af47171fd2a2f8dc214184324288ea33906b9dd6c3bc420b10fc568dff28e8af8502366a5364d094d4ac8697c57af2ee75c9ca890242c8f36d5ff6eadfdbd8c52e764759272252b67766c3e864ce9dd0c6379215ea52ff1c4a98000000000000000000"]}) (async) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000280)) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) (async) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001440), 0x905082, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r3, 0x80605414, &(0x7f0000001480)) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000001680)) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r4) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000001380), r4) (async) recvmsg(r4, &(0x7f0000001300)={&(0x7f0000000140)=@generic, 0x80, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/168, 0xa8}], 0x1, &(0x7f0000000300)=""/4096, 0x1000}, 0x2040) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) [ 73.417172][ T2726] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 73.445594][ T2734] loop5: detected capacity change from 0 to 256 [ 73.458161][ T2736] loop4: detected capacity change from 0 to 176 14:57:20 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb, 0x810, r0, 0xa62c7000) (async) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000001400)={0x4, &(0x7f00000013c0)=[{0x81, 0x5, 0x2}, {0x8, 0x7d, 0x7, 0x5}, {0x0, 0xff, 0x6, 0x4}, {0x7, 0x1, 0x4, 0x4}]}) (async) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000001340)) (async) ftruncate(r0, 0x8001) (async, rerun: 64) r1 = fsmount(r0, 0x1, 0x2) (rerun: 64) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) (async) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000001640)={'syzkaller0\x00', &(0x7f0000001500)=ANY=[@ANYBLOB="20000000fb000000777f6c012e0103d70931448c531a488899a8b3c7e7d553c5d39552722f94c14bfcd9b8339a928d0d7a02dc89d67652ebde14c877ed86ba22e28ac553bb2dc8912d8f61022fa91ca2fe986bb1decc6388d414c48524fecdbe7b8c076ab6ba7de72dc7aa62254dc3808309fdd594a948895199565a72e22034d579fdbee1bcdb11616fe2e68fad5e3837ba1cac6db92efe3a74ca2003d8cf43af47171fd2a2f8dc214184324288ea33906b9dd6c3bc420b10fc568dff28e8af8502366a5364d094d4ac8697c57af2ee75c9ca890242c8f36d5ff6eadfdbd8c52e764759272252b67766c3e864ce9dd0c6379215ea52ff1c4a98000000000000000000"]}) (async) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000280)) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) (async) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001440), 0x905082, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r3, 0x80605414, &(0x7f0000001480)) (async) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000001680)) (async, rerun: 64) r4 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r4) syz_genetlink_get_family_id$nl80211(&(0x7f0000001380), r4) recvmsg(r4, &(0x7f0000001300)={&(0x7f0000000140)=@generic, 0x80, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/168, 0xa8}], 0x1, &(0x7f0000000300)=""/4096, 0x1000}, 0x2040) 14:57:20 executing program 4: syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) [ 73.489246][ T2744] FAT-fs (loop0): Unrecognized mount option "hash" or missing value [ 73.505574][ T2746] loop1: detected capacity change from 0 to 1024 [ 73.522982][ T2746] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:57:20 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x560}], 0x0, &(0x7f0000012b00)) [ 73.550209][ T2759] loop4: detected capacity change from 0 to 176 [ 73.553956][ T2758] FAT-fs (loop0): Unrecognized mount option "hash" or missing value 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010d00)="ed41000000040000d7f4655fd8f4655fd8f4655f000000000000040020", 0x1d, 0x1480}], 0x0, &(0x7f0000012b00)) 14:57:20 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 73.591185][ T2765] loop1: detected capacity change from 0 to 1024 [ 73.612261][ T2768] loop5: detected capacity change from 0 to 20 [ 73.629843][ T2771] loop4: detected capacity change from 0 to 176 14:57:20 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:20 executing program 3: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @none={0x0, 0x1}}, 0x14) bind$802154_raw(r0, 0x0, 0x0) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="629f683f0b7e506c7134370953f528572cf9000ba1056c3a4a9518f9c8ca817b82900f44ae07beffa084a15e0b370eded2f8b1a0d06c29779a2c17c05c62508343c332757ea2201b93eaea7083f89b063820a215f9b11ffdf829f6c59d6d1f67664288cfbfed1dcafb09", 0x6a}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r2 = syz_io_uring_setup(0x6ce0, &(0x7f0000000340), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x4d79, &(0x7f0000000180)={0x0, 0xf38a, 0x8, 0x2, 0x6e, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000240)) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3, r5}}, 0x3) [ 73.635376][ T2768] EXT4-fs (loop5): bad geometry: block count 512 exceeds size of device (10 blocks) [ 73.636971][ T2773] FAT-fs (loop0): Unrecognized mount option "hash" or missing value [ 73.656685][ T2765] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 73.678101][ T24] audit: type=1400 audit(1639666640.903:143): avc: denied { create } for pid=2774 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 73.680403][ T2775] ieee802154 phy0 wpan0: encryption failed: -22 [ 73.698559][ T24] audit: type=1400 audit(1639666640.903:144): avc: denied { bind } for pid=2774 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 14:57:20 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:20 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 3: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @none={0x0, 0x1}}, 0x14) (async) bind$802154_raw(r0, 0x0, 0x0) (async) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="629f683f0b7e506c7134370953f528572cf9000ba1056c3a4a9518f9c8ca817b82900f44ae07beffa084a15e0b370eded2f8b1a0d06c29779a2c17c05c62508343c332757ea2201b93eaea7083f89b063820a215f9b11ffdf829f6c59d6d1f67664288cfbfed1dcafb09", 0x6a}, 0x1, 0x0, 0x0, 0x8000}, 0x10) (async) r2 = syz_io_uring_setup(0x6ce0, &(0x7f0000000340), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x4d79, &(0x7f0000000180)={0x0, 0xf38a, 0x8, 0x2, 0x6e, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (async) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0) (async) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3, r5}}, 0x3) [ 73.724737][ T24] audit: type=1400 audit(1639666640.903:145): avc: denied { write } for pid=2774 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 73.744915][ T24] audit: type=1400 audit(1639666640.953:146): avc: denied { create } for pid=2774 comm="syz-executor.3" dev="anon_inodefs" ino=18328 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 73.767073][ T24] audit: type=1400 audit(1639666640.953:147): avc: denied { map } for pid=2774 comm="syz-executor.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18328 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0), 0x0, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 3: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind$802154_raw(r1, &(0x7f0000000300)={0x24, @none={0x0, 0x1}}, 0x14) bind$802154_raw(r0, 0x0, 0x0) (async) sendmsg$802154_raw(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)="629f683f0b7e506c7134370953f528572cf9000ba1056c3a4a9518f9c8ca817b82900f44ae07beffa084a15e0b370eded2f8b1a0d06c29779a2c17c05c62508343c332757ea2201b93eaea7083f89b063820a215f9b11ffdf829f6c59d6d1f67664288cfbfed1dcafb09", 0x6a}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r2 = syz_io_uring_setup(0x6ce0, &(0x7f0000000340), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x4d79, &(0x7f0000000180)={0x0, 0xf38a, 0x8, 0x2, 0x6e, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (async, rerun: 32) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) (rerun: 32) syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0) (async) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3, r5}}, 0x3) [ 73.779202][ T2782] ieee802154 phy0 wpan0: encryption failed: -22 [ 73.798199][ T2784] loop4: detected capacity change from 0 to 176 [ 73.798247][ T2785] loop5: detected capacity change from 0 to 8 [ 73.814426][ T2785] EXT4-fs (loop5): bad geometry: block count 512 exceeds size of device (4 blocks) [ 73.834596][ T2788] loop1: detected capacity change from 0 to 1024 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}, {&(0x7f0000000100)="8295b75065f67272599be253dca5d4a7fc11d3e84088a061059dd1829d207cfeb5468e1e6887df90964efe50e68ba4470db7edcbfa6cc9676010d535e5dd66fb8d6f1e6b9a5cb1a3e2e5907d7670904ea211bae94c24b7011ebabf69c64cec11192394902f1f23c1991c6d88267e85459d5b7a466aeadcf446e0d3a05a677c040bbbb7be0689f5e09022a24fd41f452e2737cb10466b66c2bc315fb644988f1369a17f1b9d611c089cafd1e84496a54bb2caf1ff3bcfd93a795eb1f330dc6ceba195", 0xc2, 0xb021}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f342aebd19c3b9ef60c6c2320dd5a2604de0260d3957b49d4a6cbe63a707673d7c520dce661c93cd34c29", 0x53, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0), 0x0, 0x560}], 0x0, &(0x7f0000012b00)) [ 73.840674][ T2791] ieee802154 phy0 wpan0: encryption failed: -22 [ 73.842409][ T2788] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 73.866518][ T2794] loop4: detected capacity change from 0 to 176 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 73.900551][ T2800] loop5: detected capacity change from 0 to 5 [ 73.907028][ T2799] loop1: detected capacity change from 0 to 1024 [ 73.934502][ T2799] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) [ 73.944969][ T2800] EXT4-fs (loop5): bad geometry: block count 512 exceeds size of device (2 blocks) 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0), 0x0, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000040000000000000000000000850000005100000095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xcb, &(0x7f0000000280)=""/203, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = fcntl$dupfd(r0, 0x0, r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='xen_mmu_set_pmd\x00', r1}, 0x10) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe4, 0xe4, 0xc, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @volatile={0x7, 0x0, 0x0, 0x9, 0x20000004}, @struct={0x9, 0x6, 0x0, 0x4, 0x1, 0x2, [{0xf, 0x0, 0x8001}, {0xa, 0x5}, {0x10, 0x5, 0x8}, {0x6, 0x0, 0x7}, {0x0, 0x1, 0x7}, {0x4, 0x4, 0x2}]}, @union={0x9, 0x1, 0x0, 0x5, 0x0, 0x3ff, [{0x4, 0x5, 0xfffffffb}]}, @struct={0x5, 0x5, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x4, 0x8001}, {0xf, 0x0, 0x4}, {0x7, 0x2, 0x6}, {0x7, 0x4}, {0x5, 0xa4f6, 0x4}]}, @volatile={0x2, 0x0, 0x0, 0x9, 0x5}, @ptr={0x9, 0x0, 0x0, 0x2, 0x5}]}, {0x0, [0x61, 0x30, 0x30, 0x30, 0x30, 0x61, 0x61, 0x5f, 0x2e, 0x61]}}, &(0x7f0000000000)=""/25, 0x108, 0x19, 0x1}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x6, 0xffffff9c, 0x10001, 0x113, 0x1, 0x2, '\x00', 0x0, r2, 0x1, 0x4, 0x3}, 0x40) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x80840, 0x138) 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="34106d3a2014e09896a1fcdebc9cd485a577b133efafe06a9041a2b4056b153ff8642efc947f3817c7723d12de3bd317e656fbb901891ab8b498f95fcd3a5e3f7a4b60639d06d083018a61c5767e9181bd3a5e01827c5c8e8cc9e3efa711e4b9d4", 0x61, 0x2}], 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000040000000000000000000000850000005100000095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xcb, &(0x7f0000000280)=""/203, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = fcntl$dupfd(r0, 0x0, r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='xen_mmu_set_pmd\x00', r1}, 0x10) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe4, 0xe4, 0xc, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @volatile={0x7, 0x0, 0x0, 0x9, 0x20000004}, @struct={0x9, 0x6, 0x0, 0x4, 0x1, 0x2, [{0xf, 0x0, 0x8001}, {0xa, 0x5}, {0x10, 0x5, 0x8}, {0x6, 0x0, 0x7}, {0x0, 0x1, 0x7}, {0x4, 0x4, 0x2}]}, @union={0x9, 0x1, 0x0, 0x5, 0x0, 0x3ff, [{0x4, 0x5, 0xfffffffb}]}, @struct={0x5, 0x5, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x4, 0x8001}, {0xf, 0x0, 0x4}, {0x7, 0x2, 0x6}, {0x7, 0x4}, {0x5, 0xa4f6, 0x4}]}, @volatile={0x2, 0x0, 0x0, 0x9, 0x5}, @ptr={0x9, 0x0, 0x0, 0x2, 0x5}]}, {0x0, [0x61, 0x30, 0x30, 0x30, 0x30, 0x61, 0x61, 0x5f, 0x2e, 0x61]}}, &(0x7f0000000000)=""/25, 0x108, 0x19, 0x1}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x6, 0xffffff9c, 0x10001, 0x113, 0x1, 0x2, '\x00', 0x0, r2, 0x1, 0x4, 0x3}, 0x40) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x80840, 0x138) [ 74.017334][ T2814] loop1: detected capacity change from 0 to 1024 [ 74.030228][ T2819] loop5: detected capacity change from 0 to 4 [ 74.046104][ T2814] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000040000000000000000000000850000005100000095"], &(0x7f0000000140)='GPL\x00', 0x2, 0xcb, &(0x7f0000000280)=""/203, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r1 = fcntl$dupfd(r0, 0x0, r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='xen_mmu_set_pmd\x00', r1}, 0x10) (async) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe4, 0xe4, 0xc, [@ptr={0x2, 0x0, 0x0, 0x2, 0x4}, @volatile={0x7, 0x0, 0x0, 0x9, 0x20000004}, @struct={0x9, 0x6, 0x0, 0x4, 0x1, 0x2, [{0xf, 0x0, 0x8001}, {0xa, 0x5}, {0x10, 0x5, 0x8}, {0x6, 0x0, 0x7}, {0x0, 0x1, 0x7}, {0x4, 0x4, 0x2}]}, @union={0x9, 0x1, 0x0, 0x5, 0x0, 0x3ff, [{0x4, 0x5, 0xfffffffb}]}, @struct={0x5, 0x5, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x4, 0x8001}, {0xf, 0x0, 0x4}, {0x7, 0x2, 0x6}, {0x7, 0x4}, {0x5, 0xa4f6, 0x4}]}, @volatile={0x2, 0x0, 0x0, 0x9, 0x5}, @ptr={0x9, 0x0, 0x0, 0x2, 0x5}]}, {0x0, [0x61, 0x30, 0x30, 0x30, 0x30, 0x61, 0x61, 0x5f, 0x2e, 0x61]}}, &(0x7f0000000000)=""/25, 0x108, 0x19, 0x1}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x6, 0xffffff9c, 0x10001, 0x113, 0x1, 0x2, '\x00', 0x0, r2, 0x1, 0x4, 0x3}, 0x40) (async, rerun: 64) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x80840, 0x138) (rerun: 64) 14:57:21 executing program 3: r0 = syz_io_uring_setup(0x73d7, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000005c0)=@IORING_OP_NOP={0x0, 0x7}, 0xffffff01) syz_io_uring_submit(r1, r2, &(0x7f0000008540)=@IORING_OP_REMOVE_BUFFERS, 0x10001) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x2004, @fd_index, 0x0, 0x0}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f000004e000/0x2000)=nil, 0x2000}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000580)=@IORING_OP_CLOSE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x184, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000147000/0x2000)=nil, &(0x7f0000149000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000400)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000140)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000215000/0x4000)=nil, 0x4000}, 0x0) io_uring_enter(r0, 0x63f4, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x11, 0x0, 0x0}, 0xfffffffd) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r5}}, 0x31e) [ 74.059928][ T2819] EXT4-fs (loop5): bad geometry: block count 512 exceeds size of device (2 blocks) 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16aae8967fdc85f9fcf07bd14e09e51d0f691516f34", 0x2a, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}, {@uid_gt={'uid>', 0xee01}}]}) 14:57:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 3: r0 = syz_io_uring_setup(0x73d7, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000005c0)=@IORING_OP_NOP={0x0, 0x7}, 0xffffff01) syz_io_uring_submit(r1, r2, &(0x7f0000008540)=@IORING_OP_REMOVE_BUFFERS, 0x10001) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x2004, @fd_index, 0x0, 0x0}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f000004e000/0x2000)=nil, 0x2000}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000580)=@IORING_OP_CLOSE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x184, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000147000/0x2000)=nil, &(0x7f0000149000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000400)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000140)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000215000/0x4000)=nil, 0x4000}, 0x0) io_uring_enter(r0, 0x63f4, 0x0, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x11, 0x0, 0x0}, 0xfffffffd) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r5}}, 0x31e) syz_io_uring_setup(0x73d7, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380), &(0x7f0000000100)) (async) syz_io_uring_submit(r1, r2, &(0x7f00000005c0)=@IORING_OP_NOP={0x0, 0x7}, 0xffffff01) (async) syz_io_uring_submit(r1, r2, &(0x7f0000008540)=@IORING_OP_REMOVE_BUFFERS, 0x10001) (async) mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) (async) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x2004, @fd_index, 0x0, 0x0}, 0x1) (async) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) (async) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f000004e000/0x2000)=nil, 0x2000}, 0x0) (async) syz_io_uring_submit(r1, r3, &(0x7f0000000580)=@IORING_OP_CLOSE, 0x0) (async) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) (async) syz_io_uring_submit(r1, r3, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) (async) syz_io_uring_setup(0x184, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000147000/0x2000)=nil, &(0x7f0000149000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000100)) (async) syz_io_uring_submit(r1, r4, &(0x7f0000000400)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) (async) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE, 0x0) (async) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) (async) syz_io_uring_submit(r1, r3, &(0x7f0000000140)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000215000/0x4000)=nil, 0x4000}, 0x0) (async) io_uring_enter(r0, 0x63f4, 0x0, 0x0, 0x0, 0x0) (async) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x11, 0x0, 0x0}, 0xfffffffd) (async) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) (async) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r5}}, 0x31e) (async) 14:57:21 executing program 3: r0 = syz_io_uring_setup(0x73d7, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000005c0)=@IORING_OP_NOP={0x0, 0x7}, 0xffffff01) (async) syz_io_uring_submit(r1, r2, &(0x7f0000008540)=@IORING_OP_REMOVE_BUFFERS, 0x10001) (async) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) (async) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x2004, @fd_index, 0x0, 0x0}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index}, 0x0) (async, rerun: 32) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f000004e000/0x2000)=nil, 0x2000}, 0x0) (rerun: 32) syz_io_uring_submit(r1, r3, &(0x7f0000000580)=@IORING_OP_CLOSE, 0x0) (async, rerun: 64) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) (rerun: 64) syz_io_uring_submit(r1, r3, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x184, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000147000/0x2000)=nil, &(0x7f0000149000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000400)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index}, 0x0) (async) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) (async, rerun: 32) syz_io_uring_submit(r1, r3, &(0x7f0000000140)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000215000/0x4000)=nil, 0x4000}, 0x0) (async, rerun: 32) io_uring_enter(r0, 0x63f4, 0x0, 0x0, 0x0, 0x0) (async) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x11, 0x0, 0x0}, 0xfffffffd) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r5}}, 0x31e) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 74.155246][ T2842] FAT-fs (loop4): Unrecognized mount option "hash" or missing value [ 74.167173][ T2845] loop1: detected capacity change from 0 to 1024 [ 74.175804][ T2845] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 74.176363][ T2848] loop5: detected capacity change from 0 to 4 [ 74.194918][ T2848] EXT4-fs (loop5): unsupported descriptor size 0 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="01", 0x1, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x8, 0x740) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r1) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f000000e740)={0x0, 0x0, &(0x7f000000e700)={&(0x7f000000d180)={0x38, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x38}}, 0x40) socket$nl_generic(0x10, 0x3, 0x10) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}], 0x0, &(0x7f0000012b00)) [ 74.243119][ T2881] loop1: detected capacity change from 0 to 1024 [ 74.244577][ T2882] FAT-fs (loop4): Unrecognized mount option "hash" or missing value [ 74.250640][ T2881] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x8, 0x740) (rerun: 32) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r1) (async) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f000000e740)={0x0, 0x0, &(0x7f000000e700)={&(0x7f000000d180)={0x38, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x38}}, 0x40) (async) socket$nl_generic(0x10, 0x3, 0x10) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}, {@uid_gt={'uid>', 0xee01}}]}) 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@fat=@check_strict}, {@dots}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="01", 0x1, 0x560}], 0x0, &(0x7f0000012b00)) [ 74.292216][ T2888] loop5: detected capacity change from 0 to 4 [ 74.302119][ T2888] EXT4-fs (loop5): unsupported descriptor size 0 14:57:21 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x8, 0x740) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r1) (async) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f000000e740)={0x0, 0x0, &(0x7f000000e700)={&(0x7f000000d180)={0x38, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x38}}, 0x40) socket$nl_generic(0x10, 0x3, 0x10) 14:57:21 executing program 3: socket$nl_route(0x10, 0x3, 0x0) 14:57:21 executing program 3: socket$nl_route(0x10, 0x3, 0x0) 14:57:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 74.358375][ T2900] FAT-fs (loop4): Unrecognized mount option "hash" or missing value [ 74.361648][ T2902] loop1: detected capacity change from 0 to 1024 [ 74.374847][ T2902] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:21 executing program 3: socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="01", 0x1, 0x560}], 0x0, &(0x7f0000012b00)) [ 74.416498][ T2912] loop5: detected capacity change from 0 to 4 [ 74.454537][ T2912] EXT4-fs (loop5): unsupported descriptor size 0 14:57:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 1) [ 74.454627][ T2922] loop1: detected capacity change from 0 to 1024 [ 74.469420][ T2922] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 74.510211][ T2926] FAULT_INJECTION: forcing a failure. [ 74.510211][ T2926] name failslab, interval 1, probability 0, space 0, times 1 [ 74.522888][ T2926] CPU: 1 PID: 2926 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 74.531566][ T2926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.541704][ T2926] Call Trace: [ 74.544986][ T2926] [ 74.547914][ T2926] dump_stack_lvl+0xd6/0x122 [ 74.552587][ T2926] dump_stack+0x11/0x1b [ 74.556844][ T2926] should_fail+0x23c/0x250 [ 74.561274][ T2926] ? __se_sys_memfd_create+0xe9/0x350 [ 74.566690][ T2926] __should_failslab+0x81/0x90 [ 74.571468][ T2926] should_failslab+0x5/0x20 [ 74.575981][ T2926] __kmalloc+0x6f/0x370 [ 74.580178][ T2926] ? strnlen_user+0x137/0x1c0 [ 74.584864][ T2926] __se_sys_memfd_create+0xe9/0x350 [ 74.590095][ T2926] __x64_sys_memfd_create+0x2d/0x40 [ 74.595297][ T2926] do_syscall_64+0x44/0xd0 [ 74.599745][ T2926] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.605646][ T2926] RIP: 0033:0x7f8caf5f1e99 [ 74.610127][ T2926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 74.629735][ T2926] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 74.638160][ T2926] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 [ 74.646136][ T2926] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 14:57:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710d16a", 0x16, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 2) 14:57:21 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) [ 74.654106][ T2926] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 74.662075][ T2926] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 [ 74.670049][ T2926] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 74.678104][ T2926] [ 74.699891][ T2928] loop5: detected capacity change from 0 to 4 [ 74.721485][ T2930] FAULT_INJECTION: forcing a failure. [ 74.721485][ T2930] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 74.734575][ T2930] CPU: 1 PID: 2930 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 74.735349][ T2935] loop1: detected capacity change from 0 to 1024 [ 74.743328][ T2930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.743340][ T2930] Call Trace: [ 74.743347][ T2930] [ 74.743353][ T2930] dump_stack_lvl+0xd6/0x122 [ 74.743378][ T2930] dump_stack+0x11/0x1b [ 74.762854][ T2935] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 74.763190][ T2930] should_fail+0x23c/0x250 [ 74.789608][ T2930] should_fail_usercopy+0x16/0x20 [ 74.794692][ T2930] _copy_from_user+0x1c/0xd0 [ 74.799296][ T2930] __se_sys_memfd_create+0x125/0x350 [ 74.804591][ T2930] __x64_sys_memfd_create+0x2d/0x40 [ 74.809810][ T2930] do_syscall_64+0x44/0xd0 [ 74.814292][ T2930] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.820192][ T2930] RIP: 0033:0x7f8caf5f1e99 [ 74.824705][ T2930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 74.844322][ T2930] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 74.852759][ T2930] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 [ 74.860769][ T2930] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 14:57:22 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100", 0x2, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:22 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, 0x0) 14:57:22 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 3) [ 74.868745][ T2930] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 74.876719][ T2930] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 [ 74.884768][ T2930] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 74.892757][ T2930] [ 74.901267][ T2928] EXT4-fs (loop5): unsupported descriptor size 0 [ 74.953220][ T2940] loop1: detected capacity change from 0 to 1024 [ 74.960566][ T2940] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 74.967108][ T2942] FAULT_INJECTION: forcing a failure. [ 74.967108][ T2942] name failslab, interval 1, probability 0, space 0, times 0 [ 74.983309][ T2942] CPU: 1 PID: 2942 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 74.992048][ T2942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.002106][ T2942] Call Trace: [ 75.005386][ T2942] [ 75.008390][ T2942] dump_stack_lvl+0xd6/0x122 [ 75.013010][ T2942] dump_stack+0x11/0x1b [ 75.017300][ T2942] should_fail+0x23c/0x250 [ 75.021725][ T2942] ? shmem_alloc_inode+0x22/0x30 [ 75.026804][ T2942] __should_failslab+0x81/0x90 [ 75.031634][ T2942] ? shmem_match+0xa0/0xa0 [ 75.036064][ T2942] should_failslab+0x5/0x20 [ 75.040579][ T2942] kmem_cache_alloc+0x4f/0x320 [ 75.045347][ T2942] ? shmem_match+0xa0/0xa0 [ 75.049787][ T2942] shmem_alloc_inode+0x22/0x30 [ 75.054566][ T2942] new_inode_pseudo+0x38/0x190 [ 75.059382][ T2942] new_inode+0x21/0x100 [ 75.063800][ T2942] shmem_get_inode+0xb7/0x490 [ 75.068662][ T2942] __shmem_file_setup+0xf1/0x1d0 [ 75.073652][ T2942] shmem_file_setup+0x37/0x40 [ 75.078339][ T2942] __se_sys_memfd_create+0x1c1/0x350 [ 75.083685][ T2942] __x64_sys_memfd_create+0x2d/0x40 [ 75.088919][ T2942] do_syscall_64+0x44/0xd0 [ 75.093424][ T2942] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.099329][ T2942] RIP: 0033:0x7f8caf5f1e99 14:57:22 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x1, "2156816c73038c"}) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000004d080)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x3, "15ad9d59ef1691"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004e080)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r7}], 0xd3, "44aad698c8727b"}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x9, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4c}, {0x6}]}, 0x10) sendmmsg(r8, &(0x7f0000001bc0)=[{{0x0, 0x0, &(0x7f0000001980)=[{0x0}], 0x1}}], 0x1, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000009c0)=[{{&(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="3c0000000000d356d2da94848f8fa91f7a0000000000007f000001ac1e00010000000007030000d7b00000655200000000c97c0000000000000000000000000000000000000000000000000000000000000000e98a20d55d80d9a9c969a7ae701ae0af24329d7d0c1dc0b100d268d7be136b775636d2339764737e1b8932ddc369bd2edcbfcf54f0674cccf4e2a1e8a01853cb6e2df97b39ed43dafb4b82ad7bfeefaef5c30c049bc812c0e69dc76615eb22daad779465c38073336b3813fcbbf4d0d12ca3e03083084b7cd2b2003a9d8d7ff79f5f8c3dcb"], 0x40}}], 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000080)) mount(0x0, &(0x7f00000002c0)='./bus\x00', &(0x7f0000000400)='cgroup\x00', 0x0, &(0x7f0000000440)='none\x00') [ 75.103743][ T2942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 75.123357][ T2942] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 75.131780][ T2942] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 [ 75.139754][ T2942] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 [ 75.147909][ T2942] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 75.155959][ T2942] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 [ 75.163923][ T2942] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 75.171915][ T2942] 14:57:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:22 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100", 0x2, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100", 0x2, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:22 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) (async) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, 0x0) (async) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x1, "2156816c73038c"}) (async) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000004d080)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x3, "15ad9d59ef1691"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004e080)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r7}], 0xd3, "44aad698c8727b"}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x9, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4c}, {0x6}]}, 0x10) (async) sendmmsg(r8, &(0x7f0000001bc0)=[{{0x0, 0x0, &(0x7f0000001980)=[{0x0}], 0x1}}], 0x1, 0x0) (async) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) (async) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000009c0)=[{{&(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="3c0000000000d356d2da94848f8fa91f7a0000000000007f000001ac1e00010000000007030000d7b00000655200000000c97c0000000000000000000000000000000000000000000000000000000000000000e98a20d55d80d9a9c969a7ae701ae0af24329d7d0c1dc0b100d268d7be136b775636d2339764737e1b8932ddc369bd2edcbfcf54f0674cccf4e2a1e8a01853cb6e2df97b39ed43dafb4b82ad7bfeefaef5c30c049bc812c0e69dc76615eb22daad779465c38073336b3813fcbbf4d0d12ca3e03083084b7cd2b2003a9d8d7ff79f5f8c3dcb"], 0x40}}], 0x2, 0x0) (async) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000080)) (async) mount(0x0, &(0x7f00000002c0)='./bus\x00', &(0x7f0000000400)='cgroup\x00', 0x0, &(0x7f0000000440)='none\x00') 14:57:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 4) [ 75.200706][ T2944] cgroup: Need name or subsystem set 14:57:22 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[{@fat=@check_strict}], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 75.240006][ T2951] loop5: detected capacity change from 0 to 4 [ 75.241599][ T2952] loop0: detected capacity change from 0 to 1024 [ 75.257581][ T2960] loop1: detected capacity change from 0 to 1024 [ 75.264081][ T2951] EXT4-fs (loop5): unsupported descriptor size 0 [ 75.266147][ T2962] FAULT_INJECTION: forcing a failure. [ 75.266147][ T2962] name failslab, interval 1, probability 0, space 0, times 0 14:57:22 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x1, "2156816c73038c"}) r3 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000004d080)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x3, "15ad9d59ef1691"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004e080)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r7}], 0xd3, "44aad698c8727b"}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x9, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4c}, {0x6}]}, 0x10) sendmmsg(r8, &(0x7f0000001bc0)=[{{0x0, 0x0, &(0x7f0000001980)=[{0x0}], 0x1}}], 0x1, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000009c0)=[{{&(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="3c0000000000d356d2da94848f8fa91f7a0000000000007f000001ac1e00010000000007030000d7b00000655200000000c97c0000000000000000000000000000000000000000000000000000000000000000e98a20d55d80d9a9c969a7ae701ae0af24329d7d0c1dc0b100d268d7be136b775636d2339764737e1b8932ddc369bd2edcbfcf54f0674cccf4e2a1e8a01853cb6e2df97b39ed43dafb4b82ad7bfeefaef5c30c049bc812c0e69dc76615eb22daad779465c38073336b3813fcbbf4d0d12ca3e03083084b7cd2b2003a9d8d7ff79f5f8c3dcb"], 0x40}}], 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000080)) mount(0x0, &(0x7f00000002c0)='./bus\x00', &(0x7f0000000400)='cgroup\x00', 0x0, &(0x7f0000000440)='none\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) (async) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) (async) syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x0) (async) ioctl$SG_IO(r1, 0x2285, 0x0) (async) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x1, [], 0x1, "2156816c73038c"}) (async) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)) (async) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1, "2156816c73038c"}) (async) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000004d080)={0x7, [], 0x3, "15ad9d59ef1691"}) (async) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004e080)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r7}], 0xd3, "44aad698c8727b"}) (async) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) (async) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x9, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000040)=[{0x20}, {0x4c}, {0x6}]}, 0x10) (async) sendmmsg(r8, &(0x7f0000001bc0)=[{{0x0, 0x0, &(0x7f0000001980)=[{0x0}], 0x1}}], 0x1, 0x0) (async) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) (async) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000009c0)=[{{&(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="3c0000000000d356d2da94848f8fa91f7a0000000000007f000001ac1e00010000000007030000d7b00000655200000000c97c0000000000000000000000000000000000000000000000000000000000000000e98a20d55d80d9a9c969a7ae701ae0af24329d7d0c1dc0b100d268d7be136b775636d2339764737e1b8932ddc369bd2edcbfcf54f0674cccf4e2a1e8a01853cb6e2df97b39ed43dafb4b82ad7bfeefaef5c30c049bc812c0e69dc76615eb22daad779465c38073336b3813fcbbf4d0d12ca3e03083084b7cd2b2003a9d8d7ff79f5f8c3dcb"], 0x40}}], 0x2, 0x0) (async) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000080)) (async) mount(0x0, &(0x7f00000002c0)='./bus\x00', &(0x7f0000000400)='cgroup\x00', 0x0, &(0x7f0000000440)='none\x00') (async) [ 75.283032][ T2962] CPU: 0 PID: 2962 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 75.286974][ T2952] EXT4-fs warning (device loop0): read_mmp_block:107: Error -117 while reading MMP block 0 [ 75.291702][ T2962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.291715][ T2962] Call Trace: [ 75.291722][ T2962] [ 75.291728][ T2962] dump_stack_lvl+0xd6/0x122 [ 75.291753][ T2962] dump_stack+0x11/0x1b [ 75.303307][ T2960] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 14:57:22 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 1) [ 75.311768][ T2962] should_fail+0x23c/0x250 [ 75.311792][ T2962] ? security_inode_alloc+0x30/0x180 [ 75.311813][ T2962] __should_failslab+0x81/0x90 [ 75.319532][ T2964] cgroup: Need name or subsystem set [ 75.322638][ T2962] should_failslab+0x5/0x20 [ 75.322663][ T2962] kmem_cache_alloc+0x4f/0x320 [ 75.322725][ T2962] security_inode_alloc+0x30/0x180 [ 75.322747][ T2962] inode_init_always+0x214/0x3e0 [ 75.322766][ T2962] ? shmem_match+0xa0/0xa0 [ 75.322787][ T2962] new_inode_pseudo+0x6f/0x190 [ 75.322806][ T2962] new_inode+0x21/0x100 [ 75.322896][ T2962] shmem_get_inode+0xb7/0x490 [ 75.322919][ T2962] __shmem_file_setup+0xf1/0x1d0 [ 75.322940][ T2962] shmem_file_setup+0x37/0x40 [ 75.356735][ T2985] FAULT_INJECTION: forcing a failure. [ 75.356735][ T2985] name failslab, interval 1, probability 0, space 0, times 0 [ 75.356842][ T2962] __se_sys_memfd_create+0x1c1/0x350 [ 75.421425][ T2962] __x64_sys_memfd_create+0x2d/0x40 [ 75.426650][ T2962] do_syscall_64+0x44/0xd0 [ 75.431092][ T2962] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.437027][ T2962] RIP: 0033:0x7f8caf5f1e99 [ 75.441426][ T2962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 75.461075][ T2962] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 75.469469][ T2962] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 [ 75.477431][ T2962] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 [ 75.485384][ T2962] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 75.493422][ T2962] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 [ 75.501376][ T2962] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 75.509477][ T2962] [ 75.512482][ T2985] CPU: 1 PID: 2985 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 75.521165][ T2985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.531215][ T2985] Call Trace: [ 75.534588][ T2985] [ 75.537522][ T2985] dump_stack_lvl+0xd6/0x122 [ 75.539115][ T2987] FAULT_INJECTION: forcing a failure. [ 75.539115][ T2987] name failslab, interval 1, probability 0, space 0, times 0 [ 75.542115][ T2985] dump_stack+0x11/0x1b [ 75.542138][ T2985] should_fail+0x23c/0x250 [ 75.542156][ T2985] ? __se_sys_memfd_create+0xe9/0x350 [ 75.568588][ T2985] __should_failslab+0x81/0x90 [ 75.573415][ T2985] should_failslab+0x5/0x20 [ 75.578012][ T2985] __kmalloc+0x6f/0x370 [ 75.582207][ T2985] ? strnlen_user+0x137/0x1c0 [ 75.587287][ T2985] __se_sys_memfd_create+0xe9/0x350 [ 75.592472][ T2985] __x64_sys_memfd_create+0x2d/0x40 [ 75.597712][ T2985] do_syscall_64+0x44/0xd0 [ 75.602140][ T2985] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.608020][ T2985] RIP: 0033:0x7fbd63e3be99 [ 75.612487][ T2985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 75.632179][ T2985] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 14:57:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 5) [ 75.640588][ T2985] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 [ 75.648549][ T2985] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 75.656584][ T2985] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 [ 75.664584][ T2985] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 75.672661][ T2985] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 75.680622][ T2985] [ 75.683624][ T2987] CPU: 0 PID: 2987 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 75.692322][ T2987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.702365][ T2987] Call Trace: [ 75.705649][ T2987] [ 75.708565][ T2987] dump_stack_lvl+0xd6/0x122 [ 75.713206][ T2987] dump_stack+0x11/0x1b [ 75.717350][ T2987] should_fail+0x23c/0x250 [ 75.721842][ T2987] ? __d_alloc+0x36/0x370 [ 75.726350][ T2987] __should_failslab+0x81/0x90 [ 75.731100][ T2987] should_failslab+0x5/0x20 [ 75.735592][ T2987] kmem_cache_alloc+0x4f/0x320 [ 75.740341][ T2987] ? security_inode_alloc+0x138/0x180 [ 75.745703][ T2987] ? __init_rwsem+0x59/0x70 [ 75.750206][ T2987] __d_alloc+0x36/0x370 [ 75.754431][ T2987] d_alloc_pseudo+0x1a/0x50 [ 75.758919][ T2987] alloc_file_pseudo+0x77/0x150 [ 75.763765][ T2987] ? __shmem_file_setup+0x125/0x1d0 [ 75.769081][ T2987] __shmem_file_setup+0x14c/0x1d0 [ 75.774108][ T2987] shmem_file_setup+0x37/0x40 [ 75.778784][ T2987] __se_sys_memfd_create+0x1c1/0x350 [ 75.784204][ T2987] __x64_sys_memfd_create+0x2d/0x40 [ 75.789440][ T2987] do_syscall_64+0x44/0xd0 [ 75.794002][ T2987] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.799889][ T2987] RIP: 0033:0x7f8caf5f1e99 [ 75.804287][ T2987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 75.823886][ T2987] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 75.832295][ T2987] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 14:57:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:23 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100", 0x2, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:23 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 2) [ 75.840254][ T2987] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 [ 75.848213][ T2987] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 75.856238][ T2987] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 [ 75.864235][ T2987] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 75.872205][ T2987] [ 75.914172][ T2992] FAULT_INJECTION: forcing a failure. [ 75.914172][ T2992] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.927323][ T2992] CPU: 0 PID: 2992 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 75.935999][ T2992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.941021][ T2994] loop1: detected capacity change from 0 to 1024 [ 75.946235][ T2992] Call Trace: [ 75.946243][ T2992] [ 75.946249][ T2992] dump_stack_lvl+0xd6/0x122 14:57:23 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8241000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x51}, {&(0x7f0000000040)="53000000feffffff030400000000200010004d2000000000000000200000000000000000", 0xffffffe5}], 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000080), &(0x7f00000001c0)={0x0, 0xfb, 0x7b, 0x0, 0x3f, "f3c8053b9551b35da615da34ddbf87db", "64833a3bd943cfe3a14e128a4b759a03290aedddfff898480c92c91584ff13fb7bd787cf09f5b560bdb44eb2d3cc2e4c696ea0c6ca80ff09adce10baf21cfdb933338f123d48a65f1d1bdac393c52b4aaaa12cd7e6b55ccda692f2a4684a447cb7b5b62d0b1c"}, 0x7b, 0x1) [ 75.946273][ T2992] dump_stack+0x11/0x1b [ 75.946291][ T2992] should_fail+0x23c/0x250 [ 75.954000][ T2994] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 75.955873][ T2992] should_fail_usercopy+0x16/0x20 [ 75.955930][ T2992] _copy_from_user+0x1c/0xd0 [ 75.961118][ T2995] loop5: detected capacity change from 0 to 4 [ 75.963423][ T2992] __se_sys_memfd_create+0x125/0x350 [ 75.963449][ T2992] __x64_sys_memfd_create+0x2d/0x40 [ 75.963489][ T2992] do_syscall_64+0x44/0xd0 [ 75.963509][ T2992] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.977829][ T2995] EXT4-fs (loop5): unsupported descriptor size 0 [ 75.982103][ T2992] RIP: 0033:0x7fbd63e3be99 [ 75.982120][ T2992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 75.982136][ T2992] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 75.989152][ T2997] sg_write: data in/out 4096/35 bytes for SCSI command 0x2a-- guessing data in; [ 75.989152][ T2997] program syz-executor.0 not setting count and/or reply_len properly [ 75.991735][ T2992] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 [ 75.991749][ T2992] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 75.991761][ T2992] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 [ 75.991773][ T2992] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 75.991784][ T2992] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 14:57:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 6) [ 76.114661][ T2992] 14:57:23 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8241000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x51}, {&(0x7f0000000040)="53000000feffffff030400000000200010004d2000000000000000200000000000000000", 0xffffffe5}], 0x2) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) (async) fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000080), &(0x7f00000001c0)={0x0, 0xfb, 0x7b, 0x0, 0x3f, "f3c8053b9551b35da615da34ddbf87db", "64833a3bd943cfe3a14e128a4b759a03290aedddfff898480c92c91584ff13fb7bd787cf09f5b560bdb44eb2d3cc2e4c696ea0c6ca80ff09adce10baf21cfdb933338f123d48a65f1d1bdac393c52b4aaaa12cd7e6b55ccda692f2a4684a447cb7b5b62d0b1c"}, 0x7b, 0x1) 14:57:23 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}, {@uid_gt={'uid>', 0xee01}}, {@subj_type}]}) [ 76.137837][ T3000] FAULT_INJECTION: forcing a failure. [ 76.137837][ T3000] name failslab, interval 1, probability 0, space 0, times 0 [ 76.150604][ T3000] CPU: 0 PID: 3000 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 76.159276][ T3000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.168295][ T3002] sg_write: data in/out 4096/35 bytes for SCSI command 0x2a-- guessing data in; [ 76.168295][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.169326][ T3000] Call Trace: [ 76.169334][ T3000] [ 76.169341][ T3000] dump_stack_lvl+0xd6/0x122 [ 76.197406][ T3000] dump_stack+0x11/0x1b [ 76.201566][ T3000] should_fail+0x23c/0x250 [ 76.206070][ T3000] ? __alloc_file+0x2e/0x1a0 [ 76.210653][ T3000] __should_failslab+0x81/0x90 [ 76.215473][ T3000] should_failslab+0x5/0x20 [ 76.220100][ T3000] kmem_cache_alloc+0x4f/0x320 [ 76.224851][ T3000] __alloc_file+0x2e/0x1a0 [ 76.229254][ T3000] alloc_empty_file+0xcd/0x1c0 [ 76.234065][ T3000] alloc_file+0x3a/0x280 [ 76.238337][ T3000] alloc_file_pseudo+0xfa/0x150 [ 76.243231][ T3000] __shmem_file_setup+0x14c/0x1d0 [ 76.248304][ T3000] shmem_file_setup+0x37/0x40 [ 76.252991][ T3000] __se_sys_memfd_create+0x1c1/0x350 [ 76.258267][ T3000] __x64_sys_memfd_create+0x2d/0x40 [ 76.263454][ T3000] do_syscall_64+0x44/0xd0 [ 76.267857][ T3000] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.273795][ T3000] RIP: 0033:0x7f8caf5f1e99 [ 76.278243][ T3000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 76.297919][ T3000] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 76.306339][ T3000] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 [ 76.314360][ T3000] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 [ 76.322410][ T3000] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 76.330368][ T3000] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 14:57:23 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 3) 14:57:23 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a", 0xc, 0x560}], 0x0, &(0x7f0000012b00)) [ 76.338326][ T3000] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 76.346315][ T3000] [ 76.350378][ T3002] sg_write: data in/out 4096/35 bytes for SCSI command 0x2a-- guessing data in; [ 76.350378][ T3002] program syz-executor.0 not setting count and/or reply_len properly 14:57:23 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}, {@uid_gt={'uid>', 0xee01}}]}) 14:57:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 7) [ 76.397829][ T3007] loop1: detected capacity change from 0 to 1024 [ 76.410943][ T3011] FAULT_INJECTION: forcing a failure. [ 76.410943][ T3011] name failslab, interval 1, probability 0, space 0, times 0 [ 76.418974][ T3014] FAULT_INJECTION: forcing a failure. [ 76.418974][ T3014] name failslab, interval 1, probability 0, space 0, times 0 [ 76.423664][ T3011] CPU: 0 PID: 3011 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 76.444824][ T3011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.454876][ T3011] Call Trace: [ 76.458216][ T3011] [ 76.461190][ T3011] dump_stack_lvl+0xd6/0x122 [ 76.465906][ T3011] dump_stack+0x11/0x1b [ 76.470155][ T3011] should_fail+0x23c/0x250 [ 76.474579][ T3011] ? shmem_alloc_inode+0x22/0x30 [ 76.479529][ T3011] __should_failslab+0x81/0x90 [ 76.484407][ T3011] ? shmem_match+0xa0/0xa0 [ 76.488874][ T3011] should_failslab+0x5/0x20 [ 76.493423][ T3011] kmem_cache_alloc+0x4f/0x320 [ 76.498176][ T3011] ? shmem_match+0xa0/0xa0 [ 76.502577][ T3011] shmem_alloc_inode+0x22/0x30 [ 76.507327][ T3011] new_inode_pseudo+0x38/0x190 [ 76.512114][ T3011] new_inode+0x21/0x100 [ 76.516341][ T3011] shmem_get_inode+0xb7/0x490 [ 76.521013][ T3011] __shmem_file_setup+0xf1/0x1d0 [ 76.525954][ T3011] shmem_file_setup+0x37/0x40 [ 76.530698][ T3011] __se_sys_memfd_create+0x1c1/0x350 [ 76.535984][ T3011] __x64_sys_memfd_create+0x2d/0x40 [ 76.541214][ T3011] do_syscall_64+0x44/0xd0 [ 76.545616][ T3011] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.551501][ T3011] RIP: 0033:0x7fbd63e3be99 [ 76.555998][ T3011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 76.575619][ T3011] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 76.584071][ T3011] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 [ 76.592026][ T3011] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 76.599982][ T3011] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 [ 76.608003][ T3011] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 76.615956][ T3011] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 76.623934][ T3011] [ 76.626935][ T3014] CPU: 1 PID: 3014 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 76.636093][ T3014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.637084][ T3012] loop5: detected capacity change from 0 to 4 [ 76.646168][ T3014] Call Trace: [ 76.646176][ T3014] [ 76.646182][ T3014] dump_stack_lvl+0xd6/0x122 [ 76.646206][ T3014] dump_stack+0x11/0x1b [ 76.653480][ T3002] sg_write: data in/out 3223822/2147479429 bytes for SCSI command 0x0-- guessing data in; [ 76.653480][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.655611][ T3014] should_fail+0x23c/0x250 [ 76.658691][ T3002] sg_write: data in/out 4096/35 bytes for SCSI command 0x2a-- guessing data in; [ 76.658691][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.663125][ T3014] ? security_file_alloc+0x30/0x190 [ 76.663147][ T3014] __should_failslab+0x81/0x90 [ 76.667937][ T3002] sg_write: data in/out 3223822/2147479429 bytes for SCSI command 0x0-- guessing data in; [ 76.667937][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.685481][ T3014] should_failslab+0x5/0x20 [ 76.690867][ T3002] sg_write: data in/out 4096/35 bytes for SCSI command 0x2a-- guessing data in; [ 76.690867][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.707064][ T3014] kmem_cache_alloc+0x4f/0x320 [ 76.712654][ T3002] sg_write: data in/out 3223822/2147479429 bytes for SCSI command 0x0-- guessing data in; [ 76.712654][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.717033][ T3014] security_file_alloc+0x30/0x190 [ 76.717057][ T3014] __alloc_file+0x83/0x1a0 [ 76.717076][ T3014] alloc_empty_file+0xcd/0x1c0 [ 76.717111][ T3014] alloc_file+0x3a/0x280 [ 76.735359][ T3002] sg_write: data in/out 4096/35 bytes for SCSI command 0x2a-- guessing data in; [ 76.735359][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.739706][ T3014] alloc_file_pseudo+0xfa/0x150 [ 76.757547][ T3002] sg_write: data in/out 3223822/2147479429 bytes for SCSI command 0x0-- guessing data in; [ 76.757547][ T3002] program syz-executor.0 not setting count and/or reply_len properly [ 76.761621][ T3014] __shmem_file_setup+0x14c/0x1d0 [ 76.761646][ T3014] shmem_file_setup+0x37/0x40 [ 76.848218][ T3014] __se_sys_memfd_create+0x1c1/0x350 [ 76.853525][ T3014] __x64_sys_memfd_create+0x2d/0x40 [ 76.858711][ T3014] do_syscall_64+0x44/0xd0 [ 76.863168][ T3014] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.869049][ T3014] RIP: 0033:0x7f8caf5f1e99 [ 76.873453][ T3014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 76.893042][ T3014] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 76.901442][ T3014] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f8caf5f1e99 [ 76.909399][ T3014] RDX: 00007f8cae767fe0 RSI: 0000000000000000 RDI: 00007f8caf64b168 [ 76.917351][ T3014] RBP: 0000000000000000 R08: 00007f8cae767fd8 R09: 00007f8cae7681d0 [ 76.925342][ T3014] R10: 00007f8cae767fdc R11: 0000000000000246 R12: 0000000020000000 [ 76.933295][ T3014] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 76.941254][ T3014] 14:57:24 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 4) 14:57:24 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 8) 14:57:24 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:24 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8241000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x51}, {&(0x7f0000000040)="53000000feffffff030400000000200010004d2000000000000000200000000000000000", 0xffffffe5}], 0x2) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000080), &(0x7f00000001c0)={0x0, 0xfb, 0x7b, 0x0, 0x3f, "f3c8053b9551b35da615da34ddbf87db", "64833a3bd943cfe3a14e128a4b759a03290aedddfff898480c92c91584ff13fb7bd787cf09f5b560bdb44eb2d3cc2e4c696ea0c6ca80ff09adce10baf21cfdb933338f123d48a65f1d1bdac393c52b4aaaa12cd7e6b55ccda692f2a4684a447cb7b5b62d0b1c"}, 0x7b, 0x1) [ 76.958081][ T3012] EXT4-fs (loop5): unsupported descriptor size 0 [ 76.964648][ T3007] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 77.008791][ T3022] FAULT_INJECTION: forcing a failure. [ 77.008791][ T3022] name failslab, interval 1, probability 0, space 0, times 0 [ 77.009981][ T3023] FAULT_INJECTION: forcing a failure. [ 77.009981][ T3023] name failslab, interval 1, probability 0, space 0, times 0 [ 77.021480][ T3022] CPU: 1 PID: 3022 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 77.042673][ T3022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.052732][ T3022] Call Trace: [ 77.056046][ T3022] [ 77.058970][ T3022] dump_stack_lvl+0xd6/0x122 [ 77.063547][ T3022] dump_stack+0x11/0x1b [ 77.067684][ T3022] should_fail+0x23c/0x250 [ 77.072164][ T3022] ? security_inode_alloc+0x30/0x180 [ 77.077470][ T3022] __should_failslab+0x81/0x90 [ 77.082252][ T3022] should_failslab+0x5/0x20 [ 77.086799][ T3022] kmem_cache_alloc+0x4f/0x320 [ 77.091549][ T3022] security_inode_alloc+0x30/0x180 [ 77.096644][ T3022] inode_init_always+0x214/0x3e0 [ 77.101561][ T3022] ? shmem_match+0xa0/0xa0 [ 77.105962][ T3022] new_inode_pseudo+0x6f/0x190 [ 77.110744][ T3022] new_inode+0x21/0x100 [ 77.114884][ T3022] shmem_get_inode+0xb7/0x490 [ 77.119590][ T3022] __shmem_file_setup+0xf1/0x1d0 [ 77.124665][ T3022] shmem_file_setup+0x37/0x40 [ 77.129373][ T3022] __se_sys_memfd_create+0x1c1/0x350 [ 77.134701][ T3022] __x64_sys_memfd_create+0x2d/0x40 [ 77.139901][ T3022] do_syscall_64+0x44/0xd0 [ 77.144377][ T3022] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.150256][ T3022] RIP: 0033:0x7fbd63e3be99 [ 77.154716][ T3022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 77.174400][ T3022] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 77.182799][ T3022] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 [ 77.190804][ T3022] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 77.198758][ T3022] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 14:57:24 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 5) [ 77.206713][ T3022] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 77.214732][ T3022] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 77.222691][ T3022] [ 77.225690][ T3023] CPU: 0 PID: 3023 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 77.234365][ T3023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.244467][ T3023] Call Trace: [ 77.247744][ T3023] [ 77.250671][ T3023] dump_stack_lvl+0xd6/0x122 [ 77.254988][ T3027] FAULT_INJECTION: forcing a failure. [ 77.254988][ T3027] name failslab, interval 1, probability 0, space 0, times 0 [ 77.255375][ T3023] dump_stack+0x11/0x1b [ 77.255398][ T3023] should_fail+0x23c/0x250 [ 77.255416][ T3023] ? getname_flags+0x84/0x3f0 [ 77.281132][ T3023] __should_failslab+0x81/0x90 [ 77.285884][ T3023] should_failslab+0x5/0x20 [ 77.290376][ T3023] kmem_cache_alloc+0x4f/0x320 [ 77.295123][ T3023] getname_flags+0x84/0x3f0 [ 77.299609][ T3023] ? up_write+0x25/0xc0 [ 77.303792][ T3023] getname+0x15/0x20 [ 77.307669][ T3023] do_sys_openat2+0x6d/0x2b0 [ 77.312294][ T3023] __x64_sys_openat+0xef/0x110 [ 77.317105][ T3023] do_syscall_64+0x44/0xd0 [ 77.321503][ T3023] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.327446][ T3023] RIP: 0033:0x7f8caf5a4db4 [ 77.331935][ T3023] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 77.351799][ T3023] RSP: 002b:00007f8cae767eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 77.360210][ T3023] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5a4db4 [ 77.368194][ T3023] RDX: 0000000000000002 RSI: 00007f8cae767fe0 RDI: 00000000ffffff9c [ 77.376257][ T3023] RBP: 00007f8cae767fe0 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 77.384295][ T3023] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 77.392313][ T3023] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 77.400273][ T3023] [ 77.403274][ T3027] CPU: 1 PID: 3027 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 77.411949][ T3027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.422148][ T3027] Call Trace: [ 77.425422][ T3027] [ 77.428338][ T3027] dump_stack_lvl+0xd6/0x122 [ 77.432984][ T3027] dump_stack+0x11/0x1b [ 77.437131][ T3027] should_fail+0x23c/0x250 [ 77.441553][ T3027] ? __d_alloc+0x36/0x370 [ 77.445865][ T3027] __should_failslab+0x81/0x90 [ 77.450681][ T3027] should_failslab+0x5/0x20 [ 77.455235][ T3027] kmem_cache_alloc+0x4f/0x320 [ 77.459988][ T3027] ? security_inode_alloc+0x138/0x180 [ 77.465417][ T3027] ? __init_rwsem+0x59/0x70 [ 77.469912][ T3027] __d_alloc+0x36/0x370 [ 77.474050][ T3027] ? debug_smp_processor_id+0x18/0x20 [ 77.479438][ T3027] d_alloc_pseudo+0x1a/0x50 [ 77.483927][ T3027] alloc_file_pseudo+0x77/0x150 [ 77.488804][ T3027] __shmem_file_setup+0x14c/0x1d0 [ 77.493905][ T3027] shmem_file_setup+0x37/0x40 [ 77.498682][ T3027] __se_sys_memfd_create+0x1c1/0x350 [ 77.503955][ T3027] __x64_sys_memfd_create+0x2d/0x40 [ 77.509148][ T3027] do_syscall_64+0x44/0xd0 [ 77.513586][ T3027] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.519471][ T3027] RIP: 0033:0x7fbd63e3be99 [ 77.523872][ T3027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 77.543499][ T3027] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 77.552069][ T3027] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 14:57:24 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:24 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 9) [ 77.560031][ T3027] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 77.568167][ T3027] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 [ 77.576166][ T3027] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 77.584121][ T3027] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 77.592081][ T3027] 14:57:24 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:24 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a", 0xc, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:24 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000040), &(0x7f0000000100)=0x68) set_mempolicy(0x3, &(0x7f00000000c0)=0x7, 0x4) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) [ 77.627460][ T3030] loop5: detected capacity change from 0 to 4 [ 77.650710][ T3034] FAULT_INJECTION: forcing a failure. [ 77.650710][ T3034] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.653229][ T3030] EXT4-fs (loop5): unsupported descriptor size 0 [ 77.663819][ T3034] CPU: 0 PID: 3034 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 77.678802][ T3034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.688853][ T3034] Call Trace: [ 77.692132][ T3034] [ 77.695067][ T3034] dump_stack_lvl+0xd6/0x122 [ 77.699670][ T3034] dump_stack+0x11/0x1b [ 77.703897][ T3034] should_fail+0x23c/0x250 [ 77.708317][ T3034] should_fail_usercopy+0x16/0x20 [ 77.713346][ T3034] strncpy_from_user+0x21/0x250 [ 77.718217][ T3034] getname_flags+0xb8/0x3f0 [ 77.722729][ T3034] getname+0x15/0x20 [ 77.726617][ T3034] do_sys_openat2+0x6d/0x2b0 [ 77.731254][ T3034] __x64_sys_openat+0xef/0x110 [ 77.736075][ T3034] do_syscall_64+0x44/0xd0 [ 77.740521][ T3034] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.746445][ T3034] RIP: 0033:0x7f8caf5a4db4 [ 77.750874][ T3034] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 14:57:25 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 6) [ 77.770498][ T3034] RSP: 002b:00007f8cae767eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 77.778928][ T3034] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5a4db4 [ 77.787014][ T3034] RDX: 0000000000000002 RSI: 00007f8cae767fe0 RDI: 00000000ffffff9c [ 77.794973][ T3034] RBP: 00007f8cae767fe0 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 77.803283][ T3034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 77.811610][ T3034] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 77.819579][ T3034] [ 77.842661][ T24] kauditd_printk_skb: 5 callbacks suppressed [ 77.842673][ T24] audit: type=1400 audit(1639666645.073:153): avc: denied { ioctl } for pid=3035 comm="syz-executor.0" path="socket:[19714]" dev="sockfs" ino=19714 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 77.875528][ T3040] FAULT_INJECTION: forcing a failure. [ 77.875528][ T3040] name failslab, interval 1, probability 0, space 0, times 0 [ 77.888175][ T3040] CPU: 0 PID: 3040 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 77.896889][ T3040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.906948][ T3040] Call Trace: [ 77.910278][ T3040] [ 77.913208][ T3040] dump_stack_lvl+0xd6/0x122 [ 77.917877][ T3040] dump_stack+0x11/0x1b [ 77.922037][ T3040] should_fail+0x23c/0x250 [ 77.926462][ T3040] ? __alloc_file+0x2e/0x1a0 [ 77.931086][ T3040] __should_failslab+0x81/0x90 [ 77.935858][ T3040] should_failslab+0x5/0x20 [ 77.940369][ T3040] kmem_cache_alloc+0x4f/0x320 [ 77.945162][ T3040] __alloc_file+0x2e/0x1a0 [ 77.949603][ T3040] alloc_empty_file+0xcd/0x1c0 [ 77.954427][ T3040] alloc_file+0x3a/0x280 [ 77.958671][ T3040] alloc_file_pseudo+0xfa/0x150 [ 77.963575][ T3040] __shmem_file_setup+0x14c/0x1d0 [ 77.965840][ T3039] loop1: detected capacity change from 0 to 1024 [ 77.968678][ T3040] shmem_file_setup+0x37/0x40 [ 77.979664][ T3040] __se_sys_memfd_create+0x1c1/0x350 [ 77.985055][ T3040] __x64_sys_memfd_create+0x2d/0x40 [ 77.990271][ T3040] do_syscall_64+0x44/0xd0 [ 77.994690][ T3040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.999267][ T3036] bridge0: port 3(ipvlan2) entered blocking state [ 78.000640][ T3040] RIP: 0033:0x7fbd63e3be99 [ 78.007086][ T3036] bridge0: port 3(ipvlan2) entered disabled state [ 78.017979][ T3040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:25 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 10) 14:57:25 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) [ 78.037644][ T3040] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 78.046051][ T3040] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 [ 78.054007][ T3040] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 78.061962][ T3040] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 [ 78.070178][ T3040] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 78.078132][ T3040] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 78.086153][ T3040] 14:57:25 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)) 14:57:25 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a", 0xc, 0x560}], 0x0, &(0x7f0000012b00)) [ 78.097618][ T24] audit: type=1400 audit(1639666645.193:154): avc: denied { getopt } for pid=3035 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 78.122102][ T3039] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 78.163411][ T3044] FAULT_INJECTION: forcing a failure. [ 78.163411][ T3044] name failslab, interval 1, probability 0, space 0, times 0 [ 78.176668][ T3044] CPU: 1 PID: 3044 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 78.185353][ T3044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.195444][ T3044] Call Trace: [ 78.198726][ T3044] [ 78.201666][ T3044] dump_stack_lvl+0xd6/0x122 [ 78.206299][ T3044] dump_stack+0x11/0x1b [ 78.210463][ T3044] should_fail+0x23c/0x250 [ 78.214977][ T3044] ? __alloc_file+0x2e/0x1a0 [ 78.219642][ T3044] __should_failslab+0x81/0x90 [ 78.224443][ T3044] should_failslab+0x5/0x20 [ 78.228968][ T3044] kmem_cache_alloc+0x4f/0x320 [ 78.233737][ T3044] __alloc_file+0x2e/0x1a0 [ 78.238156][ T3044] alloc_empty_file+0xcd/0x1c0 [ 78.242929][ T3044] path_openat+0x6a/0x1eb0 [ 78.247371][ T3044] ? avc_has_perm_noaudit+0x1c0/0x270 [ 78.252787][ T3044] ? avc_has_perm+0x70/0x160 [ 78.257458][ T3044] ? avc_has_perm+0xd5/0x160 [ 78.262080][ T3044] do_filp_open+0x105/0x220 [ 78.266734][ T3044] do_sys_openat2+0xb5/0x2b0 [ 78.271418][ T3044] __x64_sys_openat+0xef/0x110 [ 78.276191][ T3044] do_syscall_64+0x44/0xd0 [ 78.280615][ T3044] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.286622][ T3044] RIP: 0033:0x7f8caf5a4db4 [ 78.291168][ T3044] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 78.310847][ T3044] RSP: 002b:00007f8cae767eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 78.319345][ T3044] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5a4db4 [ 78.327315][ T3044] RDX: 0000000000000002 RSI: 00007f8cae767fe0 RDI: 00000000ffffff9c [ 78.335322][ T3044] RBP: 00007f8cae767fe0 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 78.343390][ T3044] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 78.351454][ T3044] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 78.359429][ T3044] 14:57:25 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 11) 14:57:25 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 7) 14:57:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:25 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) (async) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) (async) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000040), &(0x7f0000000100)=0x68) set_mempolicy(0x3, &(0x7f00000000c0)=0x7, 0x4) (async, rerun: 32) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) (rerun: 32) [ 78.407204][ T3047] loop1: detected capacity change from 0 to 1024 [ 78.408906][ T3049] FAULT_INJECTION: forcing a failure. [ 78.408906][ T3049] name failslab, interval 1, probability 0, space 0, times 0 [ 78.426276][ T3049] CPU: 1 PID: 3049 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 78.434952][ T3049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.445007][ T3049] Call Trace: [ 78.446735][ T3055] FAULT_INJECTION: forcing a failure. [ 78.446735][ T3055] name failslab, interval 1, probability 0, space 0, times 0 [ 78.448280][ T3049] [ 78.463785][ T3049] dump_stack_lvl+0xd6/0x122 [ 78.468403][ T3049] dump_stack+0x11/0x1b [ 78.472627][ T3049] should_fail+0x23c/0x250 [ 78.477029][ T3049] ? security_file_alloc+0x30/0x190 [ 78.482225][ T3049] __should_failslab+0x81/0x90 [ 78.486976][ T3049] should_failslab+0x5/0x20 [ 78.491467][ T3049] kmem_cache_alloc+0x4f/0x320 [ 78.496296][ T3049] security_file_alloc+0x30/0x190 [ 78.501523][ T3049] __alloc_file+0x83/0x1a0 [ 78.506053][ T3049] alloc_empty_file+0xcd/0x1c0 [ 78.510974][ T3049] path_openat+0x6a/0x1eb0 [ 78.515375][ T3049] ? avc_has_perm_noaudit+0x1c0/0x270 [ 78.520764][ T3049] ? avc_has_perm+0x70/0x160 [ 78.525336][ T3049] ? avc_has_perm+0xd5/0x160 [ 78.529938][ T3049] do_filp_open+0x105/0x220 [ 78.534473][ T3049] do_sys_openat2+0xb5/0x2b0 [ 78.539050][ T3049] __x64_sys_openat+0xef/0x110 [ 78.543831][ T3049] do_syscall_64+0x44/0xd0 [ 78.548236][ T3049] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.554164][ T3049] RIP: 0033:0x7f8caf5a4db4 [ 78.558646][ T3049] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 78.578248][ T3049] RSP: 002b:00007f8cae767eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 78.586680][ T3049] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5a4db4 [ 78.594634][ T3049] RDX: 0000000000000002 RSI: 00007f8cae767fe0 RDI: 00000000ffffff9c [ 78.602651][ T3049] RBP: 00007f8cae767fe0 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 78.610621][ T3049] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 78.618575][ T3049] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 78.626572][ T3049] [ 78.629579][ T3055] CPU: 0 PID: 3055 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 78.638358][ T3055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.648427][ T3055] Call Trace: [ 78.651718][ T3055] [ 78.654633][ T3055] dump_stack_lvl+0xd6/0x122 [ 78.659272][ T3055] dump_stack+0x11/0x1b [ 78.663413][ T3055] should_fail+0x23c/0x250 [ 78.667817][ T3055] ? security_file_alloc+0x30/0x190 [ 78.673003][ T3055] __should_failslab+0x81/0x90 [ 78.677760][ T3055] should_failslab+0x5/0x20 [ 78.682255][ T3055] kmem_cache_alloc+0x4f/0x320 [ 78.687007][ T3055] security_file_alloc+0x30/0x190 [ 78.692015][ T3055] __alloc_file+0x83/0x1a0 [ 78.696413][ T3055] alloc_empty_file+0xcd/0x1c0 [ 78.701228][ T3055] alloc_file+0x3a/0x280 [ 78.705453][ T3055] alloc_file_pseudo+0xfa/0x150 [ 78.710315][ T3055] __shmem_file_setup+0x14c/0x1d0 [ 78.715395][ T3055] shmem_file_setup+0x37/0x40 [ 78.720056][ T3055] __se_sys_memfd_create+0x1c1/0x350 [ 78.725440][ T3055] __x64_sys_memfd_create+0x2d/0x40 [ 78.730647][ T3055] do_syscall_64+0x44/0xd0 [ 78.735067][ T3055] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.740972][ T3055] RIP: 0033:0x7fbd63e3be99 [ 78.745486][ T3055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 78.765078][ T3055] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 78.773543][ T3055] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3be99 [ 78.781500][ T3055] RDX: 00007fbd62fb1fe0 RSI: 0000000000000000 RDI: 00007fbd63e95168 [ 78.789537][ T3055] RBP: 0000000000000000 R08: 00007fbd62fb1fd8 R09: 00007fbd62fb21d0 [ 78.797548][ T3055] R10: 00007fbd62fb1fdc R11: 0000000000000246 R12: 0000000020000000 [ 78.805621][ T3055] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 78.813781][ T3055] [ 78.825137][ T3058] loop5: detected capacity change from 0 to 4 [ 78.836879][ T3057] bridge0: port 3(ipvlan2) entered blocking state [ 78.843349][ T3057] bridge0: port 3(ipvlan2) entered disabled state 14:57:26 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 1) 14:57:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 12) [ 78.854813][ T3058] EXT4-fs (loop5): unsupported descriptor size 0 [ 78.873205][ T3047] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 78.891112][ T3060] FAULT_INJECTION: forcing a failure. [ 78.891112][ T3060] name failslab, interval 1, probability 0, space 0, times 0 [ 78.903817][ T3060] CPU: 0 PID: 3060 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 78.912493][ T3060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.922548][ T3060] Call Trace: [ 78.925913][ T3060] [ 78.928842][ T3060] dump_stack_lvl+0xd6/0x122 [ 78.933510][ T3060] dump_stack+0x11/0x1b [ 78.937669][ T3060] should_fail+0x23c/0x250 [ 78.942086][ T3060] ? __se_sys_memfd_create+0xe9/0x350 [ 78.947464][ T3060] __should_failslab+0x81/0x90 [ 78.952281][ T3060] should_failslab+0x5/0x20 [ 78.956829][ T3060] __kmalloc+0x6f/0x370 [ 78.960983][ T3060] ? strnlen_user+0x137/0x1c0 [ 78.965725][ T3060] __se_sys_memfd_create+0xe9/0x350 [ 78.970912][ T3060] __x64_sys_memfd_create+0x2d/0x40 [ 78.976098][ T3060] do_syscall_64+0x44/0xd0 [ 78.980498][ T3060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.986475][ T3060] RIP: 0033:0x7fbc8e8dde99 [ 78.990910][ T3060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 79.010520][ T3060] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 79.018931][ T3060] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 [ 79.026888][ T3060] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 79.034845][ T3060] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 79.042862][ T3060] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 [ 79.050820][ T3060] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 79.058780][ T3060] [ 79.063885][ T3062] FAULT_INJECTION: forcing a failure. [ 79.063885][ T3062] name failslab, interval 1, probability 0, space 0, times 0 [ 79.076560][ T3062] CPU: 0 PID: 3062 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 79.085267][ T3062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.095323][ T3062] Call Trace: [ 79.098649][ T3062] [ 79.101727][ T3062] dump_stack_lvl+0xd6/0x122 [ 79.106319][ T3062] dump_stack+0x11/0x1b 14:57:26 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff", 0x11, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:26 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 8) 14:57:26 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 2) [ 79.110482][ T3062] should_fail+0x23c/0x250 [ 79.114912][ T3062] ? kzalloc+0x16/0x20 [ 79.119042][ T3062] __should_failslab+0x81/0x90 [ 79.123912][ T3062] should_failslab+0x5/0x20 [ 79.128426][ T3062] __kmalloc+0x6f/0x370 [ 79.132599][ T3062] ? iput+0x1cd/0x580 [ 79.136666][ T3062] kzalloc+0x16/0x20 [ 79.140580][ T3062] alloc_workqueue+0x12f/0xad0 [ 79.145419][ T3062] ? __rcu_read_unlock+0x5c/0x290 [ 79.150456][ T3062] ? preempt_count_add+0x4e/0x90 [ 79.155433][ T3062] ? _raw_spin_unlock+0x2e/0x50 [ 79.160289][ T3062] ? bd_prepare_to_claim+0x1ac/0x200 [ 79.165634][ T3062] loop_configure+0x70e/0xf30 [ 79.170423][ T3062] lo_ioctl+0x583/0x1270 [ 79.174705][ T3062] ? __rcu_read_unlock+0x5c/0x290 [ 79.179818][ T3062] ? blkdev_common_ioctl+0x438/0x1180 [ 79.185199][ T3062] ? selinux_file_ioctl+0x522/0x590 [ 79.190442][ T3062] ? do_vfs_ioctl+0x819/0x14a0 [ 79.195291][ T3062] ? lo_release+0x120/0x120 [ 79.199800][ T3062] blkdev_ioctl+0x20e/0x440 [ 79.204355][ T3062] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 79.209825][ T3062] __se_sys_ioctl+0xcb/0x140 [ 79.214500][ T3062] __x64_sys_ioctl+0x3f/0x50 [ 79.219185][ T3062] do_syscall_64+0x44/0xd0 [ 79.223616][ T3062] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.229575][ T3062] RIP: 0033:0x7f8caf5f1c57 [ 79.233994][ T3062] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 79.253621][ T3062] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 79.262068][ T3062] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5f1c57 [ 79.268021][ T3065] FAULT_INJECTION: forcing a failure. [ 79.268021][ T3065] name failslab, interval 1, probability 0, space 0, times 0 [ 79.270038][ T3062] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 79.290593][ T3062] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 79.298598][ T3062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 79.306596][ T3062] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 79.314557][ T3062] [ 79.317561][ T3065] CPU: 1 PID: 3065 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 79.326232][ T3065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.336275][ T3065] Call Trace: [ 79.339546][ T3065] [ 79.342461][ T3065] dump_stack_lvl+0xd6/0x122 [ 79.347042][ T3065] dump_stack+0x11/0x1b [ 79.351188][ T3065] should_fail+0x23c/0x250 [ 79.355648][ T3065] ? getname_flags+0x84/0x3f0 [ 79.360309][ T3065] __should_failslab+0x81/0x90 [ 79.365085][ T3065] should_failslab+0x5/0x20 [ 79.369647][ T3065] kmem_cache_alloc+0x4f/0x320 [ 79.374403][ T3065] getname_flags+0x84/0x3f0 [ 79.378983][ T3065] ? up_write+0x25/0xc0 [ 79.383175][ T3065] getname+0x15/0x20 [ 79.387054][ T3065] do_sys_openat2+0x6d/0x2b0 [ 79.391663][ T3065] __x64_sys_openat+0xef/0x110 [ 79.396470][ T3065] do_syscall_64+0x44/0xd0 [ 79.400875][ T3065] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.406797][ T3065] RIP: 0033:0x7fbd63deedb4 [ 79.411194][ T3065] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 79.430906][ T3065] RSP: 002b:00007fbd62fb1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 79.439366][ T3065] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63deedb4 [ 79.447409][ T3065] RDX: 0000000000000002 RSI: 00007fbd62fb1fe0 RDI: 00000000ffffff9c [ 79.455392][ T3065] RBP: 00007fbd62fb1fe0 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 79.463347][ T3065] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 79.471303][ T3065] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 79.479286][ T3065] [ 79.485534][ T3066] FAULT_INJECTION: forcing a failure. [ 79.485534][ T3066] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.499015][ T3066] CPU: 0 PID: 3066 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 79.507701][ T3066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.517757][ T3066] Call Trace: [ 79.521037][ T3066] [ 79.523960][ T3066] dump_stack_lvl+0xd6/0x122 [ 79.528631][ T3066] dump_stack+0x11/0x1b [ 79.532878][ T3066] should_fail+0x23c/0x250 [ 79.537296][ T3066] should_fail_usercopy+0x16/0x20 [ 79.542377][ T3066] _copy_from_user+0x1c/0xd0 [ 79.547033][ T3066] __se_sys_memfd_create+0x125/0x350 [ 79.552331][ T3066] __x64_sys_memfd_create+0x2d/0x40 [ 79.557546][ T3066] do_syscall_64+0x44/0xd0 [ 79.561978][ T3066] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.567924][ T3066] RIP: 0033:0x7fbc8e8dde99 [ 79.572362][ T3066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 79.591999][ T3066] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 79.600456][ T3066] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 14:57:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 13) [ 79.608439][ T3066] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 79.616415][ T3066] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 79.624388][ T3066] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 [ 79.632363][ T3066] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 79.640410][ T3066] [ 79.658204][ T3069] loop1: detected capacity change from 0 to 1024 [ 79.665290][ T3070] FAULT_INJECTION: forcing a failure. [ 79.665290][ T3070] name failslab, interval 1, probability 0, space 0, times 0 [ 79.677940][ T3070] CPU: 1 PID: 3070 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 79.686688][ T3070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.696742][ T3070] Call Trace: [ 79.700022][ T3070] [ 79.702948][ T3070] dump_stack_lvl+0xd6/0x122 [ 79.707545][ T3070] dump_stack+0x11/0x1b [ 79.711711][ T3070] should_fail+0x23c/0x250 [ 79.716142][ T3070] ? alloc_workqueue+0x15d/0xad0 [ 79.721093][ T3070] __should_failslab+0x81/0x90 [ 79.725866][ T3070] should_failslab+0x5/0x20 [ 79.730438][ T3070] kmem_cache_alloc_trace+0x52/0x350 [ 79.735812][ T3070] ? kzalloc+0x16/0x20 [ 79.739890][ T3070] alloc_workqueue+0x15d/0xad0 [ 79.744704][ T3070] ? __rcu_read_unlock+0x5c/0x290 [ 79.749891][ T3070] ? preempt_count_add+0x4e/0x90 [ 79.754843][ T3070] ? _raw_spin_unlock+0x2e/0x50 [ 79.759751][ T3070] ? bd_prepare_to_claim+0x1ac/0x200 [ 79.765136][ T3070] loop_configure+0x70e/0xf30 [ 79.769828][ T3070] lo_ioctl+0x583/0x1270 [ 79.774089][ T3070] ? __rcu_read_unlock+0x5c/0x290 [ 79.779261][ T3070] ? blkdev_common_ioctl+0x438/0x1180 [ 79.784776][ T3070] ? selinux_file_ioctl+0x522/0x590 [ 79.789988][ T3070] ? do_vfs_ioctl+0x819/0x14a0 [ 79.794816][ T3070] ? lo_release+0x120/0x120 [ 79.799341][ T3070] blkdev_ioctl+0x20e/0x440 [ 79.803859][ T3070] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 79.809397][ T3070] __se_sys_ioctl+0xcb/0x140 [ 79.814081][ T3070] __x64_sys_ioctl+0x3f/0x50 [ 79.818686][ T3070] do_syscall_64+0x44/0xd0 [ 79.823114][ T3070] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.829114][ T3070] RIP: 0033:0x7f8caf5f1c57 [ 79.833619][ T3070] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 79.836430][ T3075] FAULT_INJECTION: forcing a failure. [ 79.836430][ T3075] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.853304][ T3070] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 79.853399][ T3070] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5f1c57 [ 79.853411][ T3070] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 79.853423][ T3070] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 79.898696][ T3070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:57:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 3) 14:57:27 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000040), &(0x7f0000000100)=0x68) set_mempolicy(0x3, &(0x7f00000000c0)=0x7, 0x4) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) (async) getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000040), &(0x7f0000000100)=0x68) (async) set_mempolicy(0x3, &(0x7f00000000c0)=0x7, 0x4) (async) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) (async) 14:57:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b1385431", 0x10, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:27 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 9) [ 79.906743][ T3070] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 79.914705][ T3070] [ 79.917709][ T3075] CPU: 0 PID: 3075 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 79.926383][ T3075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.931023][ T3076] FAULT_INJECTION: forcing a failure. [ 79.931023][ T3076] name failslab, interval 1, probability 0, space 0, times 0 [ 79.936500][ T3075] Call Trace: [ 79.936522][ T3075] [ 79.936528][ T3075] dump_stack_lvl+0xd6/0x122 [ 79.936553][ T3075] dump_stack+0x11/0x1b [ 79.936613][ T3075] should_fail+0x23c/0x250 [ 79.968521][ T3075] should_fail_usercopy+0x16/0x20 [ 79.973536][ T3075] strncpy_from_user+0x21/0x250 [ 79.978392][ T3075] getname_flags+0xb8/0x3f0 [ 79.982879][ T3075] getname+0x15/0x20 [ 79.986806][ T3075] do_sys_openat2+0x6d/0x2b0 [ 79.991449][ T3075] __x64_sys_openat+0xef/0x110 [ 79.996202][ T3075] do_syscall_64+0x44/0xd0 [ 80.000679][ T3075] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.006571][ T3075] RIP: 0033:0x7fbd63deedb4 [ 80.010969][ T3075] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 80.030659][ T3075] RSP: 002b:00007fbd62fb1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 80.039109][ T3075] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63deedb4 [ 80.047114][ T3075] RDX: 0000000000000002 RSI: 00007fbd62fb1fe0 RDI: 00000000ffffff9c [ 80.055070][ T3075] RBP: 00007fbd62fb1fe0 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 80.063048][ T3075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 80.071004][ T3075] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 80.079018][ T3075] [ 80.082083][ T3076] CPU: 1 PID: 3076 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 80.090883][ T3076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.100931][ T3076] Call Trace: [ 80.104194][ T3076] [ 80.107111][ T3076] dump_stack_lvl+0xd6/0x122 [ 80.111738][ T3076] dump_stack+0x11/0x1b [ 80.115985][ T3076] should_fail+0x23c/0x250 [ 80.120430][ T3076] ? shmem_alloc_inode+0x22/0x30 [ 80.125354][ T3076] __should_failslab+0x81/0x90 [ 80.130179][ T3076] ? shmem_match+0xa0/0xa0 [ 80.134585][ T3076] should_failslab+0x5/0x20 [ 80.139110][ T3076] kmem_cache_alloc+0x4f/0x320 [ 80.143860][ T3076] ? shmem_match+0xa0/0xa0 [ 80.148262][ T3076] shmem_alloc_inode+0x22/0x30 [ 80.153020][ T3076] new_inode_pseudo+0x38/0x190 [ 80.157800][ T3076] new_inode+0x21/0x100 [ 80.161939][ T3076] shmem_get_inode+0xb7/0x490 [ 80.166644][ T3076] __shmem_file_setup+0xf1/0x1d0 [ 80.171571][ T3076] shmem_file_setup+0x37/0x40 [ 80.176253][ T3076] __se_sys_memfd_create+0x1c1/0x350 [ 80.181569][ T3076] __x64_sys_memfd_create+0x2d/0x40 [ 80.186834][ T3076] do_syscall_64+0x44/0xd0 [ 80.191237][ T3076] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.197213][ T3076] RIP: 0033:0x7fbc8e8dde99 [ 80.201611][ T3076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 80.221235][ T3076] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 80.229711][ T3076] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 [ 80.237754][ T3076] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 80.245708][ T3076] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 80.253662][ T3076] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 14:57:27 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 10) 14:57:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 4) [ 80.261618][ T3076] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 80.269575][ T3076] [ 80.278714][ T3078] loop5: detected capacity change from 0 to 4 [ 80.301035][ T3077] bridge0: port 3(ipvlan2) entered blocking state [ 80.307490][ T3077] bridge0: port 3(ipvlan2) entered disabled state [ 80.328124][ T3078] EXT4-fs (loop5): unsupported descriptor size 0 [ 80.336228][ T3081] FAULT_INJECTION: forcing a failure. [ 80.336228][ T3081] name failslab, interval 1, probability 0, space 0, times 0 [ 80.341829][ T3082] FAULT_INJECTION: forcing a failure. [ 80.341829][ T3082] name failslab, interval 1, probability 0, space 0, times 0 [ 80.348865][ T3081] CPU: 1 PID: 3081 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 80.370327][ T3081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.380366][ T3081] Call Trace: [ 80.383633][ T3081] [ 80.386547][ T3081] dump_stack_lvl+0xd6/0x122 [ 80.391129][ T3081] dump_stack+0x11/0x1b [ 80.395330][ T3081] should_fail+0x23c/0x250 [ 80.399737][ T3081] ? __alloc_file+0x2e/0x1a0 [ 80.404312][ T3081] __should_failslab+0x81/0x90 [ 80.409119][ T3081] should_failslab+0x5/0x20 [ 80.413677][ T3081] kmem_cache_alloc+0x4f/0x320 [ 80.418435][ T3081] __alloc_file+0x2e/0x1a0 [ 80.422859][ T3081] alloc_empty_file+0xcd/0x1c0 [ 80.427683][ T3081] path_openat+0x6a/0x1eb0 [ 80.432092][ T3081] ? avc_has_perm_noaudit+0x1c0/0x270 [ 80.437449][ T3081] ? avc_has_perm+0x70/0x160 [ 80.442098][ T3081] ? avc_has_perm+0xd5/0x160 [ 80.446739][ T3081] do_filp_open+0x105/0x220 [ 80.451230][ T3081] do_sys_openat2+0xb5/0x2b0 [ 80.455813][ T3081] __x64_sys_openat+0xef/0x110 [ 80.460646][ T3081] do_syscall_64+0x44/0xd0 [ 80.465066][ T3081] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.471019][ T3081] RIP: 0033:0x7fbd63deedb4 [ 80.475418][ T3081] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 80.495010][ T3081] RSP: 002b:00007fbd62fb1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 80.503414][ T3081] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63deedb4 [ 80.511400][ T3081] RDX: 0000000000000002 RSI: 00007fbd62fb1fe0 RDI: 00000000ffffff9c [ 80.519382][ T3081] RBP: 00007fbd62fb1fe0 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:27 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 14) [ 80.527342][ T3081] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 80.535298][ T3081] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 80.543308][ T3081] [ 80.546313][ T3082] CPU: 0 PID: 3082 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 80.547578][ T3069] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 80.555037][ T3082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.555049][ T3082] Call Trace: 14:57:27 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 11) [ 80.555061][ T3082] [ 80.555067][ T3082] dump_stack_lvl+0xd6/0x122 [ 80.586551][ T3082] dump_stack+0x11/0x1b [ 80.590713][ T3082] should_fail+0x23c/0x250 [ 80.595133][ T3082] ? security_inode_alloc+0x30/0x180 [ 80.600452][ T3082] __should_failslab+0x81/0x90 [ 80.603796][ T3085] FAULT_INJECTION: forcing a failure. [ 80.603796][ T3085] name failslab, interval 1, probability 0, space 0, times 0 [ 80.605227][ T3082] should_failslab+0x5/0x20 [ 80.605271][ T3082] kmem_cache_alloc+0x4f/0x320 [ 80.627111][ T3082] security_inode_alloc+0x30/0x180 [ 80.632215][ T3082] inode_init_always+0x214/0x3e0 [ 80.637186][ T3082] ? shmem_match+0xa0/0xa0 [ 80.641625][ T3082] new_inode_pseudo+0x6f/0x190 [ 80.646375][ T3082] new_inode+0x21/0x100 [ 80.650515][ T3082] shmem_get_inode+0xb7/0x490 [ 80.655179][ T3082] __shmem_file_setup+0xf1/0x1d0 [ 80.660101][ T3082] shmem_file_setup+0x37/0x40 [ 80.664781][ T3082] __se_sys_memfd_create+0x1c1/0x350 [ 80.670051][ T3082] __x64_sys_memfd_create+0x2d/0x40 [ 80.675233][ T3082] do_syscall_64+0x44/0xd0 [ 80.679636][ T3082] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.685614][ T3082] RIP: 0033:0x7fbc8e8dde99 [ 80.690051][ T3082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 80.709641][ T3082] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 80.718035][ T3082] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 [ 80.725988][ T3082] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 80.733943][ T3082] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 80.741972][ T3082] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 [ 80.750183][ T3082] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 80.758208][ T3082] [ 80.761302][ T3085] CPU: 1 PID: 3085 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 80.770069][ T3085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.777053][ T3095] FAULT_INJECTION: forcing a failure. [ 80.777053][ T3095] name failslab, interval 1, probability 0, space 0, times 0 [ 80.780118][ T3085] Call Trace: [ 80.780127][ T3085] [ 80.780133][ T3085] dump_stack_lvl+0xd6/0x122 [ 80.780159][ T3085] dump_stack+0x11/0x1b [ 80.807651][ T3085] should_fail+0x23c/0x250 [ 80.812068][ T3085] ? security_file_alloc+0x30/0x190 [ 80.817275][ T3085] __should_failslab+0x81/0x90 [ 80.822032][ T3085] should_failslab+0x5/0x20 [ 80.826524][ T3085] kmem_cache_alloc+0x4f/0x320 [ 80.831282][ T3085] security_file_alloc+0x30/0x190 [ 80.836298][ T3085] __alloc_file+0x83/0x1a0 [ 80.840701][ T3085] alloc_empty_file+0xcd/0x1c0 [ 80.845458][ T3085] path_openat+0x6a/0x1eb0 [ 80.849901][ T3085] ? avc_has_perm_noaudit+0x1c0/0x270 [ 80.855402][ T3085] ? avc_has_perm+0x70/0x160 [ 80.859978][ T3085] ? avc_has_perm+0xd5/0x160 [ 80.864549][ T3085] do_filp_open+0x105/0x220 [ 80.869041][ T3085] do_sys_openat2+0xb5/0x2b0 [ 80.873623][ T3085] __x64_sys_openat+0xef/0x110 [ 80.878374][ T3085] do_syscall_64+0x44/0xd0 [ 80.882775][ T3085] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.888721][ T3085] RIP: 0033:0x7fbd63deedb4 [ 80.893120][ T3085] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 80.912709][ T3085] RSP: 002b:00007fbd62fb1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 80.921372][ T3085] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63deedb4 [ 80.929415][ T3085] RDX: 0000000000000002 RSI: 00007fbd62fb1fe0 RDI: 00000000ffffff9c [ 80.937370][ T3085] RBP: 00007fbd62fb1fe0 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 80.945326][ T3085] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 80.953298][ T3085] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 80.961260][ T3085] [ 80.964299][ T3095] CPU: 0 PID: 3095 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 80.972976][ T3095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.983026][ T3095] Call Trace: [ 80.986303][ T3095] [ 80.989290][ T3095] dump_stack_lvl+0xd6/0x122 [ 80.993885][ T3095] dump_stack+0x11/0x1b [ 80.998147][ T3095] should_fail+0x23c/0x250 [ 81.002557][ T3095] ? kzalloc+0x16/0x20 [ 81.006619][ T3095] __should_failslab+0x81/0x90 [ 81.011397][ T3095] should_failslab+0x5/0x20 [ 81.015903][ T3095] __kmalloc+0x6f/0x370 [ 81.020085][ T3095] ? number+0xa13/0xb60 [ 81.024371][ T3095] kzalloc+0x16/0x20 [ 81.028254][ T3095] apply_wqattrs_prepare+0x3a/0x630 [ 81.033448][ T3095] ? vsnprintf+0xe8f/0xed0 [ 81.037847][ T3095] apply_workqueue_attrs+0x9e/0x100 [ 81.043060][ T3095] alloc_workqueue+0x777/0xad0 [ 81.047843][ T3095] ? preempt_count_add+0x4e/0x90 [ 81.052771][ T3095] ? _raw_spin_unlock+0x2e/0x50 [ 81.057671][ T3095] ? bd_prepare_to_claim+0x1ac/0x200 [ 81.062946][ T3095] loop_configure+0x70e/0xf30 [ 81.067689][ T3095] lo_ioctl+0x583/0x1270 [ 81.071915][ T3095] ? __rcu_read_unlock+0x5c/0x290 [ 81.077021][ T3095] ? blkdev_common_ioctl+0x438/0x1180 [ 81.082465][ T3095] ? selinux_file_ioctl+0x522/0x590 [ 81.087645][ T3095] ? do_vfs_ioctl+0x819/0x14a0 [ 81.092445][ T3095] ? lo_release+0x120/0x120 [ 81.096930][ T3095] blkdev_ioctl+0x20e/0x440 [ 81.101423][ T3095] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 81.106904][ T3095] __se_sys_ioctl+0xcb/0x140 [ 81.111535][ T3095] __x64_sys_ioctl+0x3f/0x50 [ 81.116135][ T3095] do_syscall_64+0x44/0xd0 [ 81.120561][ T3095] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.126435][ T3095] RIP: 0033:0x7f8caf5f1c57 [ 81.130831][ T3095] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 81.150441][ T3095] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.158947][ T3095] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5f1c57 [ 81.167084][ T3095] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:28 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff", 0x11, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:28 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 12) 14:57:28 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 5) 14:57:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b1385431", 0x10, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 81.175080][ T3095] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 81.183116][ T3095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 81.191074][ T3095] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 81.199053][ T3095] 14:57:28 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 15) [ 81.223515][ T3097] FAULT_INJECTION: forcing a failure. [ 81.223515][ T3097] name failslab, interval 1, probability 0, space 0, times 0 [ 81.236342][ T3097] CPU: 0 PID: 3097 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 81.238214][ T3101] loop1: detected capacity change from 0 to 1024 [ 81.245075][ T3097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.245089][ T3097] Call Trace: [ 81.245095][ T3097] [ 81.245102][ T3097] dump_stack_lvl+0xd6/0x122 [ 81.245126][ T3097] dump_stack+0x11/0x1b [ 81.267309][ T3103] FAULT_INJECTION: forcing a failure. [ 81.267309][ T3103] name failslab, interval 1, probability 0, space 0, times 0 [ 81.267701][ T3097] should_fail+0x23c/0x250 [ 81.293702][ T3097] ? __d_alloc+0x36/0x370 [ 81.298117][ T3097] __should_failslab+0x81/0x90 [ 81.302926][ T3097] should_failslab+0x5/0x20 [ 81.307441][ T3097] kmem_cache_alloc+0x4f/0x320 [ 81.312213][ T3097] ? security_inode_alloc+0x138/0x180 [ 81.317642][ T3097] ? __init_rwsem+0x59/0x70 [ 81.322224][ T3097] __d_alloc+0x36/0x370 [ 81.326477][ T3097] ? debug_smp_processor_id+0x18/0x20 [ 81.331913][ T3097] d_alloc_pseudo+0x1a/0x50 [ 81.336445][ T3097] alloc_file_pseudo+0x77/0x150 [ 81.341288][ T3097] __shmem_file_setup+0x14c/0x1d0 [ 81.346305][ T3097] shmem_file_setup+0x37/0x40 [ 81.350969][ T3097] __se_sys_memfd_create+0x1c1/0x350 [ 81.356249][ T3097] __x64_sys_memfd_create+0x2d/0x40 [ 81.361476][ T3097] do_syscall_64+0x44/0xd0 [ 81.365898][ T3097] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.371782][ T3097] RIP: 0033:0x7fbc8e8dde99 [ 81.376261][ T3097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 81.395998][ T3097] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 81.404410][ T3097] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 [ 81.412391][ T3097] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 81.420347][ T3097] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 81.428315][ T3097] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 [ 81.436840][ T3097] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 81.444866][ T3097] [ 81.447868][ T3103] CPU: 1 PID: 3103 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 81.449795][ T3104] FAULT_INJECTION: forcing a failure. [ 81.449795][ T3104] name failslab, interval 1, probability 0, space 0, times 0 [ 81.456571][ T3103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.456583][ T3103] Call Trace: [ 81.456588][ T3103] [ 81.456594][ T3103] dump_stack_lvl+0xd6/0x122 [ 81.490035][ T3103] dump_stack+0x11/0x1b [ 81.494257][ T3103] should_fail+0x23c/0x250 [ 81.498762][ T3103] ? apply_wqattrs_prepare+0x5f/0x630 [ 81.504127][ T3103] __should_failslab+0x81/0x90 [ 81.508946][ T3103] should_failslab+0x5/0x20 [ 81.513509][ T3103] kmem_cache_alloc_trace+0x52/0x350 [ 81.518779][ T3103] ? kzalloc+0x16/0x20 [ 81.522905][ T3103] apply_wqattrs_prepare+0x5f/0x630 [ 81.528092][ T3103] ? vsnprintf+0xe8f/0xed0 [ 81.532557][ T3103] apply_workqueue_attrs+0x9e/0x100 [ 81.537789][ T3103] alloc_workqueue+0x777/0xad0 [ 81.542587][ T3103] ? preempt_count_add+0x4e/0x90 [ 81.547542][ T3103] ? _raw_spin_unlock+0x2e/0x50 [ 81.552436][ T3103] ? bd_prepare_to_claim+0x1ac/0x200 [ 81.557709][ T3103] loop_configure+0x70e/0xf30 [ 81.562383][ T3103] lo_ioctl+0x583/0x1270 [ 81.566722][ T3103] ? __rcu_read_unlock+0x5c/0x290 [ 81.571885][ T3103] ? blkdev_common_ioctl+0x438/0x1180 [ 81.577272][ T3103] ? selinux_file_ioctl+0x522/0x590 [ 81.582477][ T3103] ? do_vfs_ioctl+0x819/0x14a0 [ 81.587307][ T3103] ? lo_release+0x120/0x120 [ 81.591794][ T3103] blkdev_ioctl+0x20e/0x440 [ 81.596290][ T3103] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 81.601751][ T3103] __se_sys_ioctl+0xcb/0x140 [ 81.606330][ T3103] __x64_sys_ioctl+0x3f/0x50 [ 81.610905][ T3103] do_syscall_64+0x44/0xd0 [ 81.615367][ T3103] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.621278][ T3103] RIP: 0033:0x7f8caf5f1c57 [ 81.625718][ T3103] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 81.645385][ T3103] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.653794][ T3103] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5f1c57 [ 81.661749][ T3103] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 81.669702][ T3103] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 81.677657][ T3103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 81.685612][ T3103] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 81.693571][ T3103] [ 81.696664][ T3104] CPU: 0 PID: 3104 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 81.705342][ T3104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.715403][ T3104] Call Trace: [ 81.718692][ T3104] [ 81.721622][ T3104] dump_stack_lvl+0xd6/0x122 [ 81.726221][ T3104] dump_stack+0x11/0x1b [ 81.730264][ T3101] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 81.730437][ T3104] should_fail+0x23c/0x250 [ 81.745219][ T3104] ? kzalloc+0x16/0x20 [ 81.749369][ T3104] __should_failslab+0x81/0x90 [ 81.754197][ T3104] should_failslab+0x5/0x20 [ 81.758732][ T3104] __kmalloc+0x6f/0x370 [ 81.762879][ T3104] ? delay_tsc+0x96/0xe0 [ 81.767237][ T3104] kzalloc+0x16/0x20 [ 81.771179][ T3104] alloc_workqueue+0x12f/0xad0 [ 81.776067][ T3104] ? __rcu_read_unlock+0x5c/0x290 [ 81.781085][ T3104] ? preempt_count_add+0x4e/0x90 [ 81.786023][ T3104] ? _raw_spin_unlock+0x2e/0x50 [ 81.790886][ T3104] ? bd_prepare_to_claim+0x1ac/0x200 [ 81.796166][ T3104] loop_configure+0x70e/0xf30 [ 81.800833][ T3104] lo_ioctl+0x583/0x1270 [ 81.805062][ T3104] ? __rcu_read_unlock+0x5c/0x290 [ 81.810076][ T3104] ? blkdev_common_ioctl+0x438/0x1180 [ 81.815444][ T3104] ? selinux_file_ioctl+0x522/0x590 [ 81.820629][ T3104] ? do_vfs_ioctl+0x819/0x14a0 [ 81.825386][ T3104] ? lo_release+0x120/0x120 [ 81.829939][ T3104] blkdev_ioctl+0x20e/0x440 [ 81.834532][ T3104] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 81.840029][ T3104] __se_sys_ioctl+0xcb/0x140 [ 81.844606][ T3104] __x64_sys_ioctl+0x3f/0x50 [ 81.849190][ T3104] do_syscall_64+0x44/0xd0 [ 81.853673][ T3104] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.859553][ T3104] RIP: 0033:0x7fbd63e3bc57 [ 81.863965][ T3104] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 81.883617][ T3104] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.892019][ T3104] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 81.899974][ T3104] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 81.907991][ T3104] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 81.915948][ T3104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 81.923988][ T3104] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 81.932028][ T3104] [ 81.937049][ T24] audit: type=1400 audit(1639666648.923:155): avc: denied { unlink } for pid=1419 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 14:57:29 executing program 0: perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0xffffffffffffffff, 0x1) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',\x00']) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x902, 0x0) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0xfa, 0x3b, 0x1, 0x6, 0x0, 0xce, 0x1000, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000200), 0xb}, 0x10082, 0x2, 0x401, 0x4, 0x7fffffff, 0x100, 0xfc01, 0x0, 0xec6, 0x0, 0xffff}, r2, 0x1, r3, 0x8) 14:57:29 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 16) 14:57:29 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 6) 14:57:29 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff", 0x11, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:29 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 13) [ 81.976863][ T3105] loop5: detected capacity change from 0 to 4 [ 81.999278][ T3105] EXT4-fs (loop5): unsupported descriptor size 0 [ 82.005864][ T3108] FAULT_INJECTION: forcing a failure. [ 82.005864][ T3108] name failslab, interval 1, probability 0, space 0, times 0 [ 82.020068][ T3108] CPU: 1 PID: 3108 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 82.024993][ T3113] FAULT_INJECTION: forcing a failure. [ 82.024993][ T3113] name failslab, interval 1, probability 0, space 0, times 0 [ 82.028759][ T3108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.028773][ T3108] Call Trace: [ 82.028779][ T3108] [ 82.028786][ T3108] dump_stack_lvl+0xd6/0x122 [ 82.062214][ T3108] dump_stack+0x11/0x1b [ 82.066360][ T3108] should_fail+0x23c/0x250 [ 82.070761][ T3108] ? apply_wqattrs_prepare+0xbe/0x630 [ 82.076155][ T3108] __should_failslab+0x81/0x90 [ 82.080907][ T3108] should_failslab+0x5/0x20 [ 82.085443][ T3108] kmem_cache_alloc_trace+0x52/0x350 [ 82.090788][ T3108] ? apply_wqattrs_prepare+0x5f/0x630 [ 82.096237][ T3108] apply_wqattrs_prepare+0xbe/0x630 [ 82.101427][ T3108] ? vsnprintf+0xe8f/0xed0 [ 82.105827][ T3108] apply_workqueue_attrs+0x9e/0x100 [ 82.111042][ T3108] alloc_workqueue+0x777/0xad0 [ 82.115859][ T3108] ? preempt_count_add+0x4e/0x90 [ 82.120785][ T3108] ? _raw_spin_unlock+0x2e/0x50 [ 82.125620][ T3108] ? bd_prepare_to_claim+0x1ac/0x200 [ 82.130892][ T3108] loop_configure+0x70e/0xf30 [ 82.135704][ T3108] lo_ioctl+0x583/0x1270 [ 82.139932][ T3108] ? __rcu_read_unlock+0x5c/0x290 [ 82.144944][ T3108] ? blkdev_common_ioctl+0x438/0x1180 [ 82.150365][ T3108] ? selinux_file_ioctl+0x522/0x590 [ 82.155594][ T3108] ? do_vfs_ioctl+0x819/0x14a0 [ 82.160365][ T3108] ? lo_release+0x120/0x120 [ 82.164850][ T3108] blkdev_ioctl+0x20e/0x440 [ 82.169348][ T3108] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 82.174793][ T3108] __se_sys_ioctl+0xcb/0x140 [ 82.179402][ T3108] __x64_sys_ioctl+0x3f/0x50 [ 82.183976][ T3108] do_syscall_64+0x44/0xd0 [ 82.188380][ T3108] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.194261][ T3108] RIP: 0033:0x7f8caf5f1c57 [ 82.198659][ T3108] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 82.218255][ T3108] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:57:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b1385431", 0x10, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 82.226649][ T3108] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5f1c57 [ 82.234602][ T3108] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 82.242564][ T3108] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 82.250533][ T3108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 82.258491][ T3108] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 82.266448][ T3108] [ 82.269450][ T3113] CPU: 0 PID: 3113 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 82.278131][ T3113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.288204][ T3113] Call Trace: [ 82.291475][ T3113] [ 82.294498][ T3113] dump_stack_lvl+0xd6/0x122 [ 82.299084][ T3113] dump_stack+0x11/0x1b [ 82.303237][ T3113] should_fail+0x23c/0x250 [ 82.307639][ T3113] ? __alloc_file+0x2e/0x1a0 [ 82.312217][ T3113] __should_failslab+0x81/0x90 [ 82.316968][ T3113] should_failslab+0x5/0x20 [ 82.321568][ T3113] kmem_cache_alloc+0x4f/0x320 [ 82.326488][ T3113] __alloc_file+0x2e/0x1a0 [ 82.330892][ T3113] alloc_empty_file+0xcd/0x1c0 [ 82.335675][ T3113] alloc_file+0x3a/0x280 [ 82.339903][ T3113] alloc_file_pseudo+0xfa/0x150 [ 82.344738][ T3113] __shmem_file_setup+0x14c/0x1d0 [ 82.349823][ T3113] shmem_file_setup+0x37/0x40 [ 82.354514][ T3113] __se_sys_memfd_create+0x1c1/0x350 [ 82.359789][ T3113] __x64_sys_memfd_create+0x2d/0x40 [ 82.364977][ T3113] do_syscall_64+0x44/0xd0 [ 82.369403][ T3113] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.375285][ T3113] RIP: 0033:0x7fbc8e8dde99 [ 82.379684][ T3113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 82.399298][ T3113] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 82.407695][ T3113] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 [ 82.415726][ T3113] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 82.423682][ T3113] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 82.431668][ T3113] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 [ 82.439654][ T3113] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 82.447611][ T3113] [ 82.450964][ T3112] loop1: detected capacity change from 0 to 1024 [ 82.465076][ T3115] 9pnet: Insufficient options for proto=fd [ 82.472494][ T3117] loop5: detected capacity change from 0 to 4 14:57:29 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 7) [ 82.478786][ T3112] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 82.492690][ T3118] FAULT_INJECTION: forcing a failure. [ 82.492690][ T3118] name failslab, interval 1, probability 0, space 0, times 0 [ 82.505359][ T3118] CPU: 0 PID: 3118 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 82.514081][ T3118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.524135][ T3118] Call Trace: [ 82.527430][ T3118] [ 82.530392][ T3118] dump_stack_lvl+0xd6/0x122 [ 82.535015][ T3118] dump_stack+0x11/0x1b [ 82.539277][ T3118] should_fail+0x23c/0x250 [ 82.543694][ T3118] ? alloc_workqueue+0x15d/0xad0 [ 82.548662][ T3118] __should_failslab+0x81/0x90 [ 82.553429][ T3118] should_failslab+0x5/0x20 [ 82.557958][ T3118] kmem_cache_alloc_trace+0x52/0x350 [ 82.563232][ T3118] ? kzalloc+0x16/0x20 [ 82.567326][ T3118] alloc_workqueue+0x15d/0xad0 [ 82.572076][ T3118] ? __rcu_read_unlock+0x5c/0x290 [ 82.577116][ T3118] ? preempt_count_add+0x4e/0x90 [ 82.582137][ T3118] ? _raw_spin_unlock+0x2e/0x50 [ 82.586977][ T3118] ? bd_prepare_to_claim+0x1ac/0x200 [ 82.592247][ T3118] loop_configure+0x70e/0xf30 [ 82.596909][ T3118] lo_ioctl+0x583/0x1270 [ 82.601135][ T3118] ? __rcu_read_unlock+0x5c/0x290 [ 82.606152][ T3118] ? blkdev_common_ioctl+0x438/0x1180 [ 82.611545][ T3118] ? selinux_file_ioctl+0x522/0x590 [ 82.616765][ T3118] ? do_vfs_ioctl+0x819/0x14a0 [ 82.621514][ T3118] ? lo_release+0x120/0x120 [ 82.626075][ T3118] blkdev_ioctl+0x20e/0x440 [ 82.630645][ T3118] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 82.636153][ T3118] __se_sys_ioctl+0xcb/0x140 [ 82.640807][ T3118] __x64_sys_ioctl+0x3f/0x50 [ 82.645524][ T3118] do_syscall_64+0x44/0xd0 [ 82.649953][ T3118] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.655843][ T3118] RIP: 0033:0x7fbd63e3bc57 [ 82.660284][ T3118] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 82.679881][ T3118] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 82.688279][ T3118] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 82.696267][ T3118] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 82.704246][ T3118] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 82.712216][ T3118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 82.720170][ T3118] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:57:29 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff826710", 0x14, 0x560}], 0x0, &(0x7f0000012b00)) [ 82.728129][ T3118] [ 82.748014][ T3117] EXT4-fs (loop5): unsupported descriptor size 0 [ 82.754836][ T3120] FAULT_INJECTION: forcing a failure. [ 82.754836][ T3120] name failslab, interval 1, probability 0, space 0, times 0 [ 82.767466][ T3120] CPU: 0 PID: 3120 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:30 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 14) 14:57:30 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 17) 14:57:30 executing program 0: perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0xffffffffffffffff, 0x1) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',\x00']) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x902, 0x0) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0xfa, 0x3b, 0x1, 0x6, 0x0, 0xce, 0x1000, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000200), 0xb}, 0x10082, 0x2, 0x401, 0x4, 0x7fffffff, 0x100, 0xfc01, 0x0, 0xec6, 0x0, 0xffff}, r2, 0x1, r3, 0x8) perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0xffffffffffffffff, 0x1) (async) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) (async) pipe2$9p(&(0x7f00000001c0), 0x0) (async) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',\x00']) (async) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)) (async) openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x902, 0x0) (async) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0xfa, 0x3b, 0x1, 0x6, 0x0, 0xce, 0x1000, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000200), 0xb}, 0x10082, 0x2, 0x401, 0x4, 0x7fffffff, 0x100, 0xfc01, 0x0, 0xec6, 0x0, 0xffff}, r2, 0x1, r3, 0x8) (async) [ 82.776278][ T3120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.786347][ T3120] Call Trace: [ 82.789622][ T3120] [ 82.792551][ T3120] dump_stack_lvl+0xd6/0x122 [ 82.797197][ T3120] dump_stack+0x11/0x1b [ 82.801423][ T3120] should_fail+0x23c/0x250 [ 82.805836][ T3120] ? security_file_alloc+0x30/0x190 [ 82.805925][ T3124] FAULT_INJECTION: forcing a failure. [ 82.805925][ T3124] name failslab, interval 1, probability 0, space 0, times 0 [ 82.811034][ T3120] __should_failslab+0x81/0x90 [ 82.811062][ T3120] should_failslab+0x5/0x20 [ 82.811091][ T3120] kmem_cache_alloc+0x4f/0x320 [ 82.837748][ T3120] security_file_alloc+0x30/0x190 [ 82.842771][ T3120] __alloc_file+0x83/0x1a0 [ 82.847182][ T3120] alloc_empty_file+0xcd/0x1c0 [ 82.851930][ T3120] alloc_file+0x3a/0x280 [ 82.856165][ T3120] alloc_file_pseudo+0xfa/0x150 [ 82.861043][ T3120] __shmem_file_setup+0x14c/0x1d0 [ 82.866188][ T3120] shmem_file_setup+0x37/0x40 [ 82.871020][ T3120] __se_sys_memfd_create+0x1c1/0x350 [ 82.876298][ T3120] __x64_sys_memfd_create+0x2d/0x40 [ 82.881486][ T3120] do_syscall_64+0x44/0xd0 [ 82.885893][ T3120] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.891774][ T3120] RIP: 0033:0x7fbc8e8dde99 [ 82.896240][ T3120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 82.915829][ T3120] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 82.924224][ T3120] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dde99 [ 82.932177][ T3120] RDX: 00007fbc8da53fe0 RSI: 0000000000000000 RDI: 00007fbc8e937168 [ 82.940232][ T3120] RBP: 0000000000000000 R08: 00007fbc8da53fd8 R09: 00007fbc8da541d0 [ 82.948185][ T3120] R10: 00007fbc8da53fdc R11: 0000000000000246 R12: 0000000020000000 [ 82.956145][ T3120] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000020000240 [ 82.964110][ T3120] [ 82.967169][ T3124] CPU: 1 PID: 3124 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 82.975840][ T3124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.985958][ T3124] Call Trace: [ 82.989228][ T3124] [ 82.992143][ T3124] dump_stack_lvl+0xd6/0x122 [ 82.996739][ T3124] dump_stack+0x11/0x1b [ 83.000882][ T3124] should_fail+0x23c/0x250 [ 83.005281][ T3124] ? kzalloc+0x16/0x20 [ 83.009352][ T3124] __should_failslab+0x81/0x90 [ 83.014112][ T3124] should_failslab+0x5/0x20 [ 83.018602][ T3124] __kmalloc+0x6f/0x370 [ 83.024698][ T3124] ? number+0xa13/0xb60 [ 83.028851][ T3124] kzalloc+0x16/0x20 [ 83.032732][ T3124] apply_wqattrs_prepare+0x3a/0x630 [ 83.037921][ T3124] ? vsnprintf+0xe8f/0xed0 [ 83.042380][ T3124] apply_workqueue_attrs+0x9e/0x100 [ 83.047565][ T3124] alloc_workqueue+0x777/0xad0 [ 83.052378][ T3124] ? preempt_count_add+0x4e/0x90 [ 83.057306][ T3124] ? _raw_spin_unlock+0x2e/0x50 [ 83.062142][ T3124] ? bd_prepare_to_claim+0x1ac/0x200 [ 83.067446][ T3124] loop_configure+0x70e/0xf30 [ 83.072109][ T3124] lo_ioctl+0x583/0x1270 [ 83.076336][ T3124] ? __rcu_read_unlock+0x5c/0x290 [ 83.081586][ T3124] ? blkdev_common_ioctl+0x438/0x1180 [ 83.086971][ T3124] ? selinux_file_ioctl+0x522/0x590 [ 83.092221][ T3124] ? do_vfs_ioctl+0x819/0x14a0 [ 83.097027][ T3124] ? lo_release+0x120/0x120 [ 83.101523][ T3124] blkdev_ioctl+0x20e/0x440 [ 83.106013][ T3124] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 83.111458][ T3124] __se_sys_ioctl+0xcb/0x140 [ 83.116044][ T3124] __x64_sys_ioctl+0x3f/0x50 [ 83.120766][ T3124] do_syscall_64+0x44/0xd0 [ 83.125169][ T3124] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.131090][ T3124] RIP: 0033:0x7fbd63e3bc57 [ 83.135487][ T3124] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 83.155073][ T3124] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 83.163494][ T3124] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 83.171524][ T3124] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 83.179481][ T3124] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 83.187468][ T3124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 83.195462][ T3124] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 83.203528][ T3124] [ 83.209513][ T3127] 9pnet: Insufficient options for proto=fd [ 83.214112][ T3125] FAULT_INJECTION: forcing a failure. [ 83.214112][ T3125] name failslab, interval 1, probability 0, space 0, times 0 [ 83.227934][ T3125] CPU: 1 PID: 3125 Comm: syz-executor.2 Not tainted 5.16.0-rc5-syzkaller #0 [ 83.229428][ T3130] 9pnet: Insufficient options for proto=fd [ 83.236606][ T3125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.236618][ T3125] Call Trace: [ 83.236624][ T3125] [ 83.236630][ T3125] dump_stack_lvl+0xd6/0x122 [ 83.263253][ T3125] dump_stack+0x11/0x1b [ 83.267396][ T3125] should_fail+0x23c/0x250 [ 83.271798][ T3125] __should_failslab+0x81/0x90 [ 83.276557][ T3125] should_failslab+0x5/0x20 [ 83.281047][ T3125] kmem_cache_alloc_node+0x61/0x2d0 [ 83.286230][ T3125] ? should_fail+0xd6/0x250 [ 83.290832][ T3125] ? should_fail+0xd6/0x250 [ 83.295323][ T3125] ? alloc_unbound_pwq+0x3e6/0x780 [ 83.300442][ T3125] alloc_unbound_pwq+0x3e6/0x780 [ 83.305528][ T3125] apply_wqattrs_prepare+0x1ed/0x630 [ 83.310812][ T3125] apply_workqueue_attrs+0x9e/0x100 [ 83.316012][ T3125] alloc_workqueue+0x777/0xad0 [ 83.320779][ T3125] ? preempt_count_add+0x4e/0x90 [ 83.325755][ T3125] ? _raw_spin_unlock+0x2e/0x50 [ 83.330592][ T3125] ? bd_prepare_to_claim+0x1ac/0x200 [ 83.335867][ T3125] loop_configure+0x70e/0xf30 [ 83.340537][ T3125] lo_ioctl+0x583/0x1270 [ 83.344766][ T3125] ? __rcu_read_unlock+0x5c/0x290 [ 83.349929][ T3125] ? blkdev_common_ioctl+0x438/0x1180 [ 83.355377][ T3125] ? selinux_file_ioctl+0x522/0x590 [ 83.360560][ T3125] ? do_vfs_ioctl+0x819/0x14a0 [ 83.365371][ T3125] ? lo_release+0x120/0x120 [ 83.369857][ T3125] blkdev_ioctl+0x20e/0x440 [ 83.374420][ T3125] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 83.379862][ T3125] __se_sys_ioctl+0xcb/0x140 [ 83.384439][ T3125] __x64_sys_ioctl+0x3f/0x50 [ 83.389031][ T3125] do_syscall_64+0x44/0xd0 [ 83.393435][ T3125] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.399417][ T3125] RIP: 0033:0x7f8caf5f1c57 [ 83.403816][ T3125] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 83.423529][ T3125] RSP: 002b:00007f8cae767f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:57:30 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 15) [ 83.431921][ T3125] RAX: ffffffffffffffda RBX: 00007f8caf63b9c8 RCX: 00007f8caf5f1c57 [ 83.439916][ T3125] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 83.447869][ T3125] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f8cae7681d0 [ 83.455834][ T3125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 83.463866][ T3125] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 83.471823][ T3125] 14:57:30 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 8) [ 83.491734][ T3135] loop1: detected capacity change from 0 to 1024 [ 83.508544][ T3137] FAULT_INJECTION: forcing a failure. [ 83.508544][ T3137] name failslab, interval 1, probability 0, space 0, times 0 [ 83.521193][ T3137] CPU: 1 PID: 3137 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 83.523731][ T3139] FAULT_INJECTION: forcing a failure. [ 83.523731][ T3139] name failslab, interval 1, probability 0, space 0, times 0 [ 83.529866][ T3137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.529881][ T3137] Call Trace: [ 83.529887][ T3137] [ 83.529893][ T3137] dump_stack_lvl+0xd6/0x122 [ 83.563214][ T3137] dump_stack+0x11/0x1b [ 83.567475][ T3137] should_fail+0x23c/0x250 [ 83.571931][ T3137] ? apply_wqattrs_prepare+0x5f/0x630 [ 83.577311][ T3137] __should_failslab+0x81/0x90 [ 83.582074][ T3137] should_failslab+0x5/0x20 [ 83.586640][ T3137] kmem_cache_alloc_trace+0x52/0x350 [ 83.591943][ T3137] ? kzalloc+0x16/0x20 [ 83.596018][ T3137] apply_wqattrs_prepare+0x5f/0x630 [ 83.601211][ T3137] ? vsnprintf+0xe8f/0xed0 [ 83.605667][ T3137] apply_workqueue_attrs+0x9e/0x100 [ 83.610852][ T3137] alloc_workqueue+0x777/0xad0 [ 83.615653][ T3137] ? preempt_count_add+0x4e/0x90 [ 83.620628][ T3137] ? _raw_spin_unlock+0x2e/0x50 [ 83.625467][ T3137] ? bd_prepare_to_claim+0x1ac/0x200 [ 83.630744][ T3137] loop_configure+0x70e/0xf30 [ 83.635415][ T3137] lo_ioctl+0x583/0x1270 [ 83.639643][ T3137] ? __rcu_read_unlock+0x5c/0x290 [ 83.644688][ T3137] ? blkdev_common_ioctl+0x438/0x1180 [ 83.650047][ T3137] ? selinux_file_ioctl+0x522/0x590 [ 83.655229][ T3137] ? do_vfs_ioctl+0x819/0x14a0 [ 83.659977][ T3137] ? lo_release+0x120/0x120 [ 83.664460][ T3137] blkdev_ioctl+0x20e/0x440 [ 83.669001][ T3137] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 83.674481][ T3137] __se_sys_ioctl+0xcb/0x140 [ 83.679054][ T3137] __x64_sys_ioctl+0x3f/0x50 [ 83.683704][ T3137] do_syscall_64+0x44/0xd0 [ 83.688122][ T3137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.694101][ T3137] RIP: 0033:0x7fbd63e3bc57 [ 83.698497][ T3137] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 83.718173][ T3137] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 83.726581][ T3137] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 83.734532][ T3137] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 83.742486][ T3137] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 83.750494][ T3137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 83.758485][ T3137] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 83.766438][ T3137] [ 83.769460][ T3139] CPU: 0 PID: 3139 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 83.778130][ T3139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.788238][ T3139] Call Trace: [ 83.791499][ T3139] [ 83.794417][ T3139] dump_stack_lvl+0xd6/0x122 [ 83.799085][ T3139] dump_stack+0x11/0x1b [ 83.803223][ T3139] should_fail+0x23c/0x250 [ 83.807620][ T3139] ? getname_flags+0x84/0x3f0 [ 83.812309][ T3139] __should_failslab+0x81/0x90 [ 83.817065][ T3139] should_failslab+0x5/0x20 [ 83.821630][ T3139] kmem_cache_alloc+0x4f/0x320 [ 83.826383][ T3139] getname_flags+0x84/0x3f0 [ 83.830977][ T3139] ? up_write+0x25/0xc0 [ 83.835139][ T3139] getname+0x15/0x20 [ 83.839024][ T3139] do_sys_openat2+0x6d/0x2b0 [ 83.843651][ T3139] __x64_sys_openat+0xef/0x110 [ 83.848405][ T3139] do_syscall_64+0x44/0xd0 [ 83.852811][ T3139] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.858767][ T3139] RIP: 0033:0x7fbc8e890db4 [ 83.863161][ T3139] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 83.882835][ T3139] RSP: 002b:00007fbc8da53eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 14:57:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 83.891265][ T3139] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e890db4 [ 83.899219][ T3139] RDX: 0000000000000002 RSI: 00007fbc8da53fe0 RDI: 00000000ffffff9c [ 83.907239][ T3139] RBP: 00007fbc8da53fe0 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 83.915192][ T3139] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 83.923143][ T3139] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 83.931099][ T3139] 14:57:31 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:31 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 9) 14:57:31 executing program 0: perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0x0, 0xffffffffffffffff, 0x1) (async) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) (async) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',\x00']) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x902, 0x0) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0xfa, 0x3b, 0x1, 0x6, 0x0, 0xce, 0x1000, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000200), 0xb}, 0x10082, 0x2, 0x401, 0x4, 0x7fffffff, 0x100, 0xfc01, 0x0, 0xec6, 0x0, 0xffff}, r2, 0x1, r3, 0x8) [ 83.957559][ T3135] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 83.972880][ T3141] loop5: detected capacity change from 0 to 4 [ 83.986127][ T3141] EXT4-fs (loop5): unsupported descriptor size 0 14:57:31 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:31 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 84.009779][ T3146] FAULT_INJECTION: forcing a failure. [ 84.009779][ T3146] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.022956][ T3146] CPU: 0 PID: 3146 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 84.031810][ T3146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.041968][ T3146] Call Trace: [ 84.045245][ T3146] [ 84.048166][ T3146] dump_stack_lvl+0xd6/0x122 [ 84.052746][ T3146] dump_stack+0x11/0x1b [ 84.056941][ T3146] should_fail+0x23c/0x250 [ 84.061340][ T3146] should_fail_usercopy+0x16/0x20 [ 84.066361][ T3146] strncpy_from_user+0x21/0x250 [ 84.071262][ T3146] getname_flags+0xb8/0x3f0 [ 84.075752][ T3146] getname+0x15/0x20 [ 84.079630][ T3146] do_sys_openat2+0x6d/0x2b0 [ 84.084275][ T3146] __x64_sys_openat+0xef/0x110 [ 84.089056][ T3146] do_syscall_64+0x44/0xd0 [ 84.093480][ T3146] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.099441][ T3146] RIP: 0033:0x7fbc8e890db4 [ 84.103890][ T3146] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 84.123569][ T3146] RSP: 002b:00007fbc8da53eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 84.132024][ T3146] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e890db4 [ 84.139982][ T3146] RDX: 0000000000000002 RSI: 00007fbc8da53fe0 RDI: 00000000ffffff9c [ 84.147942][ T3146] RBP: 00007fbc8da53fe0 R08: 0000000000000000 R09: 00007fbc8da541d0 14:57:31 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 16) [ 84.155901][ T3146] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 84.163880][ T3146] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 84.172686][ T3146] [ 84.188622][ T3156] FAULT_INJECTION: forcing a failure. [ 84.188622][ T3156] name failslab, interval 1, probability 0, space 0, times 0 [ 84.201283][ T3156] CPU: 0 PID: 3156 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 84.209952][ T3156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.220047][ T3156] Call Trace: [ 84.223313][ T3156] [ 84.226234][ T3156] dump_stack_lvl+0xd6/0x122 [ 84.230819][ T3156] dump_stack+0x11/0x1b [ 84.234961][ T3156] should_fail+0x23c/0x250 [ 84.239434][ T3156] ? apply_wqattrs_prepare+0xbe/0x630 [ 84.245273][ T3156] __should_failslab+0x81/0x90 [ 84.250092][ T3156] should_failslab+0x5/0x20 [ 84.254580][ T3156] kmem_cache_alloc_trace+0x52/0x350 [ 84.259851][ T3156] ? apply_wqattrs_prepare+0x5f/0x630 [ 84.265292][ T3156] apply_wqattrs_prepare+0xbe/0x630 [ 84.270479][ T3156] ? vsnprintf+0xe8f/0xed0 [ 84.274914][ T3156] apply_workqueue_attrs+0x9e/0x100 [ 84.280132][ T3156] alloc_workqueue+0x777/0xad0 [ 84.284899][ T3156] ? preempt_count_add+0x4e/0x90 [ 84.289871][ T3156] ? _raw_spin_unlock+0x2e/0x50 [ 84.294774][ T3156] ? bd_prepare_to_claim+0x1ac/0x200 [ 84.300101][ T3156] loop_configure+0x70e/0xf30 [ 84.304764][ T3156] lo_ioctl+0x583/0x1270 [ 84.309010][ T3156] ? __rcu_read_unlock+0x5c/0x290 [ 84.314027][ T3156] ? blkdev_common_ioctl+0x438/0x1180 [ 84.319382][ T3156] ? selinux_file_ioctl+0x522/0x590 [ 84.324564][ T3156] ? do_vfs_ioctl+0x819/0x14a0 [ 84.329353][ T3156] ? lo_release+0x120/0x120 [ 84.333882][ T3156] blkdev_ioctl+0x20e/0x440 [ 84.338374][ T3156] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 84.343851][ T3156] __se_sys_ioctl+0xcb/0x140 [ 84.348440][ T3156] __x64_sys_ioctl+0x3f/0x50 [ 84.353016][ T3156] do_syscall_64+0x44/0xd0 [ 84.357443][ T3156] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.363392][ T3156] RIP: 0033:0x7fbd63e3bc57 [ 84.367876][ T3156] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 84.387500][ T3156] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 84.395912][ T3156] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 84.403911][ T3156] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:31 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 10) [ 84.411866][ T3156] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 84.419963][ T3156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 84.428091][ T3156] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 84.436141][ T3156] [ 84.445630][ T3155] loop1: detected capacity change from 0 to 1024 [ 84.458069][ T3158] FAULT_INJECTION: forcing a failure. [ 84.458069][ T3158] name failslab, interval 1, probability 0, space 0, times 0 [ 84.470720][ T3158] CPU: 1 PID: 3158 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 84.479397][ T3158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.489462][ T3158] Call Trace: [ 84.492789][ T3158] [ 84.495717][ T3158] dump_stack_lvl+0xd6/0x122 [ 84.500388][ T3158] dump_stack+0x11/0x1b [ 84.504590][ T3158] should_fail+0x23c/0x250 [ 84.509085][ T3158] ? __alloc_file+0x2e/0x1a0 [ 84.513678][ T3158] __should_failslab+0x81/0x90 [ 84.518530][ T3158] should_failslab+0x5/0x20 [ 84.523118][ T3158] kmem_cache_alloc+0x4f/0x320 [ 84.527885][ T3158] __alloc_file+0x2e/0x1a0 [ 84.532288][ T3158] alloc_empty_file+0xcd/0x1c0 [ 84.537170][ T3158] path_openat+0x6a/0x1eb0 [ 84.541590][ T3158] ? avc_has_perm_noaudit+0x1c0/0x270 [ 84.546973][ T3158] ? avc_has_perm+0x70/0x160 [ 84.551607][ T3158] ? avc_has_perm+0xd5/0x160 [ 84.556182][ T3158] do_filp_open+0x105/0x220 [ 84.560677][ T3158] do_sys_openat2+0xb5/0x2b0 [ 84.565311][ T3158] __x64_sys_openat+0xef/0x110 [ 84.570161][ T3158] do_syscall_64+0x44/0xd0 [ 84.574564][ T3158] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.580447][ T3158] RIP: 0033:0x7fbc8e890db4 [ 84.584850][ T3158] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 14:57:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 84.604564][ T3158] RSP: 002b:00007fbc8da53eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 84.613129][ T3158] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e890db4 [ 84.621680][ T3158] RDX: 0000000000000002 RSI: 00007fbc8da53fe0 RDI: 00000000ffffff9c [ 84.629905][ T3158] RBP: 00007fbc8da53fe0 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 84.637884][ T3158] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 84.645928][ T3158] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 84.653888][ T3158] 14:57:31 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 17) 14:57:31 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 84.664013][ T3155] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 84.672874][ T3160] loop5: detected capacity change from 0 to 4 [ 84.687560][ T3163] FAULT_INJECTION: forcing a failure. [ 84.687560][ T3163] name failslab, interval 1, probability 0, space 0, times 0 [ 84.700230][ T3163] CPU: 1 PID: 3163 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 84.708999][ T3163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.719052][ T3163] Call Trace: [ 84.722323][ T3163] [ 84.725247][ T3163] dump_stack_lvl+0xd6/0x122 [ 84.729835][ T3163] dump_stack+0x11/0x1b [ 84.734064][ T3163] should_fail+0x23c/0x250 [ 84.738471][ T3163] __should_failslab+0x81/0x90 [ 84.743257][ T3163] should_failslab+0x5/0x20 [ 84.747750][ T3163] kmem_cache_alloc_node+0x61/0x2d0 [ 84.753076][ T3163] ? should_fail+0xd6/0x250 [ 84.757586][ T3163] ? should_fail+0xd6/0x250 [ 84.762170][ T3163] ? alloc_unbound_pwq+0x3e6/0x780 [ 84.767345][ T3163] alloc_unbound_pwq+0x3e6/0x780 [ 84.772418][ T3163] apply_wqattrs_prepare+0x1ed/0x630 [ 84.777778][ T3163] ? vsnprintf+0xe8f/0xed0 [ 84.782245][ T3163] apply_workqueue_attrs+0x9e/0x100 [ 84.787439][ T3163] alloc_workqueue+0x777/0xad0 [ 84.792198][ T3163] ? preempt_count_add+0x4e/0x90 [ 84.797185][ T3163] ? _raw_spin_unlock+0x2e/0x50 [ 84.802028][ T3163] ? bd_prepare_to_claim+0x1ac/0x200 [ 84.807332][ T3163] loop_configure+0x70e/0xf30 [ 84.812000][ T3163] lo_ioctl+0x583/0x1270 [ 84.816228][ T3163] ? __rcu_read_unlock+0x5c/0x290 [ 84.821288][ T3163] ? blkdev_common_ioctl+0x438/0x1180 [ 84.826698][ T3163] ? selinux_file_ioctl+0x522/0x590 [ 84.832003][ T3163] ? do_vfs_ioctl+0x819/0x14a0 [ 84.836763][ T3163] ? lo_release+0x120/0x120 [ 84.841332][ T3163] blkdev_ioctl+0x20e/0x440 [ 84.845837][ T3163] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 84.851360][ T3163] __se_sys_ioctl+0xcb/0x140 [ 84.855994][ T3163] __x64_sys_ioctl+0x3f/0x50 [ 84.860573][ T3163] do_syscall_64+0x44/0xd0 [ 84.864983][ T3163] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.870865][ T3163] RIP: 0033:0x7fbd63e3bc57 [ 84.875267][ T3163] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 84.895002][ T3163] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 84.903405][ T3163] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 14:57:32 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:32 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="850000000700000025000000000000089500000000000000cf86f547728f7fd62efec9bc7cba134e7b06d8491b28add6577ed004c59d08f9b1e2f65227d090dbf4dcadf4621c26a97457f3946534d529cf85b5147994172bd56b70f9d115e02475115a3ca275306ec69f21a56631306d7188b9aec032188fe6f6aa75fb6f496624df0ea8c77f2b16173aa4c24644f41a6626f3d7655440e1f0d20e2c5e984756e32bb6fabebc06fcf98097dc4e20e8f6683d4520e141051e8da5e74a0072b6d49ac9efc03f18ab0c92eb849f267e9a88a45d685136bd33b0e3f8400b33b4a1b67ad3ed6c4b161acbb872296c3b0f05b4f1490c6d0cc64454e5a0bea54af3fc6c49f1bc63ae54e0d82f1704d9ffc1545dc37736513e9d412c4a73482241335e3aeb03749826c3e648599a413b46ba3df5dad48836e55d9bc34bf630d3f43a5da5963d53f2527b9e0df2e522f4622118f4648979b50fb8253a96b393bfe9d735e234d7cdea2a779201cb3e433519b436a99c7c818e0e3fa984f3c89b9ca12ae9458ef2e116f7270de1edad3392c3c622708845ea6e69f6f4a20d7e18db74093919325cc95a4d48727939bff66469201b626b55aac478d06f5e8c54eff0d6011ead14a1ec6078f5de980a3456ff1a31d5984422b21ecc4442ccf4e7a2d478ec8a3de4c9e57ebedbbf568843d001e8ae464ce8bd9faea0dfc6fe437f568ddb8df52559c087eb4e0a4bc81b1363d99d5072795d3209e87cf316588994a5ad04dee870ea9f2437860b9140cee7efe0bfb2220f0b571638765ee1f030f973a2b57fdb64c990500f731b7332b4fba5298c845f99f055c784f7f226fcfbf92db65797e6d9c6079f22936a2f48a5e747772ee0718a7f6a61b006a49debdb1e9afc3f9392ff7d41ffbf7ee5eb488c1de1d7abd153ce81db970b4915c6fccbd6eb11328f6d96a59a254f117933bc6340eee771f79f90a5c851c40acc125ac6acd682ac8ef6f393e5a69d034c5b6ebaffca972231f831685ea7eeb2aaa64e0004070bcbb91e545103e6a47180ad68113873ae89560e8241b8e09ffec1dfd566822d495ab4bc2c9a2f16463b80c4c55d3fcdd47ba6478f10a59dae536dce86e97aa8ab91b3314122ceca33988a79de3a7355d063882a917a09c1b3c7d0eef9515d9fcde7582d3978062581368c4073ca0caaa18fb232bb946abdd00de773ed973010b00d43fc4b5263e45f81fd6ebc632f22dad4c75207d7d701a428e7d60a726c8c8528fe6920e8fa5132fb9ef1d0d31edabf947c19480cc44b9e01be1370dcd6fc05327f545bd753ee5b021c76388ff0ac9b072486d654d11c3d2c3be4cf9a50ceb519e95a43a3903bbb2720f73b767a653759ca2ac302d423bd89ab641040ee3200000000d030b25fa0a68d5e732afae80a09801688f8e121dfacd0abb572280230b47f1dc1be0b152a6b5a2a652617026fb8ec66fd0f640168a90d0a440699a88b5d59bd96e2c5a8c67a15f27722695d548f0b900344b36433d7cb88878946500731f8df6ccf9ec2ed12e5e278228f75fcca5381919aef126834c2b53e17635321738f44ece50dc61fb3"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r2 = dup3(r0, r0, 0x80000) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4, 0x8f, 0x2, 0x1, 0x0, 0x6c, 0x72244, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x7, 0x5}, 0x0, 0x5, 0x93, 0x1, 0x3, 0x1, 0x7, 0x0, 0x6, 0x0, 0x100}, 0x0, 0x0, r2, 0xa) r3 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000080)) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4}}]}}]}, 0x44}}, 0x0) 14:57:32 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 11) [ 84.911372][ T3163] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 84.919405][ T3163] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 84.927368][ T3163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 84.935362][ T3163] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 84.943327][ T3163] [ 84.969669][ T3168] FAULT_INJECTION: forcing a failure. [ 84.969669][ T3168] name failslab, interval 1, probability 0, space 0, times 0 [ 84.982379][ T3168] CPU: 1 PID: 3168 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 84.991118][ T3168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.001427][ T3168] Call Trace: [ 85.004754][ T3168] [ 85.007677][ T3168] dump_stack_lvl+0xd6/0x122 [ 85.012265][ T3168] dump_stack+0x11/0x1b [ 85.016483][ T3168] should_fail+0x23c/0x250 [ 85.020971][ T3168] ? security_file_alloc+0x30/0x190 [ 85.026173][ T3168] __should_failslab+0x81/0x90 [ 85.030926][ T3168] should_failslab+0x5/0x20 [ 85.035579][ T3168] kmem_cache_alloc+0x4f/0x320 [ 85.040335][ T3168] security_file_alloc+0x30/0x190 [ 85.045419][ T3168] __alloc_file+0x83/0x1a0 [ 85.049822][ T3168] alloc_empty_file+0xcd/0x1c0 [ 85.054611][ T3168] path_openat+0x6a/0x1eb0 [ 85.059014][ T3168] ? avc_has_perm_noaudit+0x1c0/0x270 [ 85.064451][ T3168] ? avc_has_perm+0x70/0x160 [ 85.069030][ T3168] ? avc_has_perm+0xd5/0x160 [ 85.073656][ T3168] do_filp_open+0x105/0x220 [ 85.078229][ T3168] do_sys_openat2+0xb5/0x2b0 [ 85.082851][ T3168] __x64_sys_openat+0xef/0x110 [ 85.087663][ T3168] do_syscall_64+0x44/0xd0 [ 85.092068][ T3168] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 85.097981][ T3168] RIP: 0033:0x7fbc8e890db4 [ 85.102435][ T3168] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 85.122029][ T3168] RSP: 002b:00007fbc8da53eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 85.130435][ T3168] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e890db4 [ 85.138394][ T3168] RDX: 0000000000000002 RSI: 00007fbc8da53fe0 RDI: 00000000ffffff9c [ 85.146363][ T3168] RBP: 00007fbc8da53fe0 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 85.154443][ T3168] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 85.162458][ T3168] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:57:32 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:32 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 18) 14:57:32 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:32 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 12) [ 85.170431][ T3168] [ 85.176502][ T3160] EXT4-fs (loop5): unsupported descriptor size 0 [ 85.187739][ T24] audit: type=1400 audit(1639666652.413:156): avc: denied { create } for pid=3169 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 85.208005][ T3173] FAULT_INJECTION: forcing a failure. [ 85.208005][ T3173] name failslab, interval 1, probability 0, space 0, times 0 [ 85.220630][ T3173] CPU: 1 PID: 3173 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 85.229137][ T3176] FAULT_INJECTION: forcing a failure. [ 85.229137][ T3176] name failslab, interval 1, probability 0, space 0, times 0 [ 85.229448][ T3173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.252114][ T3173] Call Trace: [ 85.255382][ T3173] [ 85.258300][ T3173] dump_stack_lvl+0xd6/0x122 [ 85.262988][ T3173] dump_stack+0x11/0x1b [ 85.267213][ T3173] should_fail+0x23c/0x250 [ 85.271618][ T3173] ? kobject_uevent_env+0x1a7/0xc40 [ 85.276850][ T3173] __should_failslab+0x81/0x90 [ 85.281672][ T3173] should_failslab+0x5/0x20 [ 85.286240][ T3173] kmem_cache_alloc_trace+0x52/0x350 [ 85.291584][ T3173] ? pwq_adjust_max_active+0x4c5/0x4e0 [ 85.297099][ T3173] ? dev_uevent_filter+0x70/0x70 [ 85.302020][ T3173] kobject_uevent_env+0x1a7/0xc40 [ 85.307094][ T3173] ? preempt_count_add+0x4e/0x90 [ 85.312044][ T3173] ? _raw_spin_unlock+0x2e/0x50 [ 85.316960][ T3173] ? bd_prepare_to_claim+0x1ac/0x200 [ 85.322296][ T3173] disk_force_media_change+0xe3/0x170 [ 85.327828][ T3173] loop_configure+0x74d/0xf30 [ 85.332522][ T3173] lo_ioctl+0x583/0x1270 [ 85.336744][ T3173] ? __rcu_read_unlock+0x5c/0x290 [ 85.341803][ T3173] ? blkdev_common_ioctl+0x438/0x1180 [ 85.347158][ T3173] ? selinux_file_ioctl+0x522/0x590 [ 85.352338][ T3173] ? do_vfs_ioctl+0x819/0x14a0 [ 85.357098][ T3173] ? lo_release+0x120/0x120 [ 85.361628][ T3173] blkdev_ioctl+0x20e/0x440 [ 85.366116][ T3173] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 85.371618][ T3173] __se_sys_ioctl+0xcb/0x140 [ 85.376587][ T3173] __x64_sys_ioctl+0x3f/0x50 [ 85.381201][ T3173] do_syscall_64+0x44/0xd0 [ 85.385616][ T3173] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 85.391542][ T3173] RIP: 0033:0x7fbd63e3bc57 [ 85.396003][ T3173] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 85.415618][ T3173] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.424100][ T3173] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 85.432097][ T3173] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 85.440109][ T3173] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 85.448105][ T3173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 85.456056][ T3173] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 85.464099][ T3173] [ 85.467100][ T3176] CPU: 0 PID: 3176 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 85.475790][ T3176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.476212][ T24] audit: type=1400 audit(1639666652.703:157): avc: denied { bind } for pid=3169 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 85.485988][ T3176] Call Trace: [ 85.485995][ T3176] [ 85.486001][ T3176] dump_stack_lvl+0xd6/0x122 [ 85.486026][ T3176] dump_stack+0x11/0x1b [ 85.486071][ T3176] should_fail+0x23c/0x250 [ 85.486088][ T3176] ? kzalloc+0x16/0x20 [ 85.529142][ T3176] __should_failslab+0x81/0x90 [ 85.533925][ T3176] should_failslab+0x5/0x20 [ 85.538430][ T3176] __kmalloc+0x6f/0x370 [ 85.542562][ T3176] ? iput+0x1cd/0x580 [ 85.546526][ T3176] kzalloc+0x16/0x20 [ 85.550415][ T3176] alloc_workqueue+0x12f/0xad0 [ 85.555178][ T3176] ? __rcu_read_unlock+0x5c/0x290 [ 85.560186][ T3176] ? preempt_count_add+0x4e/0x90 [ 85.565117][ T3176] ? _raw_spin_unlock+0x2e/0x50 [ 85.569943][ T3176] ? bd_prepare_to_claim+0x1ac/0x200 [ 85.575212][ T3176] loop_configure+0x70e/0xf30 [ 85.579941][ T3176] lo_ioctl+0x583/0x1270 [ 85.584171][ T3176] ? __rcu_read_unlock+0x5c/0x290 [ 85.589182][ T3176] ? blkdev_common_ioctl+0x438/0x1180 [ 85.594585][ T3176] ? selinux_file_ioctl+0x522/0x590 [ 85.599764][ T3176] ? do_vfs_ioctl+0x819/0x14a0 [ 85.604529][ T3176] ? lo_release+0x120/0x120 [ 85.609008][ T3176] blkdev_ioctl+0x20e/0x440 [ 85.613504][ T3176] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 85.618941][ T3176] __se_sys_ioctl+0xcb/0x140 [ 85.623517][ T3176] __x64_sys_ioctl+0x3f/0x50 [ 85.628147][ T3176] do_syscall_64+0x44/0xd0 [ 85.632574][ T3176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 85.638664][ T3176] RIP: 0033:0x7fbc8e8ddc57 [ 85.643059][ T3176] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 85.662749][ T3176] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:57:32 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 85.671158][ T3176] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 85.679137][ T3176] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 85.687086][ T3176] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 85.695037][ T3176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 85.702998][ T3176] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 85.711001][ T3176] 14:57:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:32 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="850000000700000025000000000000089500000000000000cf86f547728f7fd62efec9bc7cba134e7b06d8491b28add6577ed004c59d08f9b1e2f65227d090dbf4dcadf4621c26a97457f3946534d529cf85b5147994172bd56b70f9d115e02475115a3ca275306ec69f21a56631306d7188b9aec032188fe6f6aa75fb6f496624df0ea8c77f2b16173aa4c24644f41a6626f3d7655440e1f0d20e2c5e984756e32bb6fabebc06fcf98097dc4e20e8f6683d4520e141051e8da5e74a0072b6d49ac9efc03f18ab0c92eb849f267e9a88a45d685136bd33b0e3f8400b33b4a1b67ad3ed6c4b161acbb872296c3b0f05b4f1490c6d0cc64454e5a0bea54af3fc6c49f1bc63ae54e0d82f1704d9ffc1545dc37736513e9d412c4a73482241335e3aeb03749826c3e648599a413b46ba3df5dad48836e55d9bc34bf630d3f43a5da5963d53f2527b9e0df2e522f4622118f4648979b50fb8253a96b393bfe9d735e234d7cdea2a779201cb3e433519b436a99c7c818e0e3fa984f3c89b9ca12ae9458ef2e116f7270de1edad3392c3c622708845ea6e69f6f4a20d7e18db74093919325cc95a4d48727939bff66469201b626b55aac478d06f5e8c54eff0d6011ead14a1ec6078f5de980a3456ff1a31d5984422b21ecc4442ccf4e7a2d478ec8a3de4c9e57ebedbbf568843d001e8ae464ce8bd9faea0dfc6fe437f568ddb8df52559c087eb4e0a4bc81b1363d99d5072795d3209e87cf316588994a5ad04dee870ea9f2437860b9140cee7efe0bfb2220f0b571638765ee1f030f973a2b57fdb64c990500f731b7332b4fba5298c845f99f055c784f7f226fcfbf92db65797e6d9c6079f22936a2f48a5e747772ee0718a7f6a61b006a49debdb1e9afc3f9392ff7d41ffbf7ee5eb488c1de1d7abd153ce81db970b4915c6fccbd6eb11328f6d96a59a254f117933bc6340eee771f79f90a5c851c40acc125ac6acd682ac8ef6f393e5a69d034c5b6ebaffca972231f831685ea7eeb2aaa64e0004070bcbb91e545103e6a47180ad68113873ae89560e8241b8e09ffec1dfd566822d495ab4bc2c9a2f16463b80c4c55d3fcdd47ba6478f10a59dae536dce86e97aa8ab91b3314122ceca33988a79de3a7355d063882a917a09c1b3c7d0eef9515d9fcde7582d3978062581368c4073ca0caaa18fb232bb946abdd00de773ed973010b00d43fc4b5263e45f81fd6ebc632f22dad4c75207d7d701a428e7d60a726c8c8528fe6920e8fa5132fb9ef1d0d31edabf947c19480cc44b9e01be1370dcd6fc05327f545bd753ee5b021c76388ff0ac9b072486d654d11c3d2c3be4cf9a50ceb519e95a43a3903bbb2720f73b767a653759ca2ac302d423bd89ab641040ee3200000000d030b25fa0a68d5e732afae80a09801688f8e121dfacd0abb572280230b47f1dc1be0b152a6b5a2a652617026fb8ec66fd0f640168a90d0a440699a88b5d59bd96e2c5a8c67a15f27722695d548f0b900344b36433d7cb88878946500731f8df6ccf9ec2ed12e5e278228f75fcca5381919aef126834c2b53e17635321738f44ece50dc61fb3"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async, rerun: 64) r2 = dup3(r0, r0, 0x80000) (rerun: 64) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4, 0x8f, 0x2, 0x1, 0x0, 0x6c, 0x72244, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x7, 0x5}, 0x0, 0x5, 0x93, 0x1, 0x3, 0x1, 0x7, 0x0, 0x6, 0x0, 0x100}, 0x0, 0x0, r2, 0xa) (async) r3 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000080)) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) (async) getsockname$packet(r4, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4}}]}}]}, 0x44}}, 0x0) 14:57:32 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 19) 14:57:33 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 13) [ 85.736188][ T3178] loop1: detected capacity change from 0 to 1024 [ 85.757588][ T3180] loop5: detected capacity change from 0 to 4 [ 85.764002][ T3178] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 85.778207][ T3180] EXT4-fs (loop5): unsupported descriptor size 0 [ 85.790529][ T3187] FAULT_INJECTION: forcing a failure. [ 85.790529][ T3187] name failslab, interval 1, probability 0, space 0, times 0 [ 85.795638][ T3189] FAULT_INJECTION: forcing a failure. [ 85.795638][ T3189] name failslab, interval 1, probability 0, space 0, times 0 [ 85.803244][ T3187] CPU: 0 PID: 3187 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 85.803269][ T3187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.834876][ T3187] Call Trace: [ 85.838141][ T3187] [ 85.841058][ T3187] dump_stack_lvl+0xd6/0x122 [ 85.845645][ T3187] dump_stack+0x11/0x1b [ 85.849784][ T3187] should_fail+0x23c/0x250 [ 85.854187][ T3187] ? kobject_uevent_env+0x1a7/0xc40 [ 85.859380][ T3187] __should_failslab+0x81/0x90 [ 85.864129][ T3187] should_failslab+0x5/0x20 [ 85.868696][ T3187] kmem_cache_alloc_trace+0x52/0x350 [ 85.874096][ T3187] ? pwq_adjust_max_active+0x4c5/0x4e0 [ 85.879610][ T3187] ? dev_uevent_filter+0x70/0x70 [ 85.884531][ T3187] kobject_uevent_env+0x1a7/0xc40 [ 85.889551][ T3187] ? preempt_count_add+0x4e/0x90 [ 85.894474][ T3187] ? _raw_spin_unlock+0x2e/0x50 [ 85.899340][ T3187] ? bd_prepare_to_claim+0x1ac/0x200 [ 85.904633][ T3187] disk_force_media_change+0xe3/0x170 [ 85.910026][ T3187] loop_configure+0x74d/0xf30 [ 85.914693][ T3187] lo_ioctl+0x583/0x1270 [ 85.918925][ T3187] ? __rcu_read_unlock+0x5c/0x290 [ 85.923946][ T3187] ? blkdev_common_ioctl+0x438/0x1180 [ 85.929308][ T3187] ? selinux_file_ioctl+0x522/0x590 [ 85.934574][ T3187] ? do_vfs_ioctl+0x819/0x14a0 [ 85.939394][ T3187] ? lo_release+0x120/0x120 [ 85.943992][ T3187] blkdev_ioctl+0x20e/0x440 [ 85.948480][ T3187] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 85.954014][ T3187] __se_sys_ioctl+0xcb/0x140 [ 85.958591][ T3187] __x64_sys_ioctl+0x3f/0x50 [ 85.963183][ T3187] do_syscall_64+0x44/0xd0 [ 85.967584][ T3187] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 85.973463][ T3187] RIP: 0033:0x7fbd63e3bc57 [ 85.977862][ T3187] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 85.997473][ T3187] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.005889][ T3187] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 86.013840][ T3187] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 86.021849][ T3187] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 86.029865][ T3187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:57:33 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 86.037888][ T3187] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 86.045905][ T3187] [ 86.048902][ T3189] CPU: 1 PID: 3189 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 86.057672][ T3189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.067721][ T3189] Call Trace: [ 86.070994][ T3189] [ 86.073910][ T3189] dump_stack_lvl+0xd6/0x122 [ 86.078504][ T3189] dump_stack+0x11/0x1b [ 86.082682][ T3189] should_fail+0x23c/0x250 [ 86.087078][ T3189] ? alloc_workqueue+0x15d/0xad0 [ 86.092046][ T3189] __should_failslab+0x81/0x90 [ 86.096798][ T3189] should_failslab+0x5/0x20 [ 86.101302][ T3189] kmem_cache_alloc_trace+0x52/0x350 [ 86.106579][ T3189] ? kzalloc+0x16/0x20 [ 86.110659][ T3189] alloc_workqueue+0x15d/0xad0 [ 86.115444][ T3189] ? __rcu_read_unlock+0x5c/0x290 [ 86.120630][ T3189] ? preempt_count_add+0x4e/0x90 [ 86.125574][ T3189] ? _raw_spin_unlock+0x2e/0x50 [ 86.130403][ T3189] ? bd_prepare_to_claim+0x1ac/0x200 [ 86.135674][ T3189] loop_configure+0x70e/0xf30 [ 86.140338][ T3189] lo_ioctl+0x583/0x1270 [ 86.144569][ T3189] ? __rcu_read_unlock+0x5c/0x290 [ 86.149692][ T3189] ? blkdev_common_ioctl+0x438/0x1180 [ 86.155065][ T3189] ? selinux_file_ioctl+0x522/0x590 [ 86.160440][ T3189] ? do_vfs_ioctl+0x819/0x14a0 [ 86.165272][ T3189] ? lo_release+0x120/0x120 [ 86.169826][ T3189] blkdev_ioctl+0x20e/0x440 [ 86.174323][ T3189] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 86.179764][ T3189] __se_sys_ioctl+0xcb/0x140 [ 86.184413][ T3189] __x64_sys_ioctl+0x3f/0x50 [ 86.189008][ T3189] do_syscall_64+0x44/0xd0 [ 86.193421][ T3189] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 86.199297][ T3189] RIP: 0033:0x7fbc8e8ddc57 [ 86.203689][ T3189] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 86.223276][ T3189] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.231689][ T3189] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 14:57:33 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="850000000700000025000000000000089500000000000000cf86f547728f7fd62efec9bc7cba134e7b06d8491b28add6577ed004c59d08f9b1e2f65227d090dbf4dcadf4621c26a97457f3946534d529cf85b5147994172bd56b70f9d115e02475115a3ca275306ec69f21a56631306d7188b9aec032188fe6f6aa75fb6f496624df0ea8c77f2b16173aa4c24644f41a6626f3d7655440e1f0d20e2c5e984756e32bb6fabebc06fcf98097dc4e20e8f6683d4520e141051e8da5e74a0072b6d49ac9efc03f18ab0c92eb849f267e9a88a45d685136bd33b0e3f8400b33b4a1b67ad3ed6c4b161acbb872296c3b0f05b4f1490c6d0cc64454e5a0bea54af3fc6c49f1bc63ae54e0d82f1704d9ffc1545dc37736513e9d412c4a73482241335e3aeb03749826c3e648599a413b46ba3df5dad48836e55d9bc34bf630d3f43a5da5963d53f2527b9e0df2e522f4622118f4648979b50fb8253a96b393bfe9d735e234d7cdea2a779201cb3e433519b436a99c7c818e0e3fa984f3c89b9ca12ae9458ef2e116f7270de1edad3392c3c622708845ea6e69f6f4a20d7e18db74093919325cc95a4d48727939bff66469201b626b55aac478d06f5e8c54eff0d6011ead14a1ec6078f5de980a3456ff1a31d5984422b21ecc4442ccf4e7a2d478ec8a3de4c9e57ebedbbf568843d001e8ae464ce8bd9faea0dfc6fe437f568ddb8df52559c087eb4e0a4bc81b1363d99d5072795d3209e87cf316588994a5ad04dee870ea9f2437860b9140cee7efe0bfb2220f0b571638765ee1f030f973a2b57fdb64c990500f731b7332b4fba5298c845f99f055c784f7f226fcfbf92db65797e6d9c6079f22936a2f48a5e747772ee0718a7f6a61b006a49debdb1e9afc3f9392ff7d41ffbf7ee5eb488c1de1d7abd153ce81db970b4915c6fccbd6eb11328f6d96a59a254f117933bc6340eee771f79f90a5c851c40acc125ac6acd682ac8ef6f393e5a69d034c5b6ebaffca972231f831685ea7eeb2aaa64e0004070bcbb91e545103e6a47180ad68113873ae89560e8241b8e09ffec1dfd566822d495ab4bc2c9a2f16463b80c4c55d3fcdd47ba6478f10a59dae536dce86e97aa8ab91b3314122ceca33988a79de3a7355d063882a917a09c1b3c7d0eef9515d9fcde7582d3978062581368c4073ca0caaa18fb232bb946abdd00de773ed973010b00d43fc4b5263e45f81fd6ebc632f22dad4c75207d7d701a428e7d60a726c8c8528fe6920e8fa5132fb9ef1d0d31edabf947c19480cc44b9e01be1370dcd6fc05327f545bd753ee5b021c76388ff0ac9b072486d654d11c3d2c3be4cf9a50ceb519e95a43a3903bbb2720f73b767a653759ca2ac302d423bd89ab641040ee3200000000d030b25fa0a68d5e732afae80a09801688f8e121dfacd0abb572280230b47f1dc1be0b152a6b5a2a652617026fb8ec66fd0f640168a90d0a440699a88b5d59bd96e2c5a8c67a15f27722695d548f0b900344b36433d7cb88878946500731f8df6ccf9ec2ed12e5e278228f75fcca5381919aef126834c2b53e17635321738f44ece50dc61fb3"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async) r2 = dup3(r0, r0, 0x80000) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4, 0x8f, 0x2, 0x1, 0x0, 0x6c, 0x72244, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x7, 0x5}, 0x0, 0x5, 0x93, 0x1, 0x3, 0x1, 0x7, 0x0, 0x6, 0x0, 0x100}, 0x0, 0x0, r2, 0xa) (async) r3 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000080)) (async) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) (async) getsockname$packet(r4, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4}}]}}]}, 0x44}}, 0x0) 14:57:33 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 14) 14:57:33 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 20) 14:57:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55", 0x1c, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 86.239731][ T3189] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 86.247732][ T3189] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 86.255726][ T3189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 86.263700][ T3189] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 86.271717][ T3189] [ 86.276090][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.315076][ T3196] FAULT_INJECTION: forcing a failure. [ 86.315076][ T3196] name failslab, interval 1, probability 0, space 0, times 0 [ 86.327746][ T3196] CPU: 1 PID: 3196 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 86.336415][ T3196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.346452][ T3196] Call Trace: [ 86.349715][ T3196] [ 86.352638][ T3196] dump_stack_lvl+0xd6/0x122 [ 86.357221][ T3196] dump_stack+0x11/0x1b [ 86.361366][ T3196] should_fail+0x23c/0x250 [ 86.365768][ T3196] ? kzalloc+0x16/0x20 [ 86.369820][ T3196] __should_failslab+0x81/0x90 [ 86.374571][ T3196] should_failslab+0x5/0x20 [ 86.379091][ T3196] __kmalloc+0x6f/0x370 [ 86.383231][ T3196] ? number+0xa13/0xb60 [ 86.387371][ T3196] kzalloc+0x16/0x20 [ 86.391251][ T3196] apply_wqattrs_prepare+0x3a/0x630 [ 86.396464][ T3196] ? vsnprintf+0xe8f/0xed0 [ 86.400867][ T3196] apply_workqueue_attrs+0x9e/0x100 [ 86.406049][ T3196] alloc_workqueue+0x777/0xad0 [ 86.410861][ T3196] ? preempt_count_add+0x4e/0x90 [ 86.415848][ T3196] ? _raw_spin_unlock+0x2e/0x50 [ 86.420734][ T3196] ? bd_prepare_to_claim+0x1ac/0x200 [ 86.426010][ T3196] loop_configure+0x70e/0xf30 [ 86.430676][ T3196] lo_ioctl+0x583/0x1270 [ 86.434900][ T3196] ? __rcu_read_unlock+0x5c/0x290 [ 86.439962][ T3196] ? blkdev_common_ioctl+0x438/0x1180 [ 86.445321][ T3196] ? selinux_file_ioctl+0x522/0x590 [ 86.450507][ T3196] ? do_vfs_ioctl+0x819/0x14a0 [ 86.455343][ T3196] ? lo_release+0x120/0x120 [ 86.459830][ T3196] blkdev_ioctl+0x20e/0x440 [ 86.464320][ T3196] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 86.469794][ T3196] __se_sys_ioctl+0xcb/0x140 [ 86.474412][ T3196] __x64_sys_ioctl+0x3f/0x50 [ 86.478993][ T3196] do_syscall_64+0x44/0xd0 [ 86.483398][ T3196] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 86.489338][ T3196] RIP: 0033:0x7fbc8e8ddc57 [ 86.493816][ T3196] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:33 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 86.513405][ T3196] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.521906][ T3196] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 86.529860][ T3196] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 86.537814][ T3196] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 86.545927][ T3196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 86.553936][ T3196] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 86.561894][ T3196] 14:57:33 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:33 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 15) [ 86.579484][ T3200] FAULT_INJECTION: forcing a failure. [ 86.579484][ T3200] name failslab, interval 1, probability 0, space 0, times 0 [ 86.592230][ T3200] CPU: 1 PID: 3200 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 86.600923][ T3200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.610971][ T3200] Call Trace: [ 86.614240][ T3200] [ 86.617105][ T3207] FAULT_INJECTION: forcing a failure. [ 86.617105][ T3207] name failslab, interval 1, probability 0, space 0, times 0 [ 86.617162][ T3200] dump_stack_lvl+0xd6/0x122 [ 86.634292][ T3200] dump_stack+0x11/0x1b [ 86.638440][ T3200] should_fail+0x23c/0x250 [ 86.642848][ T3200] __should_failslab+0x81/0x90 [ 86.647676][ T3200] should_failslab+0x5/0x20 [ 86.652170][ T3200] kmem_cache_alloc_node+0x61/0x2d0 [ 86.657357][ T3200] ? __alloc_skb+0xf0/0x450 [ 86.661915][ T3200] __alloc_skb+0xf0/0x450 [ 86.666276][ T3200] alloc_uevent_skb+0x5b/0x120 [ 86.671027][ T3200] kobject_uevent_env+0x863/0xc40 [ 86.676041][ T3200] ? preempt_count_add+0x4e/0x90 [ 86.681012][ T3200] ? _raw_spin_unlock+0x2e/0x50 [ 86.685850][ T3200] ? bd_prepare_to_claim+0x1ac/0x200 [ 86.691228][ T3200] disk_force_media_change+0xe3/0x170 [ 86.696594][ T3200] loop_configure+0x74d/0xf30 [ 86.701318][ T3200] lo_ioctl+0x583/0x1270 [ 86.705559][ T3200] ? __rcu_read_unlock+0x5c/0x290 [ 86.710572][ T3200] ? blkdev_common_ioctl+0x438/0x1180 [ 86.715938][ T3200] ? selinux_file_ioctl+0x522/0x590 [ 86.721134][ T3200] ? do_vfs_ioctl+0x819/0x14a0 [ 86.725885][ T3200] ? lo_release+0x120/0x120 [ 86.730371][ T3200] blkdev_ioctl+0x20e/0x440 [ 86.734916][ T3200] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 86.740387][ T3200] __se_sys_ioctl+0xcb/0x140 [ 86.745014][ T3200] __x64_sys_ioctl+0x3f/0x50 [ 86.749721][ T3200] do_syscall_64+0x44/0xd0 [ 86.754124][ T3200] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 86.760243][ T3200] RIP: 0033:0x7fbd63e3bc57 [ 86.764676][ T3200] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 86.784295][ T3200] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.792769][ T3200] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 86.800726][ T3200] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 86.808685][ T3200] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 86.816645][ T3200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 86.824604][ T3200] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 86.832612][ T3200] [ 86.835650][ T3207] CPU: 0 PID: 3207 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 86.841707][ T3199] loop1: detected capacity change from 0 to 1024 [ 86.844513][ T3207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.844525][ T3207] Call Trace: [ 86.844531][ T3207] [ 86.844538][ T3207] dump_stack_lvl+0xd6/0x122 [ 86.853697][ T3199] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 86.861493][ T3207] dump_stack+0x11/0x1b [ 86.861517][ T3207] should_fail+0x23c/0x250 [ 86.861536][ T3207] ? apply_wqattrs_prepare+0x5f/0x630 [ 86.861560][ T3207] __should_failslab+0x81/0x90 [ 86.865547][ T3202] loop5: detected capacity change from 0 to 4 [ 86.867837][ T3207] should_failslab+0x5/0x20 [ 86.874112][ T3202] EXT4-fs (loop5): unsupported descriptor size 0 [ 86.882825][ T3207] kmem_cache_alloc_trace+0x52/0x350 [ 86.882854][ T3207] ? kzalloc+0x16/0x20 [ 86.882875][ T3207] apply_wqattrs_prepare+0x5f/0x630 [ 86.932784][ T3207] ? vsnprintf+0xe8f/0xed0 [ 86.937205][ T3207] apply_workqueue_attrs+0x9e/0x100 [ 86.942594][ T3207] alloc_workqueue+0x777/0xad0 [ 86.947345][ T3207] ? preempt_count_add+0x4e/0x90 [ 86.952334][ T3207] ? _raw_spin_unlock+0x2e/0x50 [ 86.957207][ T3207] ? bd_prepare_to_claim+0x1ac/0x200 [ 86.962471][ T3207] loop_configure+0x70e/0xf30 [ 86.967151][ T3207] lo_ioctl+0x583/0x1270 [ 86.971371][ T3207] ? __rcu_read_unlock+0x5c/0x290 [ 86.976477][ T3207] ? blkdev_common_ioctl+0x438/0x1180 [ 86.981925][ T3207] ? selinux_file_ioctl+0x522/0x590 [ 86.987177][ T3207] ? do_vfs_ioctl+0x819/0x14a0 [ 86.991929][ T3207] ? lo_release+0x120/0x120 [ 86.996422][ T3207] blkdev_ioctl+0x20e/0x440 [ 87.000912][ T3207] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 87.006364][ T3207] __se_sys_ioctl+0xcb/0x140 [ 87.011002][ T3207] __x64_sys_ioctl+0x3f/0x50 [ 87.015642][ T3207] do_syscall_64+0x44/0xd0 [ 87.020064][ T3207] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.025956][ T3207] RIP: 0033:0x7fbc8e8ddc57 [ 87.030362][ T3207] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 87.050013][ T3207] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.058451][ T3207] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 87.066403][ T3207] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:34 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 16) 14:57:34 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 21) [ 87.074353][ T3207] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 87.082369][ T3207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 87.090338][ T3207] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 87.098295][ T3207] [ 87.126917][ T3209] FAULT_INJECTION: forcing a failure. [ 87.126917][ T3209] name failslab, interval 1, probability 0, space 0, times 0 [ 87.139667][ T3209] CPU: 0 PID: 3209 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 87.148339][ T3209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.158424][ T3209] Call Trace: [ 87.161686][ T3209] [ 87.164677][ T3209] dump_stack_lvl+0xd6/0x122 [ 87.169291][ T3209] dump_stack+0x11/0x1b [ 87.173472][ T3209] should_fail+0x23c/0x250 [ 87.177944][ T3209] ? apply_wqattrs_prepare+0xbe/0x630 [ 87.183373][ T3209] __should_failslab+0x81/0x90 [ 87.188177][ T3209] should_failslab+0x5/0x20 [ 87.192674][ T3209] kmem_cache_alloc_trace+0x52/0x350 [ 87.197943][ T3209] ? apply_wqattrs_prepare+0x5f/0x630 [ 87.203333][ T3209] apply_wqattrs_prepare+0xbe/0x630 [ 87.208615][ T3209] ? vsnprintf+0xe8f/0xed0 [ 87.213121][ T3209] apply_workqueue_attrs+0x9e/0x100 [ 87.218357][ T3209] alloc_workqueue+0x777/0xad0 [ 87.223152][ T3209] ? preempt_count_add+0x4e/0x90 [ 87.228076][ T3209] ? _raw_spin_unlock+0x2e/0x50 [ 87.232911][ T3209] ? bd_prepare_to_claim+0x1ac/0x200 [ 87.238201][ T3209] loop_configure+0x70e/0xf30 [ 87.242865][ T3209] lo_ioctl+0x583/0x1270 [ 87.247111][ T3209] ? __rcu_read_unlock+0x5c/0x290 [ 87.252127][ T3209] ? blkdev_common_ioctl+0x438/0x1180 [ 87.257650][ T3209] ? selinux_file_ioctl+0x522/0x590 [ 87.262837][ T3209] ? do_vfs_ioctl+0x819/0x14a0 [ 87.267712][ T3209] ? lo_release+0x120/0x120 [ 87.272220][ T3209] blkdev_ioctl+0x20e/0x440 [ 87.276791][ T3209] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 87.282233][ T3209] __se_sys_ioctl+0xcb/0x140 [ 87.286885][ T3209] __x64_sys_ioctl+0x3f/0x50 [ 87.291568][ T3209] do_syscall_64+0x44/0xd0 [ 87.295969][ T3209] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.301921][ T3209] RIP: 0033:0x7fbc8e8ddc57 [ 87.306319][ T3209] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 87.326073][ T3209] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.334591][ T3209] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 87.342776][ T3209] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 87.350730][ T3209] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 87.358685][ T3209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 87.366661][ T3209] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 87.374643][ T3209] [ 87.378000][ T3212] FAULT_INJECTION: forcing a failure. [ 87.378000][ T3212] name failslab, interval 1, probability 0, space 0, times 0 [ 87.380799][ T1906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.390623][ T3212] CPU: 0 PID: 3212 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 87.407307][ T3212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.416305][ T3215] FAULT_INJECTION: forcing a failure. [ 87.416305][ T3215] name failslab, interval 1, probability 0, space 0, times 0 [ 87.417354][ T3212] Call Trace: [ 87.417362][ T3212] [ 87.417368][ T3212] dump_stack_lvl+0xd6/0x122 [ 87.440673][ T3212] dump_stack+0x11/0x1b [ 87.444817][ T3212] should_fail+0x23c/0x250 [ 87.449218][ T3212] __should_failslab+0x81/0x90 [ 87.453990][ T3212] should_failslab+0x5/0x20 [ 87.458481][ T3212] kmem_cache_alloc_node_trace+0x61/0x310 [ 87.464335][ T3212] ? __kmalloc_node_track_caller+0x30/0x40 [ 87.470126][ T3212] __kmalloc_node_track_caller+0x30/0x40 [ 87.475765][ T3212] ? alloc_uevent_skb+0x5b/0x120 [ 87.480704][ T3212] __alloc_skb+0x19d/0x450 [ 87.485108][ T3212] alloc_uevent_skb+0x5b/0x120 [ 87.489858][ T3212] kobject_uevent_env+0x863/0xc40 [ 87.494872][ T3212] ? preempt_count_add+0x4e/0x90 [ 87.499877][ T3212] ? _raw_spin_unlock+0x2e/0x50 [ 87.504709][ T3212] ? bd_prepare_to_claim+0x1ac/0x200 [ 87.510035][ T3212] disk_force_media_change+0xe3/0x170 [ 87.515449][ T3212] loop_configure+0x74d/0xf30 [ 87.520121][ T3212] lo_ioctl+0x583/0x1270 [ 87.524347][ T3212] ? __rcu_read_unlock+0x5c/0x290 [ 87.529399][ T3212] ? blkdev_common_ioctl+0x438/0x1180 [ 87.534805][ T3212] ? selinux_file_ioctl+0x522/0x590 [ 87.540031][ T3212] ? do_vfs_ioctl+0x819/0x14a0 [ 87.544878][ T3212] ? lo_release+0x120/0x120 [ 87.549389][ T3212] blkdev_ioctl+0x20e/0x440 [ 87.553916][ T3212] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 87.559355][ T3212] __se_sys_ioctl+0xcb/0x140 [ 87.563941][ T3212] __x64_sys_ioctl+0x3f/0x50 [ 87.568528][ T3212] do_syscall_64+0x44/0xd0 [ 87.572928][ T3212] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.578883][ T3212] RIP: 0033:0x7fbd63e3bc57 [ 87.583276][ T3212] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 87.602947][ T3212] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.611412][ T3212] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 87.619369][ T3212] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:34 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 17) [ 87.627319][ T3212] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 87.635349][ T3212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 87.643306][ T3212] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 87.651304][ T3212] [ 87.654343][ T3215] CPU: 1 PID: 3215 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 87.663017][ T3215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.669779][ T3213] loop0: detected capacity change from 0 to 1024 14:57:34 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 87.673068][ T3215] Call Trace: [ 87.680895][ T3213] EXT4-fs warning (device loop0): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 87.682708][ T3215] [ 87.682716][ T3215] dump_stack_lvl+0xd6/0x122 [ 87.682741][ T3215] dump_stack+0x11/0x1b [ 87.704889][ T3215] should_fail+0x23c/0x250 [ 87.709330][ T3215] __should_failslab+0x81/0x90 [ 87.714130][ T3215] should_failslab+0x5/0x20 [ 87.718629][ T3215] kmem_cache_alloc_node+0x61/0x2d0 [ 87.723850][ T3215] ? should_fail+0xd6/0x250 [ 87.728382][ T3215] ? should_fail+0xd6/0x250 [ 87.732926][ T3215] ? alloc_unbound_pwq+0x3e6/0x780 [ 87.738088][ T3215] alloc_unbound_pwq+0x3e6/0x780 [ 87.743009][ T3215] apply_wqattrs_prepare+0x1ed/0x630 [ 87.748403][ T3215] ? vsnprintf+0xe8f/0xed0 [ 87.752955][ T3215] apply_workqueue_attrs+0x9e/0x100 [ 87.758161][ T3215] alloc_workqueue+0x777/0xad0 [ 87.763091][ T3215] ? preempt_count_add+0x4e/0x90 [ 87.768185][ T3215] ? _raw_spin_unlock+0x2e/0x50 [ 87.773056][ T3215] ? bd_prepare_to_claim+0x1ac/0x200 [ 87.778338][ T3215] loop_configure+0x70e/0xf30 [ 87.783006][ T3215] lo_ioctl+0x583/0x1270 [ 87.787245][ T3215] ? __rcu_read_unlock+0x5c/0x290 [ 87.792424][ T3215] ? blkdev_common_ioctl+0x438/0x1180 [ 87.797795][ T3215] ? selinux_file_ioctl+0x522/0x590 [ 87.802974][ T3215] ? do_vfs_ioctl+0x819/0x14a0 [ 87.807870][ T3215] ? lo_release+0x120/0x120 [ 87.812373][ T3215] blkdev_ioctl+0x20e/0x440 [ 87.816879][ T3215] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 87.822328][ T3215] __se_sys_ioctl+0xcb/0x140 [ 87.826929][ T3215] __x64_sys_ioctl+0x3f/0x50 [ 87.831584][ T3215] do_syscall_64+0x44/0xd0 [ 87.836010][ T3215] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.841912][ T3215] RIP: 0033:0x7fbc8e8ddc57 [ 87.846334][ T3215] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 87.866004][ T3215] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:57:35 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:35 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 18) 14:57:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55", 0x1c, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 87.874535][ T3215] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 87.882492][ T3215] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 87.890450][ T3215] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 87.898416][ T3215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 87.906447][ T3215] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 87.914413][ T3215] [ 87.949043][ T3222] FAULT_INJECTION: forcing a failure. [ 87.949043][ T3222] name failslab, interval 1, probability 0, space 0, times 0 [ 87.954010][ T3223] loop1: detected capacity change from 0 to 1024 [ 87.961765][ T3222] CPU: 0 PID: 3222 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 87.970428][ T3221] loop5: detected capacity change from 0 to 4 [ 87.976714][ T3222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.976728][ T3222] Call Trace: [ 87.976735][ T3222] 14:57:35 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 22) [ 87.976740][ T3222] dump_stack_lvl+0xd6/0x122 [ 87.986570][ T3223] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 87.992836][ T3222] dump_stack+0x11/0x1b [ 87.997210][ T3221] EXT4-fs (loop5): unsupported descriptor size 0 [ 87.999108][ T3222] should_fail+0x23c/0x250 [ 87.999131][ T3222] ? kobject_uevent_env+0x1a7/0xc40 [ 88.015376][ T3225] FAULT_INJECTION: forcing a failure. [ 88.015376][ T3225] name failslab, interval 1, probability 0, space 0, times 0 [ 88.018212][ T3222] __should_failslab+0x81/0x90 [ 88.018240][ T3222] should_failslab+0x5/0x20 [ 88.055869][ T3222] kmem_cache_alloc_trace+0x52/0x350 [ 88.061190][ T3222] ? pwq_adjust_max_active+0x4c5/0x4e0 [ 88.066636][ T3222] ? dev_uevent_filter+0x70/0x70 [ 88.071556][ T3222] kobject_uevent_env+0x1a7/0xc40 [ 88.076581][ T3222] ? preempt_count_add+0x4e/0x90 [ 88.081577][ T3222] ? _raw_spin_unlock+0x2e/0x50 [ 88.086493][ T3222] ? bd_prepare_to_claim+0x1ac/0x200 [ 88.091761][ T3222] disk_force_media_change+0xe3/0x170 [ 88.097128][ T3222] loop_configure+0x74d/0xf30 [ 88.101965][ T3222] lo_ioctl+0x583/0x1270 [ 88.106188][ T3222] ? __rcu_read_unlock+0x5c/0x290 [ 88.111197][ T3222] ? blkdev_common_ioctl+0x438/0x1180 [ 88.116552][ T3222] ? selinux_file_ioctl+0x522/0x590 [ 88.121772][ T3222] ? do_vfs_ioctl+0x819/0x14a0 [ 88.126575][ T3222] ? lo_release+0x120/0x120 [ 88.131150][ T3222] blkdev_ioctl+0x20e/0x440 [ 88.135717][ T3222] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 88.141177][ T3222] __se_sys_ioctl+0xcb/0x140 [ 88.145821][ T3222] __x64_sys_ioctl+0x3f/0x50 [ 88.150457][ T3222] do_syscall_64+0x44/0xd0 [ 88.154858][ T3222] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.160752][ T3222] RIP: 0033:0x7fbc8e8ddc57 [ 88.165257][ T3222] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 88.184845][ T3222] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.193331][ T3222] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 88.201385][ T3222] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 88.209346][ T3222] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 88.217297][ T3222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 88.225253][ T3222] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 88.233209][ T3222] [ 88.236314][ T3225] CPU: 1 PID: 3225 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 88.245244][ T3225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.255291][ T3225] Call Trace: [ 88.258567][ T3225] [ 88.261526][ T3225] dump_stack_lvl+0xd6/0x122 [ 88.266113][ T3225] dump_stack+0x11/0x1b [ 88.270271][ T3225] should_fail+0x23c/0x250 [ 88.274671][ T3225] ? skb_clone+0x12c/0x1f0 [ 88.279264][ T3225] __should_failslab+0x81/0x90 [ 88.284021][ T3225] should_failslab+0x5/0x20 [ 88.288528][ T3225] kmem_cache_alloc+0x4f/0x320 [ 88.293458][ T3225] skb_clone+0x12c/0x1f0 [ 88.297688][ T3225] netlink_broadcast+0x4e9/0xad0 [ 88.302645][ T3225] kobject_uevent_env+0x8c9/0xc40 [ 88.307656][ T3225] ? preempt_count_add+0x4e/0x90 [ 88.312760][ T3225] ? _raw_spin_unlock+0x2e/0x50 [ 88.317601][ T3225] ? bd_prepare_to_claim+0x1ac/0x200 [ 88.322873][ T3225] disk_force_media_change+0xe3/0x170 [ 88.328288][ T3225] loop_configure+0x74d/0xf30 [ 88.332979][ T3225] lo_ioctl+0x583/0x1270 [ 88.337208][ T3225] ? __rcu_read_unlock+0x5c/0x290 [ 88.342225][ T3225] ? blkdev_common_ioctl+0x438/0x1180 [ 88.347584][ T3225] ? debug_smp_processor_id+0x18/0x20 [ 88.353018][ T3225] ? delay_tsc+0x96/0xe0 [ 88.357252][ T3225] ? lo_release+0x120/0x120 [ 88.361741][ T3225] blkdev_ioctl+0x20e/0x440 [ 88.366308][ T3225] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 88.371765][ T3225] __se_sys_ioctl+0xcb/0x140 [ 88.376348][ T3225] __x64_sys_ioctl+0x3f/0x50 [ 88.380926][ T3225] do_syscall_64+0x44/0xd0 [ 88.385373][ T3225] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.391325][ T3225] RIP: 0033:0x7fbd63e3bc57 [ 88.395723][ T3225] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 88.415402][ T3225] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.423800][ T3225] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 88.431755][ T3225] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 88.439771][ T3225] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:35 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:35 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 88.447724][ T3225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 88.455765][ T3225] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 88.463723][ T3225] [ 88.467066][ T1912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 88.482601][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:35 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 19) 14:57:35 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 23) [ 88.507688][ T3229] loop0: detected capacity change from 0 to 4 [ 88.517396][ T3229] EXT4-fs (loop0): unsupported descriptor size 0 [ 88.540549][ T3231] FAULT_INJECTION: forcing a failure. [ 88.540549][ T3231] name failslab, interval 1, probability 0, space 0, times 0 [ 88.553284][ T3231] CPU: 1 PID: 3231 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 88.557749][ T3234] FAULT_INJECTION: forcing a failure. [ 88.557749][ T3234] name failslab, interval 1, probability 0, space 0, times 0 [ 88.561961][ T3231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.561975][ T3231] Call Trace: [ 88.561981][ T3231] [ 88.561987][ T3231] dump_stack_lvl+0xd6/0x122 [ 88.595369][ T3231] dump_stack+0x11/0x1b [ 88.599521][ T3231] should_fail+0x23c/0x250 [ 88.603944][ T3231] ? kzalloc+0x1d/0x30 [ 88.607996][ T3231] __should_failslab+0x81/0x90 [ 88.612816][ T3231] should_failslab+0x5/0x20 [ 88.617352][ T3231] __kmalloc+0x6f/0x370 [ 88.621524][ T3231] kzalloc+0x1d/0x30 [ 88.625414][ T3231] kobject_get_path+0x7c/0x110 [ 88.630168][ T3231] kobject_uevent_env+0x1be/0xc40 [ 88.635198][ T3231] ? preempt_count_add+0x4e/0x90 [ 88.640184][ T3231] ? _raw_spin_unlock+0x2e/0x50 [ 88.645109][ T3231] ? bd_prepare_to_claim+0x1ac/0x200 [ 88.650382][ T3231] disk_force_media_change+0xe3/0x170 [ 88.655949][ T3231] loop_configure+0x74d/0xf30 [ 88.660656][ T3231] lo_ioctl+0x583/0x1270 [ 88.664951][ T3231] ? debug_smp_processor_id+0x18/0x20 [ 88.670347][ T3231] ? delay_tsc+0x96/0xe0 [ 88.674577][ T3231] ? __rcu_read_unlock+0x5c/0x290 [ 88.679658][ T3231] ? blkdev_common_ioctl+0x438/0x1180 [ 88.685067][ T3231] ? selinux_file_ioctl+0x522/0x590 [ 88.690860][ T3231] ? do_vfs_ioctl+0x819/0x14a0 [ 88.695684][ T3231] ? lo_release+0x120/0x120 [ 88.700221][ T3231] blkdev_ioctl+0x20e/0x440 [ 88.704712][ T3231] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 88.710154][ T3231] __se_sys_ioctl+0xcb/0x140 [ 88.714730][ T3231] __x64_sys_ioctl+0x3f/0x50 [ 88.719385][ T3231] do_syscall_64+0x44/0xd0 [ 88.723788][ T3231] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.729678][ T3231] RIP: 0033:0x7fbc8e8ddc57 [ 88.734150][ T3231] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55", 0x1c, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:35 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) [ 88.753772][ T3231] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.762166][ T3231] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 88.770224][ T3231] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 88.778201][ T3231] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 88.786241][ T3231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 88.794198][ T3231] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 88.802170][ T3231] 14:57:36 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 88.805344][ T3234] CPU: 0 PID: 3234 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 88.814063][ T3234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.818815][ T3236] loop1: detected capacity change from 0 to 1024 [ 88.824113][ T3234] Call Trace: [ 88.824122][ T3234] [ 88.824128][ T3234] dump_stack_lvl+0xd6/0x122 [ 88.824157][ T3234] dump_stack+0x11/0x1b [ 88.836026][ T3236] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 88.836762][ T3234] should_fail+0x23c/0x250 [ 88.850411][ T3238] loop5: detected capacity change from 0 to 4 [ 88.855959][ T3234] ? __kernfs_new_node+0x6a/0x340 [ 88.863089][ T3238] EXT4-fs (loop5): unsupported descriptor size 0 [ 88.866468][ T3234] __should_failslab+0x81/0x90 [ 88.866494][ T3234] should_failslab+0x5/0x20 [ 88.887147][ T3234] kmem_cache_alloc+0x4f/0x320 [ 88.891912][ T3234] __kernfs_new_node+0x6a/0x340 [ 88.896846][ T3234] ? ___cache_free+0x46/0x300 [ 88.901517][ T3234] ? kmem_cache_free+0x65/0x110 [ 88.906396][ T3234] ? kfree+0xf8/0x1f0 [ 88.910468][ T3234] kernfs_create_dir_ns+0x5e/0x140 [ 88.915572][ T3234] internal_create_group+0x13e/0x840 [ 88.920844][ T3234] sysfs_create_group+0x1b/0x20 [ 88.925691][ T3234] loop_configure+0xc58/0xf30 [ 88.930358][ T3234] lo_ioctl+0x583/0x1270 [ 88.934611][ T3234] ? __rcu_read_unlock+0x5c/0x290 [ 88.939629][ T3234] ? blkdev_common_ioctl+0x438/0x1180 [ 88.945049][ T3234] ? selinux_file_ioctl+0x522/0x590 [ 88.950309][ T3234] ? do_vfs_ioctl+0x819/0x14a0 [ 88.955162][ T3234] ? lo_release+0x120/0x120 [ 88.959654][ T3234] blkdev_ioctl+0x20e/0x440 [ 88.964153][ T3234] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 88.969660][ T3234] __se_sys_ioctl+0xcb/0x140 [ 88.974243][ T3234] __x64_sys_ioctl+0x3f/0x50 [ 88.978876][ T3234] do_syscall_64+0x44/0xd0 [ 88.983311][ T3234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.989189][ T3234] RIP: 0033:0x7fbd63e3bc57 [ 88.993743][ T3234] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.013508][ T3234] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 89.021969][ T3234] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 89.029933][ T3234] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 89.037987][ T3234] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 89.046041][ T3234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:57:36 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:36 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff82", 0x12, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:36 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 20) [ 89.054005][ T3234] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 89.061965][ T3234] [ 89.094157][ T3243] loop1: detected capacity change from 0 to 1024 [ 89.095835][ T3244] FAULT_INJECTION: forcing a failure. [ 89.095835][ T3244] name failslab, interval 1, probability 0, space 0, times 0 [ 89.113202][ T3244] CPU: 1 PID: 3244 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 89.121863][ T3244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.131907][ T3244] Call Trace: [ 89.135198][ T3244] [ 89.138153][ T3244] dump_stack_lvl+0xd6/0x122 [ 89.142771][ T3244] dump_stack+0x11/0x1b [ 89.146918][ T3244] should_fail+0x23c/0x250 [ 89.151336][ T3244] __should_failslab+0x81/0x90 [ 89.156089][ T3244] should_failslab+0x5/0x20 [ 89.160623][ T3244] kmem_cache_alloc_node+0x61/0x2d0 [ 89.165807][ T3244] ? __alloc_skb+0xf0/0x450 [ 89.170306][ T3244] __alloc_skb+0xf0/0x450 [ 89.174626][ T3244] alloc_uevent_skb+0x5b/0x120 [ 89.179380][ T3244] kobject_uevent_env+0x863/0xc40 [ 89.184465][ T3244] ? preempt_count_add+0x4e/0x90 [ 89.189394][ T3244] ? _raw_spin_unlock+0x2e/0x50 [ 89.194237][ T3244] ? bd_prepare_to_claim+0x1ac/0x200 [ 89.199510][ T3244] disk_force_media_change+0xe3/0x170 [ 89.204890][ T3244] loop_configure+0x74d/0xf30 [ 89.209567][ T3244] lo_ioctl+0x583/0x1270 [ 89.213797][ T3244] ? __rcu_read_unlock+0x5c/0x290 [ 89.218870][ T3244] ? blkdev_common_ioctl+0x438/0x1180 [ 89.224253][ T3244] ? selinux_file_ioctl+0x522/0x590 [ 89.229440][ T3244] ? do_vfs_ioctl+0x819/0x14a0 [ 89.234218][ T3244] ? lo_release+0x120/0x120 [ 89.238740][ T3244] blkdev_ioctl+0x20e/0x440 [ 89.243289][ T3244] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 89.248868][ T3244] __se_sys_ioctl+0xcb/0x140 [ 89.253593][ T3244] __x64_sys_ioctl+0x3f/0x50 [ 89.258178][ T3244] do_syscall_64+0x44/0xd0 [ 89.262586][ T3244] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.268641][ T3244] RIP: 0033:0x7fbc8e8ddc57 [ 89.273084][ T3244] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.292721][ T3244] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 89.301159][ T3244] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 89.309269][ T3244] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 89.317231][ T3244] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 89.325284][ T3244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 89.333345][ T3244] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 89.341308][ T3244] 14:57:36 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 24) 14:57:36 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:36 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d550100", 0x1e, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 89.347358][ T3245] loop0: detected capacity change from 0 to 1024 [ 89.357964][ T3243] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 89.373184][ T3245] EXT4-fs warning (device loop0): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 89.393461][ T3249] FAULT_INJECTION: forcing a failure. [ 89.393461][ T3249] name failslab, interval 1, probability 0, space 0, times 0 [ 89.406093][ T3251] FAULT_INJECTION: forcing a failure. [ 89.406093][ T3251] name failslab, interval 1, probability 0, space 0, times 0 [ 89.406112][ T3249] CPU: 1 PID: 3249 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 89.427442][ T3249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.437489][ T3249] Call Trace: [ 89.440817][ T3249] [ 89.443731][ T3249] dump_stack_lvl+0xd6/0x122 [ 89.448312][ T3249] dump_stack+0x11/0x1b [ 89.452492][ T3249] should_fail+0x23c/0x250 [ 89.456902][ T3249] ? radix_tree_node_alloc+0x142/0x200 [ 89.462345][ T3249] __should_failslab+0x81/0x90 [ 89.467099][ T3249] should_failslab+0x5/0x20 [ 89.471665][ T3249] kmem_cache_alloc+0x4f/0x320 [ 89.476432][ T3249] radix_tree_node_alloc+0x142/0x200 [ 89.481702][ T3249] idr_get_free+0x22a/0x5d0 [ 89.486188][ T3249] idr_alloc_cyclic+0xf4/0x2f0 [ 89.490940][ T3249] __kernfs_new_node+0xb4/0x340 [ 89.495864][ T3249] ? ___cache_free+0x46/0x300 [ 89.500538][ T3249] ? kmem_cache_free+0x65/0x110 [ 89.505393][ T3249] ? kfree+0xf8/0x1f0 [ 89.509364][ T3249] kernfs_create_dir_ns+0x5e/0x140 [ 89.514512][ T3249] internal_create_group+0x13e/0x840 [ 89.519827][ T3249] sysfs_create_group+0x1b/0x20 [ 89.524684][ T3249] loop_configure+0xc58/0xf30 [ 89.529400][ T3249] lo_ioctl+0x583/0x1270 [ 89.533625][ T3249] ? __rcu_read_unlock+0x5c/0x290 [ 89.538636][ T3249] ? blkdev_common_ioctl+0x438/0x1180 [ 89.543994][ T3249] ? selinux_file_ioctl+0x522/0x590 [ 89.549178][ T3249] ? do_vfs_ioctl+0x819/0x14a0 [ 89.553941][ T3249] ? lo_release+0x120/0x120 [ 89.558442][ T3249] blkdev_ioctl+0x20e/0x440 [ 89.562985][ T3249] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 89.568430][ T3249] __se_sys_ioctl+0xcb/0x140 [ 89.573029][ T3249] __x64_sys_ioctl+0x3f/0x50 [ 89.577687][ T3249] do_syscall_64+0x44/0xd0 [ 89.582090][ T3249] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.587987][ T3249] RIP: 0033:0x7fbd63e3bc57 [ 89.592446][ T3249] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.612456][ T3249] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 89.620848][ T3249] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 89.628814][ T3249] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 89.636872][ T3249] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:36 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 21) [ 89.644826][ T3249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 89.652828][ T3249] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 89.660841][ T3249] [ 89.663905][ T3251] CPU: 0 PID: 3251 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 89.665045][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 89.672650][ T3251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.690752][ T3251] Call Trace: [ 89.694093][ T3251] [ 89.697005][ T3251] dump_stack_lvl+0xd6/0x122 [ 89.701603][ T3251] dump_stack+0x11/0x1b [ 89.705842][ T3251] should_fail+0x23c/0x250 [ 89.710336][ T3251] __should_failslab+0x81/0x90 [ 89.715263][ T3251] should_failslab+0x5/0x20 [ 89.719767][ T3251] kmem_cache_alloc_node_trace+0x61/0x310 [ 89.725483][ T3251] ? __kmalloc_node_track_caller+0x30/0x40 [ 89.731542][ T3251] __kmalloc_node_track_caller+0x30/0x40 [ 89.737173][ T3251] ? alloc_uevent_skb+0x5b/0x120 [ 89.742113][ T3251] __alloc_skb+0x19d/0x450 [ 89.746558][ T3251] alloc_uevent_skb+0x5b/0x120 [ 89.751306][ T3251] kobject_uevent_env+0x863/0xc40 [ 89.756311][ T3251] ? preempt_count_add+0x4e/0x90 [ 89.761309][ T3251] ? _raw_spin_unlock+0x2e/0x50 [ 89.766245][ T3251] ? bd_prepare_to_claim+0x1ac/0x200 [ 89.771535][ T3251] disk_force_media_change+0xe3/0x170 [ 89.776916][ T3251] loop_configure+0x74d/0xf30 [ 89.781594][ T3251] lo_ioctl+0x583/0x1270 [ 89.785817][ T3251] ? debug_smp_processor_id+0x18/0x20 [ 89.791175][ T3251] ? delay_tsc+0x96/0xe0 [ 89.795423][ T3251] ? __rcu_read_unlock+0x5c/0x290 [ 89.800449][ T3251] ? blkdev_common_ioctl+0x438/0x1180 [ 89.805923][ T3251] ? selinux_file_ioctl+0x522/0x590 [ 89.811213][ T3251] ? do_vfs_ioctl+0x819/0x14a0 [ 89.815960][ T3251] ? lo_release+0x120/0x120 [ 89.820534][ T3251] blkdev_ioctl+0x20e/0x440 [ 89.825061][ T3251] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 89.830538][ T3251] __se_sys_ioctl+0xcb/0x140 [ 89.835123][ T3251] __x64_sys_ioctl+0x3f/0x50 [ 89.839697][ T3251] do_syscall_64+0x44/0xd0 [ 89.844094][ T3251] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.850042][ T3251] RIP: 0033:0x7fbc8e8ddc57 [ 89.854442][ T3251] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.874034][ T3251] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 89.882443][ T3251] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 89.890419][ T3251] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:37 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13}], 0x0, &(0x7f0000012b00)) 14:57:37 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 89.898386][ T3251] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 89.906343][ T3251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 89.914338][ T3251] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 89.922293][ T3251] [ 89.928893][ T3252] loop5: detected capacity change from 0 to 4 [ 89.937744][ T3252] EXT4-fs (loop5): unsupported descriptor size 0 14:57:37 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 22) 14:57:37 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:37 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 25) [ 89.952426][ T3255] loop1: detected capacity change from 0 to 1024 [ 89.959764][ T3255] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 89.998403][ T3261] FAULT_INJECTION: forcing a failure. [ 89.998403][ T3261] name failslab, interval 1, probability 0, space 0, times 0 [ 90.011104][ T3261] CPU: 1 PID: 3261 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 90.019794][ T3261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.029846][ T3261] Call Trace: [ 90.033118][ T3261] [ 90.034995][ T3263] FAULT_INJECTION: forcing a failure. [ 90.034995][ T3263] name failslab, interval 1, probability 0, space 0, times 0 [ 90.036041][ T3261] dump_stack_lvl+0xd6/0x122 [ 90.053178][ T3261] dump_stack+0x11/0x1b [ 90.057326][ T3261] should_fail+0x23c/0x250 [ 90.061732][ T3261] ? __kernfs_new_node+0x6a/0x340 [ 90.066781][ T3261] __should_failslab+0x81/0x90 [ 90.071554][ T3261] should_failslab+0x5/0x20 [ 90.076043][ T3261] kmem_cache_alloc+0x4f/0x320 [ 90.080792][ T3261] __kernfs_new_node+0x6a/0x340 [ 90.085671][ T3261] ? up_write+0xb5/0xc0 [ 90.089813][ T3261] kernfs_new_node+0x5b/0xd0 [ 90.094427][ T3261] __kernfs_create_file+0x45/0x1a0 [ 90.099614][ T3261] ? dev_attr_show+0x90/0x90 [ 90.104188][ T3261] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 90.109577][ T3261] internal_create_group+0x2dd/0x840 [ 90.114845][ T3261] sysfs_create_group+0x1b/0x20 [ 90.119677][ T3261] loop_configure+0xc58/0xf30 [ 90.124348][ T3261] lo_ioctl+0x583/0x1270 [ 90.128574][ T3261] ? __rcu_read_unlock+0x5c/0x290 [ 90.133587][ T3261] ? blkdev_common_ioctl+0x438/0x1180 [ 90.138989][ T3261] ? selinux_file_ioctl+0x522/0x590 [ 90.144172][ T3261] ? do_vfs_ioctl+0x819/0x14a0 [ 90.148974][ T3261] ? lo_release+0x120/0x120 [ 90.153469][ T3261] blkdev_ioctl+0x20e/0x440 [ 90.158015][ T3261] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 90.163517][ T3261] __se_sys_ioctl+0xcb/0x140 [ 90.168092][ T3261] __x64_sys_ioctl+0x3f/0x50 [ 90.172702][ T3261] do_syscall_64+0x44/0xd0 [ 90.177104][ T3261] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.182984][ T3261] RIP: 0033:0x7fbd63e3bc57 [ 90.187381][ T3261] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.207143][ T3261] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.215709][ T3261] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 90.223668][ T3261] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 90.231732][ T3261] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 90.239732][ T3261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:57:37 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13}], 0x0, &(0x7f0000012b00)) 14:57:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d550100", 0x1e, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) [ 90.247720][ T3261] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 90.255677][ T3261] [ 90.258681][ T3263] CPU: 0 PID: 3263 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 90.267404][ T3263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.277451][ T3263] Call Trace: [ 90.280721][ T3263] [ 90.283662][ T3263] dump_stack_lvl+0xd6/0x122 [ 90.288327][ T3263] dump_stack+0x11/0x1b [ 90.292544][ T3263] should_fail+0x23c/0x250 [ 90.296950][ T3263] ? skb_clone+0x12c/0x1f0 [ 90.301357][ T3263] __should_failslab+0x81/0x90 [ 90.306190][ T3263] should_failslab+0x5/0x20 [ 90.310745][ T3263] kmem_cache_alloc+0x4f/0x320 [ 90.315499][ T3263] skb_clone+0x12c/0x1f0 [ 90.319727][ T3263] netlink_broadcast+0x4e9/0xad0 [ 90.324721][ T3263] kobject_uevent_env+0x8c9/0xc40 [ 90.329734][ T3263] ? preempt_count_add+0x4e/0x90 [ 90.334691][ T3263] ? _raw_spin_unlock+0x2e/0x50 [ 90.339596][ T3263] ? bd_prepare_to_claim+0x1ac/0x200 [ 90.344875][ T3263] disk_force_media_change+0xe3/0x170 [ 90.350320][ T3263] loop_configure+0x74d/0xf30 [ 90.355035][ T3263] lo_ioctl+0x583/0x1270 [ 90.359328][ T3263] ? __rcu_read_unlock+0x5c/0x290 [ 90.364353][ T3263] ? blkdev_common_ioctl+0x438/0x1180 [ 90.369786][ T3263] ? selinux_file_ioctl+0x522/0x590 [ 90.374971][ T3263] ? do_vfs_ioctl+0x819/0x14a0 [ 90.379727][ T3263] ? lo_release+0x120/0x120 [ 90.384234][ T3263] blkdev_ioctl+0x20e/0x440 [ 90.388907][ T3263] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 90.394392][ T3263] __se_sys_ioctl+0xcb/0x140 [ 90.398968][ T3263] __x64_sys_ioctl+0x3f/0x50 [ 90.403602][ T3263] do_syscall_64+0x44/0xd0 [ 90.408007][ T3263] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.413886][ T3263] RIP: 0033:0x7fbc8e8ddc57 [ 90.418287][ T3263] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.437878][ T3263] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.446276][ T3263] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 90.454230][ T3263] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 90.462186][ T3263] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 90.470141][ T3263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 90.478259][ T3263] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 90.486237][ T3263] [ 90.490628][ T3267] loop1: detected capacity change from 0 to 1024 14:57:37 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:37 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 26) 14:57:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) (async) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) (async) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) (async) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) (async) [ 90.497298][ T3268] loop5: detected capacity change from 0 to 4 [ 90.505848][ T3268] EXT4-fs (loop5): unsupported descriptor size 0 [ 90.516624][ T3267] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 90.527163][ T3270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:37 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 23) 14:57:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d550100", 0x1e, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 90.548974][ T3274] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.563666][ T3276] FAULT_INJECTION: forcing a failure. [ 90.563666][ T3276] name failslab, interval 1, probability 0, space 0, times 0 [ 90.576349][ T3276] CPU: 0 PID: 3276 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 90.585026][ T3276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.595514][ T3276] Call Trace: 14:57:37 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 90.598789][ T3276] [ 90.599499][ T3279] loop5: detected capacity change from 0 to 4 [ 90.601725][ T3276] dump_stack_lvl+0xd6/0x122 [ 90.601751][ T3276] dump_stack+0x11/0x1b [ 90.615585][ T3279] EXT4-fs (loop5): unsupported descriptor size 0 [ 90.616520][ T3276] should_fail+0x23c/0x250 [ 90.616545][ T3276] ? __kernfs_new_node+0x6a/0x340 [ 90.632335][ T3276] __should_failslab+0x81/0x90 [ 90.637137][ T3276] should_failslab+0x5/0x20 [ 90.641647][ T3276] kmem_cache_alloc+0x4f/0x320 [ 90.646476][ T3276] ? __down_write_common+0x42/0x7b0 [ 90.651677][ T3276] __kernfs_new_node+0x6a/0x340 [ 90.656532][ T3276] ? up_write+0x25/0xc0 [ 90.657188][ T3288] FAULT_INJECTION: forcing a failure. [ 90.657188][ T3288] name failslab, interval 1, probability 0, space 0, times 0 [ 90.661351][ T3276] kernfs_new_node+0x5b/0xd0 [ 90.661380][ T3276] __kernfs_create_file+0x45/0x1a0 [ 90.684038][ T3276] ? dev_attr_show+0x90/0x90 [ 90.688621][ T3276] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 90.693983][ T3276] internal_create_group+0x2dd/0x840 [ 90.699252][ T3276] sysfs_create_group+0x1b/0x20 [ 90.704085][ T3276] loop_configure+0xc58/0xf30 [ 90.708751][ T3276] lo_ioctl+0x583/0x1270 [ 90.713003][ T3276] ? __rcu_read_unlock+0x5c/0x290 [ 90.718016][ T3276] ? blkdev_common_ioctl+0x438/0x1180 [ 90.723370][ T3276] ? selinux_file_ioctl+0x522/0x590 [ 90.728648][ T3276] ? do_vfs_ioctl+0x819/0x14a0 [ 90.733409][ T3276] ? lo_release+0x120/0x120 [ 90.737892][ T3276] blkdev_ioctl+0x20e/0x440 [ 90.742388][ T3276] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 90.747827][ T3276] __se_sys_ioctl+0xcb/0x140 [ 90.752400][ T3276] __x64_sys_ioctl+0x3f/0x50 [ 90.757017][ T3276] do_syscall_64+0x44/0xd0 [ 90.761468][ T3276] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.767398][ T3276] RIP: 0033:0x7fbd63e3bc57 [ 90.771852][ T3276] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.791576][ T3276] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.799974][ T3276] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 90.807951][ T3276] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 90.815913][ T3276] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 90.823869][ T3276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 90.831824][ T3276] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 90.839786][ T3276] [ 90.842793][ T3288] CPU: 1 PID: 3288 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) (async) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) (async) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) (async) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) (async) 14:57:38 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13}], 0x0, &(0x7f0000012b00)) [ 90.851563][ T3288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.861678][ T3288] Call Trace: [ 90.865008][ T3288] [ 90.867998][ T3288] dump_stack_lvl+0xd6/0x122 [ 90.872607][ T3288] dump_stack+0x11/0x1b [ 90.873295][ T3294] loop1: detected capacity change from 0 to 1024 [ 90.876762][ T3288] should_fail+0x23c/0x250 [ 90.876785][ T3288] ? __kernfs_new_node+0x6a/0x340 [ 90.876807][ T3288] __should_failslab+0x81/0x90 [ 90.884540][ T3294] EXT4-fs warning (device loop1): read_mmp_block:107: Error -117 while reading MMP block 0 [ 90.887500][ T3288] should_failslab+0x5/0x20 [ 90.887537][ T3288] kmem_cache_alloc+0x4f/0x320 [ 90.916526][ T3288] __kernfs_new_node+0x6a/0x340 [ 90.921371][ T3288] ? ___cache_free+0x46/0x300 [ 90.926033][ T3288] ? debug_smp_processor_id+0x18/0x20 [ 90.931395][ T3288] ? delay_tsc+0x96/0xe0 [ 90.935638][ T3288] kernfs_create_dir_ns+0x5e/0x140 [ 90.940740][ T3288] internal_create_group+0x13e/0x840 [ 90.946010][ T3288] sysfs_create_group+0x1b/0x20 [ 90.950899][ T3288] loop_configure+0xc58/0xf30 [ 90.955562][ T3288] lo_ioctl+0x583/0x1270 [ 90.959788][ T3288] ? __rcu_read_unlock+0x5c/0x290 [ 90.964808][ T3288] ? blkdev_common_ioctl+0x438/0x1180 [ 90.970171][ T3288] ? selinux_file_ioctl+0x522/0x590 [ 90.975356][ T3288] ? do_vfs_ioctl+0x819/0x14a0 [ 90.980142][ T3288] ? lo_release+0x120/0x120 [ 90.984745][ T3288] blkdev_ioctl+0x20e/0x440 [ 90.989232][ T3288] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 90.994677][ T3288] __se_sys_ioctl+0xcb/0x140 [ 90.999282][ T3288] __x64_sys_ioctl+0x3f/0x50 [ 91.003859][ T3288] do_syscall_64+0x44/0xd0 [ 91.008500][ T3288] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.014443][ T3288] RIP: 0033:0x7fbc8e8ddc57 [ 91.018840][ T3288] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.038477][ T3288] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.046877][ T3288] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 91.054909][ T3288] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 91.062869][ T3288] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 91.070830][ T3288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 91.078879][ T3288] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 91.086877][ T3288] [ 91.091901][ T1906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:38 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f}], 0x0, &(0x7f0000012b00)) 14:57:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) 14:57:38 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 27) 14:57:38 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 91.101065][ T3295] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:38 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 24) [ 91.161766][ T3308] loop1: detected capacity change from 0 to 1024 [ 91.170904][ T3310] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.174261][ T3313] loop5: detected capacity change from 0 to 4 [ 91.181844][ T3312] FAULT_INJECTION: forcing a failure. [ 91.181844][ T3312] name failslab, interval 1, probability 0, space 0, times 0 [ 91.197650][ T3312] CPU: 1 PID: 3312 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 91.197669][ T3315] FAULT_INJECTION: forcing a failure. [ 91.197669][ T3315] name failslab, interval 1, probability 0, space 0, times 0 [ 91.206318][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.206333][ T3312] Call Trace: [ 91.206340][ T3312] [ 91.206345][ T3312] dump_stack_lvl+0xd6/0x122 [ 91.239693][ T3312] dump_stack+0x11/0x1b [ 91.243867][ T3312] should_fail+0x23c/0x250 [ 91.248336][ T3312] ? __kernfs_new_node+0x6a/0x340 [ 91.253395][ T3312] __should_failslab+0x81/0x90 [ 91.258177][ T3312] should_failslab+0x5/0x20 [ 91.262663][ T3312] kmem_cache_alloc+0x4f/0x320 [ 91.267408][ T3312] ? __down_write_common+0x42/0x7b0 [ 91.272591][ T3312] __kernfs_new_node+0x6a/0x340 [ 91.277470][ T3312] ? up_write+0x25/0xc0 [ 91.281665][ T3312] kernfs_new_node+0x5b/0xd0 [ 91.286240][ T3312] __kernfs_create_file+0x45/0x1a0 [ 91.291388][ T3312] ? dev_attr_show+0x90/0x90 [ 91.296090][ T3312] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 91.301502][ T3312] internal_create_group+0x2dd/0x840 [ 91.306789][ T3312] sysfs_create_group+0x1b/0x20 [ 91.311676][ T3312] loop_configure+0xc58/0xf30 [ 91.316335][ T3312] lo_ioctl+0x583/0x1270 [ 91.320579][ T3312] ? __rcu_read_unlock+0x5c/0x290 [ 91.325603][ T3312] ? blkdev_common_ioctl+0x438/0x1180 [ 91.330961][ T3312] ? selinux_file_ioctl+0x522/0x590 [ 91.336158][ T3312] ? do_vfs_ioctl+0x819/0x14a0 [ 91.340910][ T3312] ? lo_release+0x120/0x120 [ 91.345542][ T3312] blkdev_ioctl+0x20e/0x440 [ 91.350048][ T3312] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 91.355506][ T3312] __se_sys_ioctl+0xcb/0x140 [ 91.360089][ T3312] __x64_sys_ioctl+0x3f/0x50 [ 91.364717][ T3312] do_syscall_64+0x44/0xd0 [ 91.369119][ T3312] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.375013][ T3312] RIP: 0033:0x7fbd63e3bc57 [ 91.379410][ T3312] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.398998][ T3312] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.407476][ T3312] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 91.415429][ T3312] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 91.423417][ T3312] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 91.431461][ T3312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 91.439411][ T3312] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 91.447418][ T3312] [ 91.450419][ T3315] CPU: 0 PID: 3315 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 91.459190][ T3315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.469268][ T3315] Call Trace: [ 91.472546][ T3315] [ 91.475510][ T3315] dump_stack_lvl+0xd6/0x122 [ 91.480161][ T3315] dump_stack+0x11/0x1b [ 91.484358][ T3315] should_fail+0x23c/0x250 [ 91.488749][ T3315] ? radix_tree_node_alloc+0x142/0x200 [ 91.494181][ T3315] __should_failslab+0x81/0x90 [ 91.498923][ T3315] should_failslab+0x5/0x20 [ 91.503405][ T3315] kmem_cache_alloc+0x4f/0x320 [ 91.508238][ T3315] radix_tree_node_alloc+0x142/0x200 [ 91.513547][ T3315] idr_get_free+0x22a/0x5d0 [ 91.518158][ T3315] idr_alloc_cyclic+0xf4/0x2f0 [ 91.522901][ T3315] __kernfs_new_node+0xb4/0x340 [ 91.527733][ T3315] ? ___cache_free+0x46/0x300 [ 91.532468][ T3315] ? kmem_cache_free+0x65/0x110 [ 91.537291][ T3315] ? kfree+0xf8/0x1f0 [ 91.541264][ T3315] kernfs_create_dir_ns+0x5e/0x140 [ 91.546413][ T3315] internal_create_group+0x13e/0x840 [ 91.551676][ T3315] sysfs_create_group+0x1b/0x20 [ 91.556515][ T3315] loop_configure+0xc58/0xf30 [ 91.561173][ T3315] lo_ioctl+0x583/0x1270 [ 91.565472][ T3315] ? __rcu_read_unlock+0x5c/0x290 [ 91.570496][ T3315] ? blkdev_common_ioctl+0x438/0x1180 [ 91.575848][ T3315] ? selinux_file_ioctl+0x522/0x590 [ 91.581094][ T3315] ? do_vfs_ioctl+0x819/0x14a0 [ 91.585838][ T3315] ? lo_release+0x120/0x120 [ 91.590315][ T3315] blkdev_ioctl+0x20e/0x440 [ 91.594871][ T3315] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 91.600337][ T3315] __se_sys_ioctl+0xcb/0x140 [ 91.604922][ T3315] __x64_sys_ioctl+0x3f/0x50 [ 91.609559][ T3315] do_syscall_64+0x44/0xd0 [ 91.614004][ T3315] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.619875][ T3315] RIP: 0033:0x7fbc8e8ddc57 [ 91.624396][ T3315] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.644070][ T3315] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.652461][ T3315] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 91.660408][ T3315] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 91.668359][ T3315] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 91.676308][ T3315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 91.684256][ T3315] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 91.692207][ T3315] [ 91.696525][ T3313] EXT4-fs (loop5): unsupported descriptor size 0 14:57:38 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x11, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) 14:57:38 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 28) 14:57:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000040)=0x3d9) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0xfc, 0x39, 0x200, 0x70bd26, 0x25dfdbfd, {0x1}, [@generic="216c9be5191843cdbb9a0ca915a4432cfa3169cb518c9436b083da397c86cbc773099ecc5ff57d3846e7c8f8a229e598761239f568e3f1046cdbe5b35c1924daf9fdde7bce37860574cdcb82be6731e32c786bf03b42b98b74dfd400bdfe43cab743eca309ac7fa9cb33304ab6db40c05f8560ee68cc41b04fab31ab1e4b136b0275acda48486809b17e9766c0c0175412b99e5f1d24759551b063e0", @generic="473ee7ad3ef69bbc5e3410aee0780e29fa3177b72812cb962c766b71b43476930f9bc7f6f8a8ba5194aee871c069227bf0", @nested={0x10, 0x8c, 0x0, 0x1, [@typed={0x4, 0x40}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x10000}]}, @typed={0x8, 0x49, 0x0, 0x0, @u32=0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4040040}, 0x2000881c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000004000000000000000000", @ANYRES32=0x0, @ANYBLOB="0080000800000009000000024e230038006800008129907864010102e00000014424e4137f00000100000008e00000020000ffffac1414bb00000fffac1e010100000080"]}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', r2, 0x29, 0x76, 0x20, 0x20, 0x47, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x0, 0xfffffffd, 0x9}}) sendmmsg$inet(r1, &(0x7f0000002880)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1000e985f5150000ff030000000000010800000088a7b0d4c1b38799da3ebd945c756d8942452a8bac7474438231edd903ee179da37f6354152db1ac89a83e8196d348e642b8e234230b2feac290a6d3e7d45f6115967e00153a1dc871108653800e292eb1decc251679ab1275cf0cbcff2d2ab7b96a1d51320247333db23bd88c1818df70e04e44576e3f9e012f7863a3b03626ebd9ad09d599a60f3decf1241bfc96057f0f2853ac6016fc6b59fdfc3e9f0e2928bc15116ff7131b4b635b1fe76064c213feab17afa01d45eac3f638e56de5f85486efaf1e1568ac2725f27b51ccf3f9881d0370227bb59e63ea8f5b1790c1264fdce2a46f44d84a1057cb4d2a2d9b709b2e9ba47a8bacf9177c61b989242962118a2899235c77afb96b9d2eaf5bec0000000000"], 0x10}}], 0x2, 0x0) 14:57:38 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x12, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:38 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 25) [ 91.706838][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.715221][ T3308] EXT4-fs (loop1): unsupported descriptor size 0 [ 91.729171][ T3319] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.770556][ T3326] FAULT_INJECTION: forcing a failure. [ 91.770556][ T3326] name failslab, interval 1, probability 0, space 0, times 0 [ 91.771868][ T3325] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.783312][ T3326] CPU: 0 PID: 3326 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 91.799976][ T3326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.810038][ T3326] Call Trace: [ 91.813486][ T3326] [ 91.816421][ T3326] dump_stack_lvl+0xd6/0x122 [ 91.821021][ T3326] dump_stack+0x11/0x1b [ 91.822638][ T3327] FAULT_INJECTION: forcing a failure. [ 91.822638][ T3327] name failslab, interval 1, probability 0, space 0, times 0 [ 91.825253][ T3326] should_fail+0x23c/0x250 [ 91.825277][ T3326] ? __kernfs_new_node+0x6a/0x340 [ 91.847223][ T3326] __should_failslab+0x81/0x90 [ 91.852070][ T3326] should_failslab+0x5/0x20 [ 91.856561][ T3326] kmem_cache_alloc+0x4f/0x320 [ 91.861308][ T3326] ? __down_write_common+0x42/0x7b0 [ 91.866592][ T3326] __kernfs_new_node+0x6a/0x340 [ 91.871777][ T3326] ? up_write+0x25/0xc0 [ 91.875918][ T3326] kernfs_new_node+0x5b/0xd0 [ 91.880573][ T3326] __kernfs_create_file+0x45/0x1a0 [ 91.885673][ T3326] ? dev_attr_show+0x90/0x90 [ 91.890320][ T3326] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 91.895680][ T3326] internal_create_group+0x2dd/0x840 [ 91.900971][ T3326] sysfs_create_group+0x1b/0x20 [ 91.905803][ T3326] loop_configure+0xc58/0xf30 [ 91.910582][ T3326] lo_ioctl+0x583/0x1270 [ 91.914805][ T3326] ? __rcu_read_unlock+0x5c/0x290 [ 91.919873][ T3326] ? blkdev_common_ioctl+0x438/0x1180 [ 91.925285][ T3326] ? selinux_file_ioctl+0x522/0x590 [ 91.930517][ T3326] ? do_vfs_ioctl+0x819/0x14a0 [ 91.935341][ T3326] ? lo_release+0x120/0x120 [ 91.939829][ T3326] blkdev_ioctl+0x20e/0x440 [ 91.944317][ T3326] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 91.949800][ T3326] __se_sys_ioctl+0xcb/0x140 [ 91.954375][ T3326] __x64_sys_ioctl+0x3f/0x50 [ 91.958968][ T3326] do_syscall_64+0x44/0xd0 [ 91.963371][ T3326] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.969246][ T3326] RIP: 0033:0x7fbc8e8ddc57 [ 91.973671][ T3326] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.993404][ T3326] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 92.001797][ T3326] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 92.009749][ T3326] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 92.017701][ T3326] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 92.025655][ T3326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 92.033687][ T3326] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 92.041641][ T3326] [ 92.044642][ T3327] CPU: 1 PID: 3327 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 92.053313][ T3327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.063355][ T3327] Call Trace: [ 92.066616][ T3327] [ 92.069528][ T3327] dump_stack_lvl+0xd6/0x122 [ 92.074131][ T3327] dump_stack+0x11/0x1b [ 92.078268][ T3327] should_fail+0x23c/0x250 [ 92.082673][ T3327] ? __kernfs_new_node+0x6a/0x340 [ 92.087846][ T3327] __should_failslab+0x81/0x90 [ 92.092675][ T3327] should_failslab+0x5/0x20 [ 92.097216][ T3327] kmem_cache_alloc+0x4f/0x320 [ 92.101962][ T3327] ? __down_write_common+0x42/0x7b0 [ 92.107174][ T3327] __kernfs_new_node+0x6a/0x340 [ 92.112013][ T3327] ? up_write+0x25/0xc0 [ 92.116221][ T3327] kernfs_new_node+0x5b/0xd0 [ 92.120843][ T3327] __kernfs_create_file+0x45/0x1a0 [ 92.125943][ T3327] ? dev_attr_show+0x90/0x90 [ 92.130524][ T3327] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 92.135888][ T3327] internal_create_group+0x2dd/0x840 [ 92.141177][ T3327] sysfs_create_group+0x1b/0x20 [ 92.146007][ T3327] loop_configure+0xc58/0xf30 [ 92.150675][ T3327] lo_ioctl+0x583/0x1270 [ 92.154898][ T3327] ? __rcu_read_unlock+0x5c/0x290 [ 92.159953][ T3327] ? blkdev_common_ioctl+0x438/0x1180 [ 92.165318][ T3327] ? selinux_file_ioctl+0x522/0x590 [ 92.170502][ T3327] ? do_vfs_ioctl+0x819/0x14a0 [ 92.175252][ T3327] ? lo_release+0x120/0x120 [ 92.179739][ T3327] blkdev_ioctl+0x20e/0x440 [ 92.184226][ T3327] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 92.189746][ T3327] __se_sys_ioctl+0xcb/0x140 [ 92.194332][ T3327] __x64_sys_ioctl+0x3f/0x50 [ 92.198908][ T3327] do_syscall_64+0x44/0xd0 [ 92.203311][ T3327] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.209254][ T3327] RIP: 0033:0x7fbd63e3bc57 [ 92.213649][ T3327] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.233286][ T3327] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 92.241683][ T3327] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 92.249675][ T3327] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 92.257630][ T3327] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:39 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:39 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f}], 0x0, &(0x7f0000012b00)) 14:57:39 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x22, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 92.265642][ T3327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 92.273607][ T3327] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 92.281604][ T3327] [ 92.288872][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.297429][ T1906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.311272][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:39 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) r1 = socket(0x35, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)={0x0, 0x0, 0xffffff88}) fstat(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r8, 0xee00) fstat(r6, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffffff, &(0x7f0000001480)='./file0\x00', r8, r9, 0x1000) setuid(r7) getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=0x0) setresgid(0x0, 0x0, r10) setregid(0x0, r10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001600)=[{{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000000)=[{&(0x7f00000002c0)="7ff186cfa1e80dfbf69f111a8823c3231d40b664a419eb3e94da8e4c6d50fe4d3f7a975de9e194fdb5803d3e4c3a79bf55340fe111c08ad2629a3403aed80cd0e6a4eab25932c0495207f1e67943ab3476e4e9a4689eae0c0089180c8b38236bde45a0c5333bad8c905b8df089dd23d7d139c053cebb9df123540755d7315525cc4cf0dd96853a6c14663c555c8e33a9a3e98da880db22df0b53793b0991efb7863dbcfba7824b7219c771d9c857223fc4989e5bae3f7feaa9802d241bd6cb38049aa732dd98ebb3221624fa0d6d3758345773957b744adc063073ba704b529a6c5b3a0652cf7639001125dbe8b5c8bac9b5014c18d6abe98c75b4b7b1b0d196114625bacbf0bf9f617ad0ccb750514cff224f7f3c62e0fcebf3917d712c3570c05f173fea1e6a51556f9744cba054c8218dd330cc1dcf7d386615e83a80e893a9159f4d411fcbb44e50eeef6b6e8678e1988b5b4f10a6f4f9178ffca5bcdf82ca45d34cad2abb3491864c532827a5ad334aadecb6f5905422baf6b1e9d20a24eb561cf6d7973ba8ac651d51e9258529b113d6dc301d78fda4d69dcecb4a7426f62cc5d6e80e35cb700bb2edc55276ea4f5d72f9573ef02737dd14170a5d832c6418136d0a56b000763ae300fb46f665db5d08ea8e150e770f6e080ca88534fce662f9ba58c795eb54b6f4f2b862d1bfde64ad6ec46238516b2e13b4b28c30f64385f7969ae149a4dca21b8c792352fec1af13b486b3c847d741ed517b9d0143a1d5c41fa3b0202a775e42fe9713e490f74e5e8aa38b6c7a1d94d5bba85cc8e675c8aea9ffe4ec1fee1abc5b2cf363f286cbb45c067dc1957640ca83255541066967682d445c0b9c940a32172068e0fcc380a978659869500e1fd2baa32775e428caa897ce4bf345d460f942eb63926058fb382eb662699d42e169cc29f6f66bce9cc6300ff067cb0596bd1612767fea0be0d02e74971a365589183d26e8bd5530ef23a53404ca8083c4cd9df42d355566256ce128a747d4557e8fbb31516cc2b2cc3b9e6fc88123de4bc3649bdc2ed8e6730a7a967aa7a03ecdf2fd83a81a58fd9b6055f10fd55118dc08dc0bd4cbf58ee1e1a6d51acbf22409c73663445b569869e1f14d7167ea5efb3bfbbeb3f5359b156b4093ed8d275beb18b24aeaae50eb3155b1591ac46c8b426fbe707117919c7615c680aacd7894a3d16d0bfe8a7439ac867f4dc61c230f470c82d477a24128b9e6a48f2459f6902687a44455d9a05bdac09496d0e9bfbfa6649d5af8ef9772fbfb75b49ec92babea4933c3d4f73c75f8487a4e8116b8ee30d0d43bb06ed70359f81541b5e561e3949262d3f1f84a30de2c7d5830ccacbca1dc4165cb96f09fdedcd99bc458ed3b7976b76fff5221ac831b4478644ff33973cf79e1b67b1dd689a96bbce8c525f97b1a8faf0f022404ab4af389cc4618acf0bbb750f99269b56f94b794e1370c2f2cf312398e012f0da24febfc861b422c080ac37d59aa37b4a0546f065be977586608e481f3afdb9794d0c30828d8e1de50ddd0151ba98db499a01913926b309b9ff7224aa1675a17930cafa7c94fa91bb0304b905efc4c244d600c33150df365fd998820d5bb4317edd88a55b04fd055d2251fb728e5d0efba64641f024a065395620cfa23df655f20a4fa59a0bdb8466745762726c77d0729554ef70f178df9b9b4f62a7db6d83f6c873c724c527a6b15acb2cab3edbbcada569215c180dacc8e5b8068dbb0bebb4875ab258e0a2d4e34bb621b025fab1ce4b1d2a6e20292d5a23ff96fd72249ba9cb9b85c24b3cbbbb6922c052ffa0d04d5dabf8aa3029ca1c52ee1a00d4fc359d914c9bb5e62bad0fdcae8406ee3685479837892445a70c0bcc33c14ea1b5d03ef3fc337887ec7c31ccba3c0afcb954fa10f663eb0c917afd04e61792f74a72814ef9229e8e4830ca37b02f71696f63cf83ae2ca73bb73b3e3e79390ecb495b5063ead7d9aff6cefa1f9573b150b5658822e6c77e2d7abbc6e856f096579d101446bbe7ee46fd649c253d27d11b57bdb75e725a52619525c17d55174b29b01298da9a214133327d4053c886eccbedf9225111661cb43e3a0f3b9f108a45449968b6eed62ff804081312cb678587223bab7bd2949eebab51797687f36133ed5a3645eff54bd9af1c3a5777baadeae26a3b2b2fa6e418597604e18651dfe792bec315332ef5650bf3e7d0694ad37feefa135b3b08e144c9d3346b43ae7928f8feb70bdfcdce23794e39036a5f39008f1e6ad5bfcacfdae7842ddab7ab3c3d4d0419994983284c876086a889e5b0b982a16bccc837460f413b000b5b591f845a3998ce43668e5b5e87cbda764ed3b23693609764509661158d2f7857a4bebf1a2eb2845369550c4b6fb9a3e9a8bb3f22e6ba25d7f51ea140a7540e59d74e56ccd0fe8258feef4d035028c6265af71fec04e8a99dcb8220798256d8d5c5e2910d6cc6bb066c6b09c99b5c5127119ed744304fbf08eefad05d4d5e33d27da57bdd2435fb216c907a6001d5d0d90a5fe9145fff8b2550f6b4a93ab779ca2f860b6ee922aee2447c1bcf1ac0c00e3190bba440543c369f46f311d4d9afd6e705ef6ba3717e1d83e98429ad1efa8d03c473eac739d4263dede750d37238aa67c15dac28ea066b7215fc9692fd40ab0a9aed1d8a61c591f3c3521693b364b29acaacff1032b8688e2d61ac5107be8f52474609a1d1c04777ac25575a540f9bc4f0898275975cdaecd882dd5749d9b462a16814144fa8f83e65f68738749fbb7caff5a1a435b348767356e21adf043dcb30adca9c549caef02aa688318ea20f3516407b3c68d381777b78ef6391ec5c972697f6858fad727499e5b58073b351bd793bf76886fba6e725f834f9628b6bb398fd299472b84573de3590218f2ae824241ffbad3a89bc76942931e99e7000a6eb73f4813a3414ff08ba45ce466fd09876d5551cf7430266875afb24e7a5076c7e281b071f4402bc6f94e5a313a6edfe47a1ce210d29c962078d038b2ae9e34842b3b7d74409bd5f9a7f729b8483a28af22d9be0af94e48758cf45fe642cbf960ab997127b6db149c2f734e0cc5b5cf88b4044c0adb18e059b2563906dbe5ec4c57fa7ed4b57179ac7b0070b21f184f09fee7c2dad993c208afd670de0fe756c3622a71d70fdea8e75c481e2163a6d4d5f9ae7535a98033d4b792e441c04f0d2e75cd3dbd3cd3417e891060eebe9910b4630b6b919d316d780d5456f346d5c0cfcac12b18e6ee0b598769f8907cc52aa1a55ce1816cba724c0d185c8f7b585df440014d456c8453ea70dab88b27435e337f8d0cb3c40a08008c245a22f7d817f6fcb1594dc00220d36e4985968ba12bcd84b5c510230a0a326df96cb73fca14de75bf1bdbc327ab026a0c7bb04f5096953b19cea86365e396b698a336b92b53346a66df01cd6243b8a7a942f9e4b03b575765d088088e1aaddfc9453db596f216c76078e94d3ff7bfcfbf8d5c908161012619891f3a6d93d975e52f45bdd0c2fddad78dde34f8cff7291812a72939940093542d9d5d97c17f012258990959ca493693cc923920faf6292d38243a7c9e16c69c27b28aeba0caac5e84fe8904c32736a45065212018cce081dba0eefea0c02ae405864d6d5640c7a817e9d35879357e4f222a4b5bbc1cb4913146b06eaac2fbf4c8db7e84fc0b786713d750f0b5c7b3e8e5078beb53a75ce52c955813afabb6723ac9072f747f57bde0ad4c47daba9f1dfcf0947b47ed8b6f125e66c10c56dd3092c4768a91ee9589a562b159bf4ed4832d71eab3556e3b137d0a34c2b3c189bb365332f4cab9685af8bd4a5a781ed908d7c4c8335513fb39fb80ac957a6c33a9704a85e460708f07723cfac4068d3da48dc9ba0f673ad09f9d7780e580e5d698e1862d7c6e5cec89ff5472239a3f9a047be4787234f0f2502e1e4fd8e17f4e829ea7ab1a7aad4c6233140a27c8f5104571dc2403971cca1c11a416d90ec10ef97f2af9e329c7a2505feb8844c202ea9bbc1465f654b389e6c97a8fa82e72e4f485ccaa7e3074af99d2f196bd9c1f8f38b105aebf03851bd955d27060a519d31e798238f86461fbb3d8726b18e2796de18b20b81388fbe84f4d5c7377e98017819f69aa07c75505e8fe8db7c4b54d572b75ff49ca7501c84e14cda60f8d3edbe137f17bf3b3e293953574e34bb9b073e308f65552c73902edf0835e7527fdd39e18fbcfd366c20d67f13b4ac073ef2c4f84347231e6cb7c0ab8c18d905941a60b4df12e9da61dd274d556a3d41aea4cb69aafe9713515062e82e305ae7af1a56a8c8473931f13ba388de4b441efa9dfc66bece6a2da496ddabfc3956c29ef0f9a64ab49b7dd0c02fa62ce75d9d6e9989cd7b323c8da52dfb4f889241c455557183819ab267556d5e27fd2d35af26406b087beeda57459a1e7be0c6d34d462bcb7eb3bf04f8aafe4a0d8dfd73388dbbd24849aa351c544e2d753c6700bd90c5e7267d98d0e544fa4003921b5ecad67d039aceac567237ce6372faffc6186b1412006f38445d5ed69dc2565bd5bd74027c1e8c3ddcf9a10c7bf2b8d8792f76f22adad1025cad11ff6e39a3dcb3930c71bd08fac7617c1f13220c657fd5716501fbf13fbbe03207c54226d691b4dde2ec5d47d38a4840ce130507e09195795a4a58209cca3b42a9d70feebcd3e7dcc53f97c2f55b8c8a71a4db6b93a792eae22525011f1d046126a51e017b9889cf966939d631fbbb1f1adaba072e2b4f5bead827a2305309125c6dbde086aacbe5cdf59d3fcb18bdf1768a60400cfabb5d940e6a55832d96853c1bcd5fbc934362ae5a82d930f3f876c55ccf545efb8e5f596d43d4e7d7ecc18679542c3dc0b320ec4a71a86cdcfe2c2dd356d7ac9cae45f925b55065769f5dbd316b828c56d988116e9f225b4b387caf1c7beaf96c56375aa5fa14321bc413096c3a03197a66a0c6451aecd6523aec6ba6f44400db5b4ba4748ba393ab33e6cc6da31ae7d1bb2a46e7b95bf5cc63305e9cb68ef1379a88bba0ffdc5f92b5866a07766c46155d2070987ae795e1e6bed2d8a60824a42657aa0f21177ff281e8bb5823ef103faec1eda71d7848423b7118f750aa2a44ae1dda072e18e92bd62cec42181f716b6cee00a631c290c7765a72cf55ec20d1927af014ae6576f44abf3d1a134e8b5119b5eb80752913fd5b4b2c09c7b9991355d25397f0cd9ddc71d936e4f2ec3bac88fce8d33acf17146581ff81c8dcce7f8508765dce03432f3443897c0b5404e23bc486643e214f3fdde4f7dbad5c595fa41fb3dcdd42e15033d36af92a09e86c94e3f33cee33be7728186126e1667a2a380766bd6b8875b7477fd6abaa866f6fa631b8a81f5a5fea1d7bb53fe09e0aadfa264e68e828844a19b216fc5f1cdad6f50e8b37bf8c0a2c8c5682e5fa3f44cf44c412ab635be9f28f08ae411259e4d84732d957081bdee16e910bed54895ee5b113d3d9a85d34388433465b1e273bdf1290fa274f0193217c943fe14a08b106e4c72868d6ce8ccc1a202172ae12b008be67ba97e793b1038ecc540885a6e61e4bfbeb10918446285e81e03a1b335212d2ec4b9d6e32c958eb9ca3f0fc21078b0863c500856b221036c1ffbd724f879a65530e139d891c0120baddf9bc184ec04fdfc2f0c9b15ed5c50a00c53b69ef9cb2426a36b61e46e9c6f9203a4d78f576bbee513701d61bab48be81c5531f272d4b1441e865c86573d365532d8347130da5af577df884c", 0x1000}, {&(0x7f0000000140)="aad20b26cf4d4260b84dd8b4363ccb6c8de92e74879310e4fb4854bf197ce4f95b2bce913a9bb601b192d9849ae14deeaaf929523353023eba764faabc712d83b0eaef83c6b1a1ff80b9d359e199778d2cffcea1f6ed657de31fa039ea448a7d69bb65d902e0e27655fa3406cb0738aecf8d78ad2c6e6605866dbaf679", 0x7d}, {&(0x7f00000012c0)="a1477e795d694e029a30898d9d671a9778930e43587f020bce369a6475e9f75d7decc107d9c7469190a06d32632987ab981559993212a156567ac79048d66b05dd4e138476958763b603819edaeba10e113d87ec48d357f15da5b0443fab8b30dee231689257e63a4c18c0628ea812d38304aa2219ebc35c1721feba8f799b76ce15e8188395ec23c1385af47c49ee42fb65a7d1bbc98e3e9e852207c9397a021b1f89ccfb50e14f18ca2b90a68cfe6a0cc9423634dd1b2d6c874b60e00f594b5964a18f", 0xc4}, {&(0x7f00000013c0)="1ec93c6bf5a85d48e8d6aef4d02da55305e50f3b5c9d823598fcf2f19c4e653d4e305e1760dcb209f2acc95e5926f72d24a10c2ff3a6f3f7c293e1b216fab0e1939bf7ef78e48f4d3f8276901467b97b8c4034b55dd025ab4efd2a75820049a812ae4327b4978db23b5c928d4c184713b9171e0c56ff24cb89c2c3f68599bdf81cffd5f402a180c3314665a882e65a554515bf1cc50060d4bf12b2f1bd0e76021baa3489ddd9ce655670eda542e043dd238b556e7283", 0xb6}], 0x4, &(0x7f0000001580)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r6, 0xffffffffffffffff, r6, r6, r6, r6]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r7}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r7, r10}}}], 0x70, 0x80}}], 0x1, 0x14) clone3(&(0x7f0000000380)={0x110060080, &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000140)=0x0, {0x3a}, &(0x7f0000000180)=""/95, 0x5f, &(0x7f0000000240)=""/222, &(0x7f0000000340)=[r2, r2, r2, r2, r2, r2, r2], 0x7}, 0x58) dup(r0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, r3, r4, r5, r10, 0x4, 0xffff}, 0x5, 0x7fff, 0xfff, 0x1420, r11, r2, 0x7}) [ 92.344037][ T3331] loop1: detected capacity change from 0 to 1024 [ 92.347729][ T3333] loop5: detected capacity change from 0 to 4 [ 92.355989][ T3335] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.367134][ T3331] EXT4-fs (loop1): unsupported descriptor size 0 [ 92.367597][ T3333] EXT4-fs (loop5): unsupported descriptor size 0 14:57:39 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) (async) r1 = socket(0x35, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)={0x0, 0x0, 0xffffff88}) (async) fstat(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) (async) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) (async) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r8, 0xee00) fstat(r6, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffffff, &(0x7f0000001480)='./file0\x00', r8, r9, 0x1000) (async) setuid(r7) getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=0x0) setresgid(0x0, 0x0, r10) setregid(0x0, r10) (async) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001600)=[{{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000000)=[{&(0x7f00000002c0)="7ff186cfa1e80dfbf69f111a8823c3231d40b664a419eb3e94da8e4c6d50fe4d3f7a975de9e194fdb5803d3e4c3a79bf55340fe111c08ad2629a3403aed80cd0e6a4eab25932c0495207f1e67943ab3476e4e9a4689eae0c0089180c8b38236bde45a0c5333bad8c905b8df089dd23d7d139c053cebb9df123540755d7315525cc4cf0dd96853a6c14663c555c8e33a9a3e98da880db22df0b53793b0991efb7863dbcfba7824b7219c771d9c857223fc4989e5bae3f7feaa9802d241bd6cb38049aa732dd98ebb3221624fa0d6d3758345773957b744adc063073ba704b529a6c5b3a0652cf7639001125dbe8b5c8bac9b5014c18d6abe98c75b4b7b1b0d196114625bacbf0bf9f617ad0ccb750514cff224f7f3c62e0fcebf3917d712c3570c05f173fea1e6a51556f9744cba054c8218dd330cc1dcf7d386615e83a80e893a9159f4d411fcbb44e50eeef6b6e8678e1988b5b4f10a6f4f9178ffca5bcdf82ca45d34cad2abb3491864c532827a5ad334aadecb6f5905422baf6b1e9d20a24eb561cf6d7973ba8ac651d51e9258529b113d6dc301d78fda4d69dcecb4a7426f62cc5d6e80e35cb700bb2edc55276ea4f5d72f9573ef02737dd14170a5d832c6418136d0a56b000763ae300fb46f665db5d08ea8e150e770f6e080ca88534fce662f9ba58c795eb54b6f4f2b862d1bfde64ad6ec46238516b2e13b4b28c30f64385f7969ae149a4dca21b8c792352fec1af13b486b3c847d741ed517b9d0143a1d5c41fa3b0202a775e42fe9713e490f74e5e8aa38b6c7a1d94d5bba85cc8e675c8aea9ffe4ec1fee1abc5b2cf363f286cbb45c067dc1957640ca83255541066967682d445c0b9c940a32172068e0fcc380a978659869500e1fd2baa32775e428caa897ce4bf345d460f942eb63926058fb382eb662699d42e169cc29f6f66bce9cc6300ff067cb0596bd1612767fea0be0d02e74971a365589183d26e8bd5530ef23a53404ca8083c4cd9df42d355566256ce128a747d4557e8fbb31516cc2b2cc3b9e6fc88123de4bc3649bdc2ed8e6730a7a967aa7a03ecdf2fd83a81a58fd9b6055f10fd55118dc08dc0bd4cbf58ee1e1a6d51acbf22409c73663445b569869e1f14d7167ea5efb3bfbbeb3f5359b156b4093ed8d275beb18b24aeaae50eb3155b1591ac46c8b426fbe707117919c7615c680aacd7894a3d16d0bfe8a7439ac867f4dc61c230f470c82d477a24128b9e6a48f2459f6902687a44455d9a05bdac09496d0e9bfbfa6649d5af8ef9772fbfb75b49ec92babea4933c3d4f73c75f8487a4e8116b8ee30d0d43bb06ed70359f81541b5e561e3949262d3f1f84a30de2c7d5830ccacbca1dc4165cb96f09fdedcd99bc458ed3b7976b76fff5221ac831b4478644ff33973cf79e1b67b1dd689a96bbce8c525f97b1a8faf0f022404ab4af389cc4618acf0bbb750f99269b56f94b794e1370c2f2cf312398e012f0da24febfc861b422c080ac37d59aa37b4a0546f065be977586608e481f3afdb9794d0c30828d8e1de50ddd0151ba98db499a01913926b309b9ff7224aa1675a17930cafa7c94fa91bb0304b905efc4c244d600c33150df365fd998820d5bb4317edd88a55b04fd055d2251fb728e5d0efba64641f024a065395620cfa23df655f20a4fa59a0bdb8466745762726c77d0729554ef70f178df9b9b4f62a7db6d83f6c873c724c527a6b15acb2cab3edbbcada569215c180dacc8e5b8068dbb0bebb4875ab258e0a2d4e34bb621b025fab1ce4b1d2a6e20292d5a23ff96fd72249ba9cb9b85c24b3cbbbb6922c052ffa0d04d5dabf8aa3029ca1c52ee1a00d4fc359d914c9bb5e62bad0fdcae8406ee3685479837892445a70c0bcc33c14ea1b5d03ef3fc337887ec7c31ccba3c0afcb954fa10f663eb0c917afd04e61792f74a72814ef9229e8e4830ca37b02f71696f63cf83ae2ca73bb73b3e3e79390ecb495b5063ead7d9aff6cefa1f9573b150b5658822e6c77e2d7abbc6e856f096579d101446bbe7ee46fd649c253d27d11b57bdb75e725a52619525c17d55174b29b01298da9a214133327d4053c886eccbedf9225111661cb43e3a0f3b9f108a45449968b6eed62ff804081312cb678587223bab7bd2949eebab51797687f36133ed5a3645eff54bd9af1c3a5777baadeae26a3b2b2fa6e418597604e18651dfe792bec315332ef5650bf3e7d0694ad37feefa135b3b08e144c9d3346b43ae7928f8feb70bdfcdce23794e39036a5f39008f1e6ad5bfcacfdae7842ddab7ab3c3d4d0419994983284c876086a889e5b0b982a16bccc837460f413b000b5b591f845a3998ce43668e5b5e87cbda764ed3b23693609764509661158d2f7857a4bebf1a2eb2845369550c4b6fb9a3e9a8bb3f22e6ba25d7f51ea140a7540e59d74e56ccd0fe8258feef4d035028c6265af71fec04e8a99dcb8220798256d8d5c5e2910d6cc6bb066c6b09c99b5c5127119ed744304fbf08eefad05d4d5e33d27da57bdd2435fb216c907a6001d5d0d90a5fe9145fff8b2550f6b4a93ab779ca2f860b6ee922aee2447c1bcf1ac0c00e3190bba440543c369f46f311d4d9afd6e705ef6ba3717e1d83e98429ad1efa8d03c473eac739d4263dede750d37238aa67c15dac28ea066b7215fc9692fd40ab0a9aed1d8a61c591f3c3521693b364b29acaacff1032b8688e2d61ac5107be8f52474609a1d1c04777ac25575a540f9bc4f0898275975cdaecd882dd5749d9b462a16814144fa8f83e65f68738749fbb7caff5a1a435b348767356e21adf043dcb30adca9c549caef02aa688318ea20f3516407b3c68d381777b78ef6391ec5c972697f6858fad727499e5b58073b351bd793bf76886fba6e725f834f9628b6bb398fd299472b84573de3590218f2ae824241ffbad3a89bc76942931e99e7000a6eb73f4813a3414ff08ba45ce466fd09876d5551cf7430266875afb24e7a5076c7e281b071f4402bc6f94e5a313a6edfe47a1ce210d29c962078d038b2ae9e34842b3b7d74409bd5f9a7f729b8483a28af22d9be0af94e48758cf45fe642cbf960ab997127b6db149c2f734e0cc5b5cf88b4044c0adb18e059b2563906dbe5ec4c57fa7ed4b57179ac7b0070b21f184f09fee7c2dad993c208afd670de0fe756c3622a71d70fdea8e75c481e2163a6d4d5f9ae7535a98033d4b792e441c04f0d2e75cd3dbd3cd3417e891060eebe9910b4630b6b919d316d780d5456f346d5c0cfcac12b18e6ee0b598769f8907cc52aa1a55ce1816cba724c0d185c8f7b585df440014d456c8453ea70dab88b27435e337f8d0cb3c40a08008c245a22f7d817f6fcb1594dc00220d36e4985968ba12bcd84b5c510230a0a326df96cb73fca14de75bf1bdbc327ab026a0c7bb04f5096953b19cea86365e396b698a336b92b53346a66df01cd6243b8a7a942f9e4b03b575765d088088e1aaddfc9453db596f216c76078e94d3ff7bfcfbf8d5c908161012619891f3a6d93d975e52f45bdd0c2fddad78dde34f8cff7291812a72939940093542d9d5d97c17f012258990959ca493693cc923920faf6292d38243a7c9e16c69c27b28aeba0caac5e84fe8904c32736a45065212018cce081dba0eefea0c02ae405864d6d5640c7a817e9d35879357e4f222a4b5bbc1cb4913146b06eaac2fbf4c8db7e84fc0b786713d750f0b5c7b3e8e5078beb53a75ce52c955813afabb6723ac9072f747f57bde0ad4c47daba9f1dfcf0947b47ed8b6f125e66c10c56dd3092c4768a91ee9589a562b159bf4ed4832d71eab3556e3b137d0a34c2b3c189bb365332f4cab9685af8bd4a5a781ed908d7c4c8335513fb39fb80ac957a6c33a9704a85e460708f07723cfac4068d3da48dc9ba0f673ad09f9d7780e580e5d698e1862d7c6e5cec89ff5472239a3f9a047be4787234f0f2502e1e4fd8e17f4e829ea7ab1a7aad4c6233140a27c8f5104571dc2403971cca1c11a416d90ec10ef97f2af9e329c7a2505feb8844c202ea9bbc1465f654b389e6c97a8fa82e72e4f485ccaa7e3074af99d2f196bd9c1f8f38b105aebf03851bd955d27060a519d31e798238f86461fbb3d8726b18e2796de18b20b81388fbe84f4d5c7377e98017819f69aa07c75505e8fe8db7c4b54d572b75ff49ca7501c84e14cda60f8d3edbe137f17bf3b3e293953574e34bb9b073e308f65552c73902edf0835e7527fdd39e18fbcfd366c20d67f13b4ac073ef2c4f84347231e6cb7c0ab8c18d905941a60b4df12e9da61dd274d556a3d41aea4cb69aafe9713515062e82e305ae7af1a56a8c8473931f13ba388de4b441efa9dfc66bece6a2da496ddabfc3956c29ef0f9a64ab49b7dd0c02fa62ce75d9d6e9989cd7b323c8da52dfb4f889241c455557183819ab267556d5e27fd2d35af26406b087beeda57459a1e7be0c6d34d462bcb7eb3bf04f8aafe4a0d8dfd73388dbbd24849aa351c544e2d753c6700bd90c5e7267d98d0e544fa4003921b5ecad67d039aceac567237ce6372faffc6186b1412006f38445d5ed69dc2565bd5bd74027c1e8c3ddcf9a10c7bf2b8d8792f76f22adad1025cad11ff6e39a3dcb3930c71bd08fac7617c1f13220c657fd5716501fbf13fbbe03207c54226d691b4dde2ec5d47d38a4840ce130507e09195795a4a58209cca3b42a9d70feebcd3e7dcc53f97c2f55b8c8a71a4db6b93a792eae22525011f1d046126a51e017b9889cf966939d631fbbb1f1adaba072e2b4f5bead827a2305309125c6dbde086aacbe5cdf59d3fcb18bdf1768a60400cfabb5d940e6a55832d96853c1bcd5fbc934362ae5a82d930f3f876c55ccf545efb8e5f596d43d4e7d7ecc18679542c3dc0b320ec4a71a86cdcfe2c2dd356d7ac9cae45f925b55065769f5dbd316b828c56d988116e9f225b4b387caf1c7beaf96c56375aa5fa14321bc413096c3a03197a66a0c6451aecd6523aec6ba6f44400db5b4ba4748ba393ab33e6cc6da31ae7d1bb2a46e7b95bf5cc63305e9cb68ef1379a88bba0ffdc5f92b5866a07766c46155d2070987ae795e1e6bed2d8a60824a42657aa0f21177ff281e8bb5823ef103faec1eda71d7848423b7118f750aa2a44ae1dda072e18e92bd62cec42181f716b6cee00a631c290c7765a72cf55ec20d1927af014ae6576f44abf3d1a134e8b5119b5eb80752913fd5b4b2c09c7b9991355d25397f0cd9ddc71d936e4f2ec3bac88fce8d33acf17146581ff81c8dcce7f8508765dce03432f3443897c0b5404e23bc486643e214f3fdde4f7dbad5c595fa41fb3dcdd42e15033d36af92a09e86c94e3f33cee33be7728186126e1667a2a380766bd6b8875b7477fd6abaa866f6fa631b8a81f5a5fea1d7bb53fe09e0aadfa264e68e828844a19b216fc5f1cdad6f50e8b37bf8c0a2c8c5682e5fa3f44cf44c412ab635be9f28f08ae411259e4d84732d957081bdee16e910bed54895ee5b113d3d9a85d34388433465b1e273bdf1290fa274f0193217c943fe14a08b106e4c72868d6ce8ccc1a202172ae12b008be67ba97e793b1038ecc540885a6e61e4bfbeb10918446285e81e03a1b335212d2ec4b9d6e32c958eb9ca3f0fc21078b0863c500856b221036c1ffbd724f879a65530e139d891c0120baddf9bc184ec04fdfc2f0c9b15ed5c50a00c53b69ef9cb2426a36b61e46e9c6f9203a4d78f576bbee513701d61bab48be81c5531f272d4b1441e865c86573d365532d8347130da5af577df884c", 0x1000}, {&(0x7f0000000140)="aad20b26cf4d4260b84dd8b4363ccb6c8de92e74879310e4fb4854bf197ce4f95b2bce913a9bb601b192d9849ae14deeaaf929523353023eba764faabc712d83b0eaef83c6b1a1ff80b9d359e199778d2cffcea1f6ed657de31fa039ea448a7d69bb65d902e0e27655fa3406cb0738aecf8d78ad2c6e6605866dbaf679", 0x7d}, {&(0x7f00000012c0)="a1477e795d694e029a30898d9d671a9778930e43587f020bce369a6475e9f75d7decc107d9c7469190a06d32632987ab981559993212a156567ac79048d66b05dd4e138476958763b603819edaeba10e113d87ec48d357f15da5b0443fab8b30dee231689257e63a4c18c0628ea812d38304aa2219ebc35c1721feba8f799b76ce15e8188395ec23c1385af47c49ee42fb65a7d1bbc98e3e9e852207c9397a021b1f89ccfb50e14f18ca2b90a68cfe6a0cc9423634dd1b2d6c874b60e00f594b5964a18f", 0xc4}, {&(0x7f00000013c0)="1ec93c6bf5a85d48e8d6aef4d02da55305e50f3b5c9d823598fcf2f19c4e653d4e305e1760dcb209f2acc95e5926f72d24a10c2ff3a6f3f7c293e1b216fab0e1939bf7ef78e48f4d3f8276901467b97b8c4034b55dd025ab4efd2a75820049a812ae4327b4978db23b5c928d4c184713b9171e0c56ff24cb89c2c3f68599bdf81cffd5f402a180c3314665a882e65a554515bf1cc50060d4bf12b2f1bd0e76021baa3489ddd9ce655670eda542e043dd238b556e7283", 0xb6}], 0x4, &(0x7f0000001580)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r6, 0xffffffffffffffff, r6, r6, r6, r6]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r7}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r7, r10}}}], 0x70, 0x80}}], 0x1, 0x14) (async) clone3(&(0x7f0000000380)={0x110060080, &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000140)=0x0, {0x3a}, &(0x7f0000000180)=""/95, 0x5f, &(0x7f0000000240)=""/222, &(0x7f0000000340)=[r2, r2, r2, r2, r2, r2, r2], 0x7}, 0x58) dup(r0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, r3, r4, r5, r10, 0x4, 0xffff}, 0x5, 0x7fff, 0xfff, 0x1420, r11, r2, 0x7}) 14:57:39 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 26) 14:57:39 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x48, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:39 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) (async, rerun: 64) r1 = socket(0x35, 0x1, 0x0) (rerun: 64) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0x0) (async) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)={0x0, 0x0, 0xffffff88}) fstat(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) (async) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r8, 0xee00) fstat(r6, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffffff, &(0x7f0000001480)='./file0\x00', r8, r9, 0x1000) (async) setuid(r7) getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=0x0) setresgid(0x0, 0x0, r10) setregid(0x0, r10) (async) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001600)=[{{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000000)=[{&(0x7f00000002c0)="7ff186cfa1e80dfbf69f111a8823c3231d40b664a419eb3e94da8e4c6d50fe4d3f7a975de9e194fdb5803d3e4c3a79bf55340fe111c08ad2629a3403aed80cd0e6a4eab25932c0495207f1e67943ab3476e4e9a4689eae0c0089180c8b38236bde45a0c5333bad8c905b8df089dd23d7d139c053cebb9df123540755d7315525cc4cf0dd96853a6c14663c555c8e33a9a3e98da880db22df0b53793b0991efb7863dbcfba7824b7219c771d9c857223fc4989e5bae3f7feaa9802d241bd6cb38049aa732dd98ebb3221624fa0d6d3758345773957b744adc063073ba704b529a6c5b3a0652cf7639001125dbe8b5c8bac9b5014c18d6abe98c75b4b7b1b0d196114625bacbf0bf9f617ad0ccb750514cff224f7f3c62e0fcebf3917d712c3570c05f173fea1e6a51556f9744cba054c8218dd330cc1dcf7d386615e83a80e893a9159f4d411fcbb44e50eeef6b6e8678e1988b5b4f10a6f4f9178ffca5bcdf82ca45d34cad2abb3491864c532827a5ad334aadecb6f5905422baf6b1e9d20a24eb561cf6d7973ba8ac651d51e9258529b113d6dc301d78fda4d69dcecb4a7426f62cc5d6e80e35cb700bb2edc55276ea4f5d72f9573ef02737dd14170a5d832c6418136d0a56b000763ae300fb46f665db5d08ea8e150e770f6e080ca88534fce662f9ba58c795eb54b6f4f2b862d1bfde64ad6ec46238516b2e13b4b28c30f64385f7969ae149a4dca21b8c792352fec1af13b486b3c847d741ed517b9d0143a1d5c41fa3b0202a775e42fe9713e490f74e5e8aa38b6c7a1d94d5bba85cc8e675c8aea9ffe4ec1fee1abc5b2cf363f286cbb45c067dc1957640ca83255541066967682d445c0b9c940a32172068e0fcc380a978659869500e1fd2baa32775e428caa897ce4bf345d460f942eb63926058fb382eb662699d42e169cc29f6f66bce9cc6300ff067cb0596bd1612767fea0be0d02e74971a365589183d26e8bd5530ef23a53404ca8083c4cd9df42d355566256ce128a747d4557e8fbb31516cc2b2cc3b9e6fc88123de4bc3649bdc2ed8e6730a7a967aa7a03ecdf2fd83a81a58fd9b6055f10fd55118dc08dc0bd4cbf58ee1e1a6d51acbf22409c73663445b569869e1f14d7167ea5efb3bfbbeb3f5359b156b4093ed8d275beb18b24aeaae50eb3155b1591ac46c8b426fbe707117919c7615c680aacd7894a3d16d0bfe8a7439ac867f4dc61c230f470c82d477a24128b9e6a48f2459f6902687a44455d9a05bdac09496d0e9bfbfa6649d5af8ef9772fbfb75b49ec92babea4933c3d4f73c75f8487a4e8116b8ee30d0d43bb06ed70359f81541b5e561e3949262d3f1f84a30de2c7d5830ccacbca1dc4165cb96f09fdedcd99bc458ed3b7976b76fff5221ac831b4478644ff33973cf79e1b67b1dd689a96bbce8c525f97b1a8faf0f022404ab4af389cc4618acf0bbb750f99269b56f94b794e1370c2f2cf312398e012f0da24febfc861b422c080ac37d59aa37b4a0546f065be977586608e481f3afdb9794d0c30828d8e1de50ddd0151ba98db499a01913926b309b9ff7224aa1675a17930cafa7c94fa91bb0304b905efc4c244d600c33150df365fd998820d5bb4317edd88a55b04fd055d2251fb728e5d0efba64641f024a065395620cfa23df655f20a4fa59a0bdb8466745762726c77d0729554ef70f178df9b9b4f62a7db6d83f6c873c724c527a6b15acb2cab3edbbcada569215c180dacc8e5b8068dbb0bebb4875ab258e0a2d4e34bb621b025fab1ce4b1d2a6e20292d5a23ff96fd72249ba9cb9b85c24b3cbbbb6922c052ffa0d04d5dabf8aa3029ca1c52ee1a00d4fc359d914c9bb5e62bad0fdcae8406ee3685479837892445a70c0bcc33c14ea1b5d03ef3fc337887ec7c31ccba3c0afcb954fa10f663eb0c917afd04e61792f74a72814ef9229e8e4830ca37b02f71696f63cf83ae2ca73bb73b3e3e79390ecb495b5063ead7d9aff6cefa1f9573b150b5658822e6c77e2d7abbc6e856f096579d101446bbe7ee46fd649c253d27d11b57bdb75e725a52619525c17d55174b29b01298da9a214133327d4053c886eccbedf9225111661cb43e3a0f3b9f108a45449968b6eed62ff804081312cb678587223bab7bd2949eebab51797687f36133ed5a3645eff54bd9af1c3a5777baadeae26a3b2b2fa6e418597604e18651dfe792bec315332ef5650bf3e7d0694ad37feefa135b3b08e144c9d3346b43ae7928f8feb70bdfcdce23794e39036a5f39008f1e6ad5bfcacfdae7842ddab7ab3c3d4d0419994983284c876086a889e5b0b982a16bccc837460f413b000b5b591f845a3998ce43668e5b5e87cbda764ed3b23693609764509661158d2f7857a4bebf1a2eb2845369550c4b6fb9a3e9a8bb3f22e6ba25d7f51ea140a7540e59d74e56ccd0fe8258feef4d035028c6265af71fec04e8a99dcb8220798256d8d5c5e2910d6cc6bb066c6b09c99b5c5127119ed744304fbf08eefad05d4d5e33d27da57bdd2435fb216c907a6001d5d0d90a5fe9145fff8b2550f6b4a93ab779ca2f860b6ee922aee2447c1bcf1ac0c00e3190bba440543c369f46f311d4d9afd6e705ef6ba3717e1d83e98429ad1efa8d03c473eac739d4263dede750d37238aa67c15dac28ea066b7215fc9692fd40ab0a9aed1d8a61c591f3c3521693b364b29acaacff1032b8688e2d61ac5107be8f52474609a1d1c04777ac25575a540f9bc4f0898275975cdaecd882dd5749d9b462a16814144fa8f83e65f68738749fbb7caff5a1a435b348767356e21adf043dcb30adca9c549caef02aa688318ea20f3516407b3c68d381777b78ef6391ec5c972697f6858fad727499e5b58073b351bd793bf76886fba6e725f834f9628b6bb398fd299472b84573de3590218f2ae824241ffbad3a89bc76942931e99e7000a6eb73f4813a3414ff08ba45ce466fd09876d5551cf7430266875afb24e7a5076c7e281b071f4402bc6f94e5a313a6edfe47a1ce210d29c962078d038b2ae9e34842b3b7d74409bd5f9a7f729b8483a28af22d9be0af94e48758cf45fe642cbf960ab997127b6db149c2f734e0cc5b5cf88b4044c0adb18e059b2563906dbe5ec4c57fa7ed4b57179ac7b0070b21f184f09fee7c2dad993c208afd670de0fe756c3622a71d70fdea8e75c481e2163a6d4d5f9ae7535a98033d4b792e441c04f0d2e75cd3dbd3cd3417e891060eebe9910b4630b6b919d316d780d5456f346d5c0cfcac12b18e6ee0b598769f8907cc52aa1a55ce1816cba724c0d185c8f7b585df440014d456c8453ea70dab88b27435e337f8d0cb3c40a08008c245a22f7d817f6fcb1594dc00220d36e4985968ba12bcd84b5c510230a0a326df96cb73fca14de75bf1bdbc327ab026a0c7bb04f5096953b19cea86365e396b698a336b92b53346a66df01cd6243b8a7a942f9e4b03b575765d088088e1aaddfc9453db596f216c76078e94d3ff7bfcfbf8d5c908161012619891f3a6d93d975e52f45bdd0c2fddad78dde34f8cff7291812a72939940093542d9d5d97c17f012258990959ca493693cc923920faf6292d38243a7c9e16c69c27b28aeba0caac5e84fe8904c32736a45065212018cce081dba0eefea0c02ae405864d6d5640c7a817e9d35879357e4f222a4b5bbc1cb4913146b06eaac2fbf4c8db7e84fc0b786713d750f0b5c7b3e8e5078beb53a75ce52c955813afabb6723ac9072f747f57bde0ad4c47daba9f1dfcf0947b47ed8b6f125e66c10c56dd3092c4768a91ee9589a562b159bf4ed4832d71eab3556e3b137d0a34c2b3c189bb365332f4cab9685af8bd4a5a781ed908d7c4c8335513fb39fb80ac957a6c33a9704a85e460708f07723cfac4068d3da48dc9ba0f673ad09f9d7780e580e5d698e1862d7c6e5cec89ff5472239a3f9a047be4787234f0f2502e1e4fd8e17f4e829ea7ab1a7aad4c6233140a27c8f5104571dc2403971cca1c11a416d90ec10ef97f2af9e329c7a2505feb8844c202ea9bbc1465f654b389e6c97a8fa82e72e4f485ccaa7e3074af99d2f196bd9c1f8f38b105aebf03851bd955d27060a519d31e798238f86461fbb3d8726b18e2796de18b20b81388fbe84f4d5c7377e98017819f69aa07c75505e8fe8db7c4b54d572b75ff49ca7501c84e14cda60f8d3edbe137f17bf3b3e293953574e34bb9b073e308f65552c73902edf0835e7527fdd39e18fbcfd366c20d67f13b4ac073ef2c4f84347231e6cb7c0ab8c18d905941a60b4df12e9da61dd274d556a3d41aea4cb69aafe9713515062e82e305ae7af1a56a8c8473931f13ba388de4b441efa9dfc66bece6a2da496ddabfc3956c29ef0f9a64ab49b7dd0c02fa62ce75d9d6e9989cd7b323c8da52dfb4f889241c455557183819ab267556d5e27fd2d35af26406b087beeda57459a1e7be0c6d34d462bcb7eb3bf04f8aafe4a0d8dfd73388dbbd24849aa351c544e2d753c6700bd90c5e7267d98d0e544fa4003921b5ecad67d039aceac567237ce6372faffc6186b1412006f38445d5ed69dc2565bd5bd74027c1e8c3ddcf9a10c7bf2b8d8792f76f22adad1025cad11ff6e39a3dcb3930c71bd08fac7617c1f13220c657fd5716501fbf13fbbe03207c54226d691b4dde2ec5d47d38a4840ce130507e09195795a4a58209cca3b42a9d70feebcd3e7dcc53f97c2f55b8c8a71a4db6b93a792eae22525011f1d046126a51e017b9889cf966939d631fbbb1f1adaba072e2b4f5bead827a2305309125c6dbde086aacbe5cdf59d3fcb18bdf1768a60400cfabb5d940e6a55832d96853c1bcd5fbc934362ae5a82d930f3f876c55ccf545efb8e5f596d43d4e7d7ecc18679542c3dc0b320ec4a71a86cdcfe2c2dd356d7ac9cae45f925b55065769f5dbd316b828c56d988116e9f225b4b387caf1c7beaf96c56375aa5fa14321bc413096c3a03197a66a0c6451aecd6523aec6ba6f44400db5b4ba4748ba393ab33e6cc6da31ae7d1bb2a46e7b95bf5cc63305e9cb68ef1379a88bba0ffdc5f92b5866a07766c46155d2070987ae795e1e6bed2d8a60824a42657aa0f21177ff281e8bb5823ef103faec1eda71d7848423b7118f750aa2a44ae1dda072e18e92bd62cec42181f716b6cee00a631c290c7765a72cf55ec20d1927af014ae6576f44abf3d1a134e8b5119b5eb80752913fd5b4b2c09c7b9991355d25397f0cd9ddc71d936e4f2ec3bac88fce8d33acf17146581ff81c8dcce7f8508765dce03432f3443897c0b5404e23bc486643e214f3fdde4f7dbad5c595fa41fb3dcdd42e15033d36af92a09e86c94e3f33cee33be7728186126e1667a2a380766bd6b8875b7477fd6abaa866f6fa631b8a81f5a5fea1d7bb53fe09e0aadfa264e68e828844a19b216fc5f1cdad6f50e8b37bf8c0a2c8c5682e5fa3f44cf44c412ab635be9f28f08ae411259e4d84732d957081bdee16e910bed54895ee5b113d3d9a85d34388433465b1e273bdf1290fa274f0193217c943fe14a08b106e4c72868d6ce8ccc1a202172ae12b008be67ba97e793b1038ecc540885a6e61e4bfbeb10918446285e81e03a1b335212d2ec4b9d6e32c958eb9ca3f0fc21078b0863c500856b221036c1ffbd724f879a65530e139d891c0120baddf9bc184ec04fdfc2f0c9b15ed5c50a00c53b69ef9cb2426a36b61e46e9c6f9203a4d78f576bbee513701d61bab48be81c5531f272d4b1441e865c86573d365532d8347130da5af577df884c", 0x1000}, {&(0x7f0000000140)="aad20b26cf4d4260b84dd8b4363ccb6c8de92e74879310e4fb4854bf197ce4f95b2bce913a9bb601b192d9849ae14deeaaf929523353023eba764faabc712d83b0eaef83c6b1a1ff80b9d359e199778d2cffcea1f6ed657de31fa039ea448a7d69bb65d902e0e27655fa3406cb0738aecf8d78ad2c6e6605866dbaf679", 0x7d}, {&(0x7f00000012c0)="a1477e795d694e029a30898d9d671a9778930e43587f020bce369a6475e9f75d7decc107d9c7469190a06d32632987ab981559993212a156567ac79048d66b05dd4e138476958763b603819edaeba10e113d87ec48d357f15da5b0443fab8b30dee231689257e63a4c18c0628ea812d38304aa2219ebc35c1721feba8f799b76ce15e8188395ec23c1385af47c49ee42fb65a7d1bbc98e3e9e852207c9397a021b1f89ccfb50e14f18ca2b90a68cfe6a0cc9423634dd1b2d6c874b60e00f594b5964a18f", 0xc4}, {&(0x7f00000013c0)="1ec93c6bf5a85d48e8d6aef4d02da55305e50f3b5c9d823598fcf2f19c4e653d4e305e1760dcb209f2acc95e5926f72d24a10c2ff3a6f3f7c293e1b216fab0e1939bf7ef78e48f4d3f8276901467b97b8c4034b55dd025ab4efd2a75820049a812ae4327b4978db23b5c928d4c184713b9171e0c56ff24cb89c2c3f68599bdf81cffd5f402a180c3314665a882e65a554515bf1cc50060d4bf12b2f1bd0e76021baa3489ddd9ce655670eda542e043dd238b556e7283", 0xb6}], 0x4, &(0x7f0000001580)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r6, 0xffffffffffffffff, r6, r6, r6, r6]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r7}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r7, r10}}}], 0x70, 0x80}}], 0x1, 0x14) clone3(&(0x7f0000000380)={0x110060080, &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000140)=0x0, {0x3a}, &(0x7f0000000180)=""/95, 0x5f, &(0x7f0000000240)=""/222, &(0x7f0000000340)=[r2, r2, r2, r2, r2, r2, r2], 0x7}, 0x58) (async) dup(r0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, r3, r4, r5, r10, 0x4, 0xffff}, 0x5, 0x7fff, 0xfff, 0x1420, r11, r2, 0x7}) [ 92.381328][ T24] audit: type=1400 audit(1639666659.603:158): avc: denied { getopt } for pid=3334 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 92.408432][ T3339] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.418734][ T3338] FAULT_INJECTION: forcing a failure. [ 92.418734][ T3338] name failslab, interval 1, probability 0, space 0, times 0 [ 92.431427][ T3338] CPU: 0 PID: 3338 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:39 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 29) 14:57:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000600)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x202, &(0x7f00000003c0)=0x0) r2 = pidfd_open(0x0, 0x0) lseek(r2, 0x9, 0x1) ftruncate(0xffffffffffffffff, 0x4) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80000001}}, 0x0, 0x7f}, &(0x7f0000000080)=0x90) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000400)={r3, @in6={{0xa, 0x4e20, 0x4, @local, 0xde58}}, [0x80400001, 0x42, 0x2, 0x2, 0xfffffffffffffffd, 0x2, 0x7, 0x1, 0xb5c, 0xe37, 0x400, 0x2, 0xe3, 0x800, 0xffffffff]}, &(0x7f0000000240)=0x100) io_submit(r1, 0x1848, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000, 0x1100}]) [ 92.440103][ T3338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.450186][ T3338] Call Trace: [ 92.453511][ T3338] [ 92.456441][ T3338] dump_stack_lvl+0xd6/0x122 [ 92.461065][ T3338] dump_stack+0x11/0x1b [ 92.465223][ T3338] should_fail+0x23c/0x250 [ 92.469645][ T3338] ? __kernfs_new_node+0x6a/0x340 [ 92.474672][ T3338] __should_failslab+0x81/0x90 [ 92.475159][ T3351] FAULT_INJECTION: forcing a failure. [ 92.475159][ T3351] name failslab, interval 1, probability 0, space 0, times 0 [ 92.479488][ T3338] should_failslab+0x5/0x20 [ 92.479515][ T3338] kmem_cache_alloc+0x4f/0x320 [ 92.501385][ T3338] __kernfs_new_node+0x6a/0x340 [ 92.506337][ T3338] ? up_write+0xb5/0xc0 [ 92.510475][ T3338] kernfs_new_node+0x5b/0xd0 [ 92.515051][ T3338] __kernfs_create_file+0x45/0x1a0 [ 92.520171][ T3338] ? dev_attr_show+0x90/0x90 [ 92.524752][ T3338] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 92.531634][ T3338] internal_create_group+0x2dd/0x840 [ 92.536913][ T3338] sysfs_create_group+0x1b/0x20 [ 92.541748][ T3338] loop_configure+0xc58/0xf30 [ 92.546414][ T3338] lo_ioctl+0x583/0x1270 [ 92.550646][ T3338] ? __rcu_read_unlock+0x5c/0x290 [ 92.555813][ T3338] ? blkdev_common_ioctl+0x438/0x1180 [ 92.561275][ T3338] ? selinux_file_ioctl+0x522/0x590 [ 92.566461][ T3338] ? do_vfs_ioctl+0x819/0x14a0 [ 92.571288][ T3338] ? lo_release+0x120/0x120 [ 92.575845][ T3338] blkdev_ioctl+0x20e/0x440 [ 92.580349][ T3338] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 92.585828][ T3338] __se_sys_ioctl+0xcb/0x140 [ 92.590417][ T3338] __x64_sys_ioctl+0x3f/0x50 [ 92.594998][ T3338] do_syscall_64+0x44/0xd0 [ 92.599402][ T3338] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.605327][ T3338] RIP: 0033:0x7fbc8e8ddc57 [ 92.609723][ T3338] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.629397][ T3338] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 92.637866][ T3338] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 92.645823][ T3338] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 92.653784][ T3338] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 92.661768][ T3338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 92.669781][ T3338] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 92.677797][ T3338] [ 92.680831][ T3351] CPU: 1 PID: 3351 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 92.689658][ T3351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.699698][ T3351] Call Trace: [ 92.702970][ T3351] [ 92.705885][ T3351] dump_stack_lvl+0xd6/0x122 [ 92.710576][ T3351] dump_stack+0x11/0x1b [ 92.714786][ T3351] should_fail+0x23c/0x250 [ 92.719183][ T3351] ? radix_tree_node_alloc+0x142/0x200 [ 92.724633][ T3351] __should_failslab+0x81/0x90 [ 92.729395][ T3351] should_failslab+0x5/0x20 [ 92.734016][ T3351] kmem_cache_alloc+0x4f/0x320 [ 92.738765][ T3351] radix_tree_node_alloc+0x142/0x200 [ 92.744060][ T3351] ? delete_node+0x45c/0x480 [ 92.748693][ T3351] ? selinux_socket_sock_rcv_skb+0x156/0x730 [ 92.754736][ T3351] idr_get_free+0x22a/0x5d0 [ 92.759248][ T3351] ? kernfs_xattr_get+0x63/0x70 [ 92.764197][ T3351] idr_alloc_cyclic+0xf4/0x2f0 [ 92.769535][ T3351] __kernfs_new_node+0xb4/0x340 [ 92.774452][ T3351] ? up_write+0x25/0xc0 [ 92.778605][ T3351] kernfs_new_node+0x5b/0xd0 [ 92.783242][ T3351] __kernfs_create_file+0x45/0x1a0 [ 92.788407][ T3351] ? dev_attr_show+0x90/0x90 [ 92.793120][ T3351] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 92.798483][ T3351] internal_create_group+0x2dd/0x840 [ 92.803829][ T3351] sysfs_create_group+0x1b/0x20 [ 92.808662][ T3351] loop_configure+0xc58/0xf30 [ 92.813386][ T3351] lo_ioctl+0x583/0x1270 [ 92.817658][ T3351] ? __rcu_read_unlock+0x5c/0x290 [ 92.822670][ T3351] ? blkdev_common_ioctl+0x438/0x1180 [ 92.828030][ T3351] ? selinux_file_ioctl+0x522/0x590 [ 92.833385][ T3351] ? do_vfs_ioctl+0x819/0x14a0 [ 92.838189][ T3351] ? lo_release+0x120/0x120 [ 92.842752][ T3351] blkdev_ioctl+0x20e/0x440 [ 92.847275][ T3351] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 92.852768][ T3351] __se_sys_ioctl+0xcb/0x140 [ 92.857388][ T3351] __x64_sys_ioctl+0x3f/0x50 [ 92.862018][ T3351] do_syscall_64+0x44/0xd0 [ 92.866421][ T3351] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.872343][ T3351] RIP: 0033:0x7fbd63e3bc57 [ 92.876745][ T3351] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.896334][ T3351] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 92.904775][ T3351] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 92.912764][ T3351] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 92.920860][ T3351] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 92.928813][ T3351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 92.936843][ T3351] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:57:40 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 30) [ 92.944837][ T3351] [ 92.950004][ T3352] loop0: detected capacity change from 0 to 16 [ 92.961067][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:40 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:40 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f}], 0x0, &(0x7f0000012b00)) [ 92.989789][ T24] audit: type=1400 audit(1639666660.213:159): avc: denied { mount } for pid=3349 comm="syz-executor.0" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 93.005334][ T3355] loop1: detected capacity change from 0 to 1024 [ 93.027476][ T3359] FAULT_INJECTION: forcing a failure. [ 93.027476][ T3359] name failslab, interval 1, probability 0, space 0, times 0 14:57:40 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 27) [ 93.035739][ T3361] loop5: detected capacity change from 0 to 4 [ 93.040169][ T3359] CPU: 0 PID: 3359 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 93.054233][ T3361] EXT4-fs (loop5): unsupported descriptor size 0 [ 93.054819][ T3359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.063372][ T3355] EXT4-fs (loop1): unsupported descriptor size 0 [ 93.071163][ T3359] Call Trace: [ 93.071171][ T3359] [ 93.071177][ T3359] dump_stack_lvl+0xd6/0x122 [ 93.071202][ T3359] dump_stack+0x11/0x1b [ 93.087189][ T3363] FAULT_INJECTION: forcing a failure. [ 93.087189][ T3363] name failslab, interval 1, probability 0, space 0, times 0 [ 93.088385][ T3359] should_fail+0x23c/0x250 [ 93.109549][ T3359] ? kobject_uevent_env+0x1a7/0xc40 [ 93.114740][ T3359] __should_failslab+0x81/0x90 [ 93.119491][ T3359] should_failslab+0x5/0x20 [ 93.124046][ T3359] kmem_cache_alloc_trace+0x52/0x350 [ 93.129316][ T3359] ? dev_attr_show+0x90/0x90 [ 93.133931][ T3359] ? dev_uevent_filter+0x70/0x70 [ 93.138924][ T3359] kobject_uevent_env+0x1a7/0xc40 [ 93.143933][ T3359] ? _raw_spin_unlock+0x2e/0x50 [ 93.148766][ T3359] kobject_uevent+0x18/0x20 [ 93.153254][ T3359] loop_configure+0xd70/0xf30 [ 93.157918][ T3359] lo_ioctl+0x583/0x1270 [ 93.162142][ T3359] ? __rcu_read_unlock+0x5c/0x290 [ 93.167155][ T3359] ? blkdev_common_ioctl+0x438/0x1180 [ 93.172583][ T3359] ? selinux_file_ioctl+0x522/0x590 [ 93.177766][ T3359] ? do_vfs_ioctl+0x819/0x14a0 [ 93.182582][ T3359] ? lo_release+0x120/0x120 [ 93.187145][ T3359] blkdev_ioctl+0x20e/0x440 [ 93.191634][ T3359] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 93.197139][ T3359] __se_sys_ioctl+0xcb/0x140 [ 93.201777][ T3359] __x64_sys_ioctl+0x3f/0x50 [ 93.206351][ T3359] do_syscall_64+0x44/0xd0 [ 93.210750][ T3359] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.216726][ T3359] RIP: 0033:0x7fbd63e3bc57 [ 93.221123][ T3359] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 93.240713][ T3359] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 93.249180][ T3359] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 93.257134][ T3359] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 93.265086][ T3359] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 93.273040][ T3359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 93.280991][ T3359] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:57:40 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x68, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 93.289045][ T3359] [ 93.292047][ T3363] CPU: 1 PID: 3363 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 93.300719][ T3363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.310837][ T3363] Call Trace: [ 93.314111][ T3363] [ 93.317035][ T3363] dump_stack_lvl+0xd6/0x122 [ 93.321627][ T3363] dump_stack+0x11/0x1b [ 93.325783][ T3363] should_fail+0x23c/0x250 [ 93.330215][ T3363] ? __kernfs_new_node+0x6a/0x340 [ 93.335286][ T3363] __should_failslab+0x81/0x90 [ 93.340095][ T3363] should_failslab+0x5/0x20 [ 93.344606][ T3363] kmem_cache_alloc+0x4f/0x320 [ 93.349359][ T3363] ? __down_write_common+0x42/0x7b0 [ 93.354559][ T3363] __kernfs_new_node+0x6a/0x340 [ 93.359434][ T3363] ? up_write+0x25/0xc0 [ 93.363571][ T3363] kernfs_new_node+0x5b/0xd0 [ 93.368246][ T3363] __kernfs_create_file+0x45/0x1a0 [ 93.373361][ T3363] ? dev_attr_show+0x90/0x90 [ 93.378002][ T3363] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 93.383510][ T3363] internal_create_group+0x2dd/0x840 [ 93.388787][ T3363] sysfs_create_group+0x1b/0x20 [ 93.393619][ T3363] loop_configure+0xc58/0xf30 [ 93.398282][ T3363] lo_ioctl+0x583/0x1270 [ 93.402514][ T3363] ? __rcu_read_unlock+0x5c/0x290 [ 93.407523][ T3363] ? blkdev_common_ioctl+0x438/0x1180 [ 93.412879][ T3363] ? selinux_file_ioctl+0x522/0x590 [ 93.418157][ T3363] ? do_vfs_ioctl+0x819/0x14a0 [ 93.422929][ T3363] ? lo_release+0x120/0x120 [ 93.427418][ T3363] blkdev_ioctl+0x20e/0x440 [ 93.431996][ T3363] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 93.437440][ T3363] __se_sys_ioctl+0xcb/0x140 [ 93.442112][ T3363] __x64_sys_ioctl+0x3f/0x50 [ 93.446813][ T3363] do_syscall_64+0x44/0xd0 [ 93.451214][ T3363] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.457110][ T3363] RIP: 0033:0x7fbc8e8ddc57 [ 93.461547][ T3363] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 93.481132][ T3363] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:57:40 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:40 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 31) [ 93.489587][ T3363] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 93.497540][ T3363] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 93.505493][ T3363] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 93.513537][ T3363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 93.521512][ T3363] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 93.529478][ T3363] [ 93.534267][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.567737][ T3367] loop1: detected capacity change from 0 to 1024 [ 93.575530][ T3370] FAULT_INJECTION: forcing a failure. [ 93.575530][ T3370] name failslab, interval 1, probability 0, space 0, times 0 [ 93.576868][ T3367] EXT4-fs (loop1): unsupported descriptor size 0 [ 93.588333][ T3370] CPU: 0 PID: 3370 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 93.603333][ T3370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.613393][ T3370] Call Trace: [ 93.616674][ T3370] [ 93.619598][ T3370] dump_stack_lvl+0xd6/0x122 [ 93.624244][ T3370] dump_stack+0x11/0x1b [ 93.628410][ T3370] should_fail+0x23c/0x250 [ 93.628906][ T24] audit: type=1400 audit(1639666660.853:160): avc: denied { unmount } for pid=1822 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 93.632896][ T3370] ? kzalloc+0x1d/0x30 [ 93.657037][ T3370] __should_failslab+0x81/0x90 [ 93.661836][ T3370] should_failslab+0x5/0x20 14:57:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000600)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) (async) chdir(&(0x7f0000000040)='./file0\x00') (async) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) (async) io_setup(0x202, &(0x7f00000003c0)=0x0) r2 = pidfd_open(0x0, 0x0) lseek(r2, 0x9, 0x1) ftruncate(0xffffffffffffffff, 0x4) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80000001}}, 0x0, 0x7f}, &(0x7f0000000080)=0x90) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000400)={r3, @in6={{0xa, 0x4e20, 0x4, @local, 0xde58}}, [0x80400001, 0x42, 0x2, 0x2, 0xfffffffffffffffd, 0x2, 0x7, 0x1, 0xb5c, 0xe37, 0x400, 0x2, 0xe3, 0x800, 0xffffffff]}, &(0x7f0000000240)=0x100) (async) io_submit(r1, 0x1848, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000, 0x1100}]) 14:57:40 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 28) 14:57:40 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 93.666417][ T3370] __kmalloc+0x6f/0x370 [ 93.670574][ T3370] kzalloc+0x1d/0x30 [ 93.674506][ T3370] kobject_get_path+0x7c/0x110 [ 93.679338][ T3370] kobject_uevent_env+0x1be/0xc40 [ 93.684417][ T3370] ? _raw_spin_unlock+0x2e/0x50 [ 93.689274][ T3370] kobject_uevent+0x18/0x20 [ 93.693784][ T3370] loop_configure+0xd70/0xf30 [ 93.698543][ T3370] lo_ioctl+0x583/0x1270 [ 93.700127][ T3371] loop5: detected capacity change from 0 to 4 [ 93.702785][ T3370] ? __rcu_read_unlock+0x5c/0x290 [ 93.702815][ T3370] ? blkdev_common_ioctl+0x438/0x1180 [ 93.702834][ T3370] ? selinux_file_ioctl+0x522/0x590 [ 93.702917][ T3370] ? do_vfs_ioctl+0x819/0x14a0 [ 93.710387][ T3371] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 93.713957][ T3370] ? lo_release+0x120/0x120 [ 93.714021][ T3370] blkdev_ioctl+0x20e/0x440 [ 93.714042][ T3370] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 93.724520][ T3375] FAULT_INJECTION: forcing a failure. [ 93.724520][ T3375] name failslab, interval 1, probability 0, space 0, times 0 [ 93.762817][ T3370] __se_sys_ioctl+0xcb/0x140 [ 93.767467][ T3370] __x64_sys_ioctl+0x3f/0x50 [ 93.772044][ T3370] do_syscall_64+0x44/0xd0 [ 93.776447][ T3370] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.782324][ T3370] RIP: 0033:0x7fbd63e3bc57 [ 93.786719][ T3370] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 93.806313][ T3370] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 93.814715][ T3370] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 93.822734][ T3370] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 93.830764][ T3370] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 93.838717][ T3370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 93.846696][ T3370] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 93.854653][ T3370] [ 93.857654][ T3375] CPU: 1 PID: 3375 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 93.866322][ T3375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.876371][ T3375] Call Trace: [ 93.879633][ T3375] [ 93.882554][ T3375] dump_stack_lvl+0xd6/0x122 [ 93.887127][ T3375] dump_stack+0x11/0x1b [ 93.891261][ T3375] should_fail+0x23c/0x250 [ 93.895678][ T3375] ? __kernfs_new_node+0x6a/0x340 [ 93.900706][ T3375] __should_failslab+0x81/0x90 [ 93.905469][ T3375] should_failslab+0x5/0x20 [ 93.909987][ T3375] kmem_cache_alloc+0x4f/0x320 [ 93.914732][ T3375] ? __down_write_common+0x42/0x7b0 [ 93.919926][ T3375] __kernfs_new_node+0x6a/0x340 [ 93.924766][ T3375] ? up_write+0x25/0xc0 [ 93.929064][ T3375] kernfs_new_node+0x5b/0xd0 [ 93.933640][ T3375] __kernfs_create_file+0x45/0x1a0 [ 93.938735][ T3375] ? dev_attr_show+0x90/0x90 [ 93.943315][ T3375] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 93.948674][ T3375] internal_create_group+0x2dd/0x840 [ 93.954004][ T3375] sysfs_create_group+0x1b/0x20 [ 93.958904][ T3375] loop_configure+0xc58/0xf30 [ 93.963565][ T3375] lo_ioctl+0x583/0x1270 [ 93.967801][ T3375] ? __rcu_read_unlock+0x5c/0x290 [ 93.972917][ T3375] ? blkdev_common_ioctl+0x438/0x1180 [ 93.978270][ T3375] ? selinux_file_ioctl+0x522/0x590 [ 93.983452][ T3375] ? do_vfs_ioctl+0x819/0x14a0 [ 93.988256][ T3375] ? lo_release+0x120/0x120 [ 93.992799][ T3375] blkdev_ioctl+0x20e/0x440 [ 93.997307][ T3375] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 94.002813][ T3375] __se_sys_ioctl+0xcb/0x140 [ 94.007410][ T3375] __x64_sys_ioctl+0x3f/0x50 [ 94.012002][ T3375] do_syscall_64+0x44/0xd0 [ 94.016423][ T3375] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.022364][ T3375] RIP: 0033:0x7fbc8e8ddc57 [ 94.026812][ T3375] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.046464][ T3375] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.054916][ T3375] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 14:57:41 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 32) 14:57:41 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x74, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:41 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 94.062866][ T3375] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 94.070820][ T3375] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 94.078850][ T3375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 94.086813][ T3375] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 94.094778][ T3375] 14:57:41 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 94.130072][ T3379] FAULT_INJECTION: forcing a failure. [ 94.130072][ T3379] name failslab, interval 1, probability 0, space 0, times 0 [ 94.142747][ T3379] CPU: 1 PID: 3379 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 94.151442][ T3379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.161496][ T3379] Call Trace: [ 94.164759][ T3379] [ 94.167670][ T3379] dump_stack_lvl+0xd6/0x122 [ 94.172313][ T3379] dump_stack+0x11/0x1b [ 94.176455][ T3379] should_fail+0x23c/0x250 [ 94.180857][ T3379] __should_failslab+0x81/0x90 [ 94.185672][ T3379] should_failslab+0x5/0x20 [ 94.190156][ T3379] kmem_cache_alloc_node+0x61/0x2d0 [ 94.195423][ T3379] ? __alloc_skb+0xf0/0x450 [ 94.199931][ T3379] __alloc_skb+0xf0/0x450 [ 94.204362][ T3379] alloc_uevent_skb+0x5b/0x120 [ 94.209147][ T3379] kobject_uevent_env+0x863/0xc40 [ 94.214181][ T3379] kobject_uevent+0x18/0x20 [ 94.218699][ T3379] loop_configure+0xd70/0xf30 [ 94.223390][ T3379] lo_ioctl+0x583/0x1270 [ 94.227612][ T3379] ? __rcu_read_unlock+0x5c/0x290 [ 94.232619][ T3379] ? blkdev_common_ioctl+0x438/0x1180 [ 94.238058][ T3379] ? selinux_file_ioctl+0x522/0x590 [ 94.243316][ T3379] ? do_vfs_ioctl+0x819/0x14a0 [ 94.248076][ T3379] ? lo_release+0x120/0x120 [ 94.252586][ T3379] blkdev_ioctl+0x20e/0x440 [ 94.257272][ T3379] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 94.262737][ T3379] __se_sys_ioctl+0xcb/0x140 [ 94.267328][ T3379] __x64_sys_ioctl+0x3f/0x50 [ 94.271911][ T3379] do_syscall_64+0x44/0xd0 [ 94.276317][ T3379] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.282326][ T3379] RIP: 0033:0x7fbd63e3bc57 [ 94.286721][ T3379] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.306485][ T3379] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.314890][ T3379] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 94.322859][ T3379] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 94.330811][ T3379] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 94.338765][ T3379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 94.346714][ T3379] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 94.354668][ T3379] [ 94.367300][ T3383] loop5: detected capacity change from 0 to 4 14:57:41 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 29) 14:57:41 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7a, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:41 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 33) [ 94.376054][ T3381] loop1: detected capacity change from 0 to 1024 [ 94.383610][ T3385] loop0: detected capacity change from 0 to 16 [ 94.392982][ T3383] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 94.400251][ T3381] EXT4-fs (loop1): unsupported descriptor size 0 [ 94.409102][ T3390] FAULT_INJECTION: forcing a failure. [ 94.409102][ T3390] name failslab, interval 1, probability 0, space 0, times 0 [ 94.421728][ T3390] CPU: 1 PID: 3390 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 94.430406][ T3390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.430731][ T3393] FAULT_INJECTION: forcing a failure. [ 94.430731][ T3393] name failslab, interval 1, probability 0, space 0, times 0 [ 94.440454][ T3390] Call Trace: [ 94.440464][ T3390] [ 94.440470][ T3390] dump_stack_lvl+0xd6/0x122 [ 94.440496][ T3390] dump_stack+0x11/0x1b [ 94.440513][ T3390] should_fail+0x23c/0x250 [ 94.472595][ T3390] ? __kernfs_new_node+0x6a/0x340 [ 94.477692][ T3390] __should_failslab+0x81/0x90 [ 94.482444][ T3390] should_failslab+0x5/0x20 [ 94.486969][ T3390] kmem_cache_alloc+0x4f/0x320 [ 94.491729][ T3390] ? __down_write_common+0x42/0x7b0 [ 94.496977][ T3390] __kernfs_new_node+0x6a/0x340 [ 94.501870][ T3390] ? up_write+0x25/0xc0 [ 94.506070][ T3390] kernfs_new_node+0x5b/0xd0 [ 94.510644][ T3390] __kernfs_create_file+0x45/0x1a0 [ 94.515745][ T3390] ? dev_attr_show+0x90/0x90 [ 94.520433][ T3390] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 94.525796][ T3390] internal_create_group+0x2dd/0x840 [ 94.531120][ T3390] sysfs_create_group+0x1b/0x20 [ 94.535952][ T3390] loop_configure+0xc58/0xf30 [ 94.540658][ T3390] lo_ioctl+0x583/0x1270 [ 94.544884][ T3390] ? __rcu_read_unlock+0x5c/0x290 [ 94.549893][ T3390] ? blkdev_common_ioctl+0x438/0x1180 [ 94.555317][ T3390] ? selinux_file_ioctl+0x522/0x590 [ 94.560508][ T3390] ? do_vfs_ioctl+0x819/0x14a0 [ 94.565261][ T3390] ? lo_release+0x120/0x120 [ 94.569804][ T3390] blkdev_ioctl+0x20e/0x440 [ 94.574319][ T3390] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 94.579832][ T3390] __se_sys_ioctl+0xcb/0x140 [ 94.584410][ T3390] __x64_sys_ioctl+0x3f/0x50 [ 94.589032][ T3390] do_syscall_64+0x44/0xd0 [ 94.593496][ T3390] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.599454][ T3390] RIP: 0033:0x7fbc8e8ddc57 [ 94.603898][ T3390] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.623487][ T3390] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.631888][ T3390] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 94.639934][ T3390] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 94.647903][ T3390] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 94.655992][ T3390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 94.663944][ T3390] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 94.671901][ T3390] [ 94.674911][ T3393] CPU: 0 PID: 3393 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 94.683650][ T3393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.693816][ T3393] Call Trace: [ 94.697089][ T3393] [ 94.700008][ T3393] dump_stack_lvl+0xd6/0x122 [ 94.704586][ T3393] dump_stack+0x11/0x1b [ 94.708733][ T3393] should_fail+0x23c/0x250 [ 94.713130][ T3393] __should_failslab+0x81/0x90 [ 94.717876][ T3393] should_failslab+0x5/0x20 [ 94.722359][ T3393] kmem_cache_alloc_node_trace+0x61/0x310 [ 94.728059][ T3393] ? __kmalloc_node_track_caller+0x30/0x40 [ 94.733845][ T3393] __kmalloc_node_track_caller+0x30/0x40 [ 94.739457][ T3393] ? alloc_uevent_skb+0x5b/0x120 [ 94.744380][ T3393] __alloc_skb+0x19d/0x450 [ 94.748802][ T3393] alloc_uevent_skb+0x5b/0x120 [ 94.753685][ T3393] kobject_uevent_env+0x863/0xc40 [ 94.758706][ T3393] kobject_uevent+0x18/0x20 [ 94.763218][ T3393] loop_configure+0xd70/0xf30 [ 94.767900][ T3393] lo_ioctl+0x583/0x1270 [ 94.772211][ T3393] ? __rcu_read_unlock+0x5c/0x290 [ 94.777300][ T3393] ? blkdev_common_ioctl+0x438/0x1180 [ 94.782708][ T3393] ? selinux_file_ioctl+0x522/0x590 [ 94.787896][ T3393] ? do_vfs_ioctl+0x819/0x14a0 [ 94.792650][ T3393] ? lo_release+0x120/0x120 [ 94.797154][ T3393] blkdev_ioctl+0x20e/0x440 [ 94.801727][ T3393] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 94.807227][ T3393] __se_sys_ioctl+0xcb/0x140 [ 94.811806][ T3393] __x64_sys_ioctl+0x3f/0x50 [ 94.816477][ T3393] do_syscall_64+0x44/0xd0 [ 94.820889][ T3393] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.826899][ T3393] RIP: 0033:0x7fbd63e3bc57 [ 94.831330][ T3393] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.851012][ T3393] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.859415][ T3393] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 94.867411][ T3393] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 94.875383][ T3393] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 94.883381][ T3393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 94.891342][ T3393] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 94.899296][ T3393] [ 94.902528][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.911190][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:42 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:42 executing program 0: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000600)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x202, &(0x7f00000003c0)=0x0) r2 = pidfd_open(0x0, 0x0) lseek(r2, 0x9, 0x1) ftruncate(0xffffffffffffffff, 0x4) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80000001}}, 0x0, 0x7f}, &(0x7f0000000080)=0x90) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000400)={r3, @in6={{0xa, 0x4e20, 0x4, @local, 0xde58}}, [0x80400001, 0x42, 0x2, 0x2, 0xfffffffffffffffd, 0x2, 0x7, 0x1, 0xb5c, 0xe37, 0x400, 0x2, 0xe3, 0x800, 0xffffffff]}, &(0x7f0000000240)=0x100) io_submit(r1, 0x1848, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000, 0x1100}]) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000600)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) (async) chdir(&(0x7f0000000040)='./file0\x00') (async) creat(&(0x7f0000000000)='./bus\x00', 0x0) (async) fcntl$setstatus(r0, 0x4, 0x6000) (async) io_setup(0x202, &(0x7f00000003c0)) (async) pidfd_open(0x0, 0x0) (async) lseek(r2, 0x9, 0x1) (async) ftruncate(0xffffffffffffffff, 0x4) (async) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80000001}}, 0x0, 0x7f}, &(0x7f0000000080)=0x90) (async) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000400)={r3, @in6={{0xa, 0x4e20, 0x4, @local, 0xde58}}, [0x80400001, 0x42, 0x2, 0x2, 0xfffffffffffffffd, 0x2, 0x7, 0x1, 0xb5c, 0xe37, 0x400, 0x2, 0xe3, 0x800, 0xffffffff]}, &(0x7f0000000240)=0x100) (async) io_submit(r1, 0x1848, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000, 0x1100}]) (async) 14:57:42 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 34) 14:57:42 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:42 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 30) [ 94.936336][ T3395] loop5: detected capacity change from 0 to 4 [ 94.943803][ T3395] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 14:57:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 94.986769][ T3399] FAULT_INJECTION: forcing a failure. [ 94.986769][ T3399] name failslab, interval 1, probability 0, space 0, times 0 [ 94.999513][ T3399] CPU: 0 PID: 3399 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 95.008215][ T3399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.018268][ T3399] Call Trace: [ 95.021542][ T3399] [ 95.024462][ T3399] dump_stack_lvl+0xd6/0x122 [ 95.029035][ T3399] dump_stack+0x11/0x1b [ 95.033211][ T3399] should_fail+0x23c/0x250 [ 95.037613][ T3399] ? skb_clone+0x12c/0x1f0 [ 95.042019][ T3399] __should_failslab+0x81/0x90 [ 95.046784][ T3399] should_failslab+0x5/0x20 [ 95.051336][ T3399] kmem_cache_alloc+0x4f/0x320 [ 95.056107][ T3399] skb_clone+0x12c/0x1f0 [ 95.060365][ T3399] netlink_broadcast+0x4e9/0xad0 [ 95.065288][ T3399] kobject_uevent_env+0x8c9/0xc40 [ 95.070368][ T3399] kobject_uevent+0x18/0x20 [ 95.074894][ T3399] loop_configure+0xd70/0xf30 [ 95.079563][ T3399] lo_ioctl+0x583/0x1270 [ 95.083918][ T3399] ? __rcu_read_unlock+0x5c/0x290 [ 95.088958][ T3399] ? blkdev_common_ioctl+0x438/0x1180 [ 95.094394][ T3399] ? selinux_file_ioctl+0x522/0x590 [ 95.099575][ T3399] ? do_vfs_ioctl+0x819/0x14a0 [ 95.104326][ T3399] ? lo_release+0x120/0x120 [ 95.108821][ T3399] blkdev_ioctl+0x20e/0x440 [ 95.113378][ T3399] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 95.118831][ T3399] __se_sys_ioctl+0xcb/0x140 [ 95.123582][ T3399] __x64_sys_ioctl+0x3f/0x50 [ 95.128157][ T3399] do_syscall_64+0x44/0xd0 [ 95.132573][ T3399] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.138616][ T3399] RIP: 0033:0x7fbd63e3bc57 [ 95.143012][ T3399] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 95.162596][ T3399] RSP: 002b:00007fbd62fb1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.170991][ T3399] RAX: ffffffffffffffda RBX: 00007fbd63e859c8 RCX: 00007fbd63e3bc57 [ 95.178946][ T3399] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 95.186932][ T3399] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 95.194887][ T3399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 95.202931][ T3399] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 95.210949][ T3399] [ 95.215022][ T3401] loop1: detected capacity change from 0 to 1024 [ 95.222655][ T3403] FAULT_INJECTION: forcing a failure. [ 95.222655][ T3403] name failslab, interval 1, probability 0, space 0, times 0 14:57:42 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x204, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:42 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 35) [ 95.228855][ T3401] EXT4-fs (loop1): unsupported descriptor size 0 [ 95.235398][ T3403] CPU: 1 PID: 3403 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 95.248735][ T3405] loop5: detected capacity change from 0 to 4 [ 95.250348][ T3403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.250362][ T3403] Call Trace: [ 95.250368][ T3403] [ 95.250375][ T3403] dump_stack_lvl+0xd6/0x122 [ 95.257767][ T3405] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 95.266452][ T3403] dump_stack+0x11/0x1b [ 95.266477][ T3403] should_fail+0x23c/0x250 [ 95.291732][ T3407] loop2: detected capacity change from 0 to 1 [ 95.292325][ T3403] ? kobject_uevent_env+0x1a7/0xc40 [ 95.292354][ T3403] __should_failslab+0x81/0x90 [ 95.304335][ T3410] FAULT_INJECTION: forcing a failure. [ 95.304335][ T3410] name failslab, interval 1, probability 0, space 0, times 0 [ 95.308310][ T3403] should_failslab+0x5/0x20 [ 95.308340][ T3403] kmem_cache_alloc_trace+0x52/0x350 [ 95.330637][ T3403] ? dev_attr_show+0x90/0x90 [ 95.335219][ T3403] ? dev_uevent_filter+0x70/0x70 [ 95.340140][ T3403] kobject_uevent_env+0x1a7/0xc40 [ 95.345153][ T3403] ? _raw_spin_unlock+0x2e/0x50 [ 95.350020][ T3403] kobject_uevent+0x18/0x20 [ 95.354563][ T3403] loop_configure+0xd70/0xf30 [ 95.359229][ T3403] lo_ioctl+0x583/0x1270 [ 95.363496][ T3403] ? __rcu_read_unlock+0x5c/0x290 [ 95.368511][ T3403] ? blkdev_common_ioctl+0x438/0x1180 [ 95.373944][ T3403] ? selinux_file_ioctl+0x522/0x590 [ 95.379125][ T3403] ? do_vfs_ioctl+0x819/0x14a0 [ 95.383994][ T3403] ? lo_release+0x120/0x120 [ 95.388481][ T3403] blkdev_ioctl+0x20e/0x440 [ 95.392969][ T3403] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 95.398413][ T3403] __se_sys_ioctl+0xcb/0x140 [ 95.403009][ T3403] __x64_sys_ioctl+0x3f/0x50 [ 95.407582][ T3403] do_syscall_64+0x44/0xd0 [ 95.411982][ T3403] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.417889][ T3403] RIP: 0033:0x7fbc8e8ddc57 [ 95.422290][ T3403] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 95.441965][ T3403] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.450430][ T3403] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 95.458439][ T3403] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 95.466411][ T3403] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 95.474366][ T3403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 95.482319][ T3403] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 95.490272][ T3403] [ 95.493283][ T3410] CPU: 0 PID: 3410 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 95.494987][ T3411] loop0: detected capacity change from 0 to 16 [ 95.502042][ T3410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.502054][ T3410] Call Trace: [ 95.502060][ T3410] [ 95.502066][ T3410] dump_stack_lvl+0xd6/0x122 [ 95.529106][ T3410] dump_stack+0x11/0x1b [ 95.533246][ T3410] should_fail+0x23c/0x250 [ 95.537647][ T3410] ? getname_flags+0x84/0x3f0 [ 95.542336][ T3410] __should_failslab+0x81/0x90 [ 95.547083][ T3410] should_failslab+0x5/0x20 [ 95.551620][ T3410] kmem_cache_alloc+0x4f/0x320 [ 95.556366][ T3410] getname_flags+0x84/0x3f0 [ 95.560854][ T3410] __x64_sys_mkdir+0x31/0x50 [ 95.565564][ T3410] do_syscall_64+0x44/0xd0 [ 95.570073][ T3410] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.576013][ T3410] RIP: 0033:0x7fbd63e3afa7 [ 95.580413][ T3410] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 95.600075][ T3410] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 95.608497][ T3410] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 95.616464][ T3410] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 95.624418][ T3410] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:42 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:42 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 31) [ 95.632477][ T3410] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 95.640546][ T3410] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 95.648501][ T3410] 14:57:42 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 95.681552][ T3426] loop1: detected capacity change from 0 to 1024 [ 95.683162][ T3424] loop5: detected capacity change from 0 to 4 [ 95.697944][ T3426] EXT4-fs (loop1): unsupported descriptor size 0 [ 95.709436][ T3428] FAULT_INJECTION: forcing a failure. [ 95.709436][ T3428] name failslab, interval 1, probability 0, space 0, times 0 [ 95.718568][ T3424] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 95.722128][ T3428] CPU: 0 PID: 3428 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 95.722152][ T3428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.722162][ T3428] Call Trace: [ 95.722168][ T3428] [ 95.722182][ T3428] dump_stack_lvl+0xd6/0x122 [ 95.722206][ T3428] dump_stack+0x11/0x1b [ 95.745333][ T3432] FAULT_INJECTION: forcing a failure. [ 95.745333][ T3432] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.747500][ T3428] should_fail+0x23c/0x250 [ 95.779868][ T3428] ? kzalloc+0x1d/0x30 [ 95.783933][ T3428] __should_failslab+0x81/0x90 [ 95.788691][ T3428] should_failslab+0x5/0x20 [ 95.793183][ T3428] __kmalloc+0x6f/0x370 [ 95.797385][ T3428] kzalloc+0x1d/0x30 [ 95.801305][ T3428] kobject_get_path+0x7c/0x110 [ 95.806068][ T3428] kobject_uevent_env+0x1be/0xc40 [ 95.811168][ T3428] ? _raw_spin_unlock+0x2e/0x50 [ 95.816013][ T3428] kobject_uevent+0x18/0x20 [ 95.820567][ T3428] loop_configure+0xd70/0xf30 [ 95.825240][ T3428] lo_ioctl+0x583/0x1270 [ 95.829522][ T3428] ? __rcu_read_unlock+0x5c/0x290 [ 95.834614][ T3428] ? blkdev_common_ioctl+0x438/0x1180 [ 95.839984][ T3428] ? selinux_file_ioctl+0x522/0x590 [ 95.845181][ T3428] ? do_vfs_ioctl+0x819/0x14a0 [ 95.849944][ T3428] ? lo_release+0x120/0x120 [ 95.854435][ T3428] blkdev_ioctl+0x20e/0x440 [ 95.858947][ T3428] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 95.864400][ T3428] __se_sys_ioctl+0xcb/0x140 [ 95.869054][ T3428] __x64_sys_ioctl+0x3f/0x50 [ 95.873722][ T3428] do_syscall_64+0x44/0xd0 [ 95.878148][ T3428] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.884093][ T3428] RIP: 0033:0x7fbc8e8ddc57 [ 95.888488][ T3428] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 95.908153][ T3428] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.916548][ T3428] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 95.924543][ T3428] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:42 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 36) 14:57:43 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 95.932496][ T3428] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 95.940456][ T3428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 95.948407][ T3428] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 95.956375][ T3428] [ 95.959375][ T3432] CPU: 1 PID: 3432 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 95.960716][ T3430] loop2: detected capacity change from 0 to 1 [ 95.968077][ T3432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.984183][ T3432] Call Trace: [ 95.987469][ T3432] [ 95.990403][ T3432] dump_stack_lvl+0xd6/0x122 [ 95.995003][ T3432] dump_stack+0x11/0x1b [ 95.999159][ T3432] should_fail+0x23c/0x250 [ 96.003554][ T3432] should_fail_usercopy+0x16/0x20 [ 96.008617][ T3432] strncpy_from_user+0x21/0x250 [ 96.013876][ T3432] getname_flags+0xb8/0x3f0 [ 96.018442][ T3432] __x64_sys_mkdir+0x31/0x50 [ 96.023036][ T3432] do_syscall_64+0x44/0xd0 [ 96.027528][ T3432] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.033402][ T3432] RIP: 0033:0x7fbd63e3afa7 [ 96.037795][ T3432] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 96.058126][ T3432] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 96.066524][ T3432] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 96.074563][ T3432] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 96.082652][ T3432] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 96.090612][ T3432] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 96.098606][ T3432] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 96.106692][ T3432] 14:57:43 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 37) 14:57:43 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3f9, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:43 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 96.169628][ T3434] loop0: detected capacity change from 0 to 1024 [ 96.183128][ T3436] FAULT_INJECTION: forcing a failure. [ 96.183128][ T3436] name failslab, interval 1, probability 0, space 0, times 0 [ 96.195815][ T3436] CPU: 1 PID: 3436 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 96.204488][ T3436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.214681][ T3436] Call Trace: [ 96.217961][ T3436] [ 96.220925][ T3436] dump_stack_lvl+0xd6/0x122 [ 96.225526][ T3436] dump_stack+0x11/0x1b [ 96.229692][ T3436] should_fail+0x23c/0x250 [ 96.234109][ T3436] ? __d_alloc+0x36/0x370 [ 96.238530][ T3436] __should_failslab+0x81/0x90 [ 96.243307][ T3436] should_failslab+0x5/0x20 [ 96.247819][ T3436] kmem_cache_alloc+0x4f/0x320 [ 96.252594][ T3436] __d_alloc+0x36/0x370 [ 96.256799][ T3436] d_alloc+0x2a/0x110 [ 96.260784][ T3436] __lookup_hash+0x8f/0x180 [ 96.265384][ T3436] filename_create+0xfc/0x270 [ 96.270118][ T3436] do_mkdirat+0x53/0x2c0 [ 96.274385][ T3436] __x64_sys_mkdir+0x40/0x50 [ 96.279049][ T3436] do_syscall_64+0x44/0xd0 [ 96.283592][ T3436] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.289647][ T3436] RIP: 0033:0x7fbd63e3afa7 [ 96.294093][ T3436] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 96.313709][ T3436] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 96.322126][ T3436] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 96.327185][ T3439] loop2: detected capacity change from 0 to 1 [ 96.330096][ T3436] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 96.330119][ T3436] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 96.330132][ T3436] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 96.358002][ T3440] loop1: detected capacity change from 0 to 1024 14:57:43 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 32) 14:57:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:43 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3fa, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 96.360041][ T3436] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 96.360062][ T3436] [ 96.388046][ T3442] loop5: detected capacity change from 0 to 4 [ 96.394898][ T3434] EXT4-fs (loop0): unsupported descriptor size 0 [ 96.406342][ T3444] FAULT_INJECTION: forcing a failure. [ 96.406342][ T3444] name failslab, interval 1, probability 0, space 0, times 0 14:57:43 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 38) [ 96.409520][ T3440] EXT4-fs (loop1): unsupported descriptor size 0 [ 96.418997][ T3444] CPU: 0 PID: 3444 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 96.419022][ T3444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.419032][ T3444] Call Trace: [ 96.419039][ T3444] [ 96.419046][ T3444] dump_stack_lvl+0xd6/0x122 [ 96.454803][ T3444] dump_stack+0x11/0x1b [ 96.458962][ T3444] should_fail+0x23c/0x250 [ 96.463359][ T3444] __should_failslab+0x81/0x90 [ 96.468107][ T3444] should_failslab+0x5/0x20 [ 96.472596][ T3444] kmem_cache_alloc_node+0x61/0x2d0 [ 96.477783][ T3444] ? __alloc_skb+0xf0/0x450 [ 96.482376][ T3444] __alloc_skb+0xf0/0x450 [ 96.486719][ T3444] alloc_uevent_skb+0x5b/0x120 [ 96.491502][ T3444] kobject_uevent_env+0x863/0xc40 [ 96.496526][ T3444] kobject_uevent+0x18/0x20 [ 96.501036][ T3444] loop_configure+0xd70/0xf30 [ 96.505704][ T3444] lo_ioctl+0x583/0x1270 [ 96.509946][ T3444] ? __rcu_read_unlock+0x5c/0x290 [ 96.514990][ T3444] ? blkdev_common_ioctl+0x438/0x1180 [ 96.520517][ T3444] ? selinux_file_ioctl+0x522/0x590 [ 96.525718][ T3444] ? do_vfs_ioctl+0x819/0x14a0 [ 96.530536][ T3444] ? lo_release+0x120/0x120 [ 96.535046][ T3444] blkdev_ioctl+0x20e/0x440 [ 96.539557][ T3444] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 96.545020][ T3444] __se_sys_ioctl+0xcb/0x140 [ 96.549662][ T3444] __x64_sys_ioctl+0x3f/0x50 [ 96.554241][ T3444] do_syscall_64+0x44/0xd0 [ 96.558647][ T3444] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.564526][ T3444] RIP: 0033:0x7fbc8e8ddc57 [ 96.568918][ T3444] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 96.588512][ T3444] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 96.597018][ T3444] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 96.604971][ T3444] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 96.612969][ T3444] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 14:57:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 96.620938][ T3444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 96.628893][ T3444] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 96.636850][ T3444] [ 96.648313][ T3442] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 96.656103][ T3446] loop2: detected capacity change from 0 to 1 [ 96.668142][ T3448] FAULT_INJECTION: forcing a failure. [ 96.668142][ T3448] name failslab, interval 1, probability 0, space 0, times 0 [ 96.680847][ T3448] CPU: 1 PID: 3448 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 96.689523][ T3448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.699577][ T3448] Call Trace: [ 96.702856][ T3448] [ 96.705785][ T3448] dump_stack_lvl+0xd6/0x122 [ 96.710385][ T3448] dump_stack+0x11/0x1b [ 96.714544][ T3448] should_fail+0x23c/0x250 14:57:43 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 33) 14:57:43 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:43 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 96.718962][ T3448] ? ext4_alloc_inode+0x27/0x300 [ 96.723960][ T3448] __should_failslab+0x81/0x90 [ 96.728818][ T3448] ? set_qf_name+0x230/0x230 [ 96.733441][ T3448] should_failslab+0x5/0x20 [ 96.737947][ T3448] kmem_cache_alloc+0x4f/0x320 [ 96.742767][ T3448] ? set_qf_name+0x230/0x230 [ 96.747506][ T3448] ext4_alloc_inode+0x27/0x300 [ 96.752299][ T3448] ? set_qf_name+0x230/0x230 [ 96.756894][ T3448] new_inode_pseudo+0x38/0x190 [ 96.761760][ T3448] new_inode+0x21/0x100 [ 96.765996][ T3448] __ext4_new_inode+0x13f/0x2fc0 [ 96.770958][ T3448] ? avc_has_perm+0xd5/0x160 [ 96.774013][ T3452] FAULT_INJECTION: forcing a failure. [ 96.774013][ T3452] name failslab, interval 1, probability 0, space 0, times 0 [ 96.775565][ T3448] ext4_mkdir+0x28a/0x760 [ 96.775593][ T3448] vfs_mkdir+0x2c8/0x3d0 [ 96.796688][ T3448] do_mkdirat+0x12e/0x2c0 [ 96.801097][ T3448] __x64_sys_mkdir+0x40/0x50 [ 96.805676][ T3448] do_syscall_64+0x44/0xd0 [ 96.810088][ T3448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.816023][ T3448] RIP: 0033:0x7fbd63e3afa7 [ 96.820456][ T3448] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 96.840142][ T3448] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 96.848721][ T3448] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 96.856735][ T3448] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 96.864753][ T3448] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 96.873203][ T3448] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 96.881199][ T3448] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 96.889197][ T3448] [ 96.892286][ T3452] CPU: 0 PID: 3452 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 96.901068][ T3452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.911616][ T3452] Call Trace: [ 96.915079][ T3452] [ 96.917998][ T3452] dump_stack_lvl+0xd6/0x122 [ 96.922573][ T3452] dump_stack+0x11/0x1b [ 96.926709][ T3452] should_fail+0x23c/0x250 [ 96.931126][ T3452] __should_failslab+0x81/0x90 [ 96.935874][ T3452] should_failslab+0x5/0x20 [ 96.940372][ T3452] kmem_cache_alloc_node_trace+0x61/0x310 [ 96.946166][ T3452] ? __kmalloc_node_track_caller+0x30/0x40 [ 96.951993][ T3452] __kmalloc_node_track_caller+0x30/0x40 [ 96.957675][ T3452] ? alloc_uevent_skb+0x5b/0x120 [ 96.962602][ T3452] __alloc_skb+0x19d/0x450 [ 96.967027][ T3452] alloc_uevent_skb+0x5b/0x120 [ 96.971774][ T3452] kobject_uevent_env+0x863/0xc40 [ 96.976824][ T3452] kobject_uevent+0x18/0x20 [ 96.981330][ T3452] loop_configure+0xd70/0xf30 [ 96.986000][ T3452] lo_ioctl+0x583/0x1270 [ 96.990297][ T3452] ? __rcu_read_unlock+0x5c/0x290 [ 96.995368][ T3452] ? blkdev_common_ioctl+0x438/0x1180 [ 97.000743][ T3452] ? selinux_file_ioctl+0x522/0x590 [ 97.005939][ T3452] ? do_vfs_ioctl+0x819/0x14a0 [ 97.010896][ T3452] ? lo_release+0x120/0x120 [ 97.015381][ T3452] blkdev_ioctl+0x20e/0x440 [ 97.019997][ T3452] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 97.025511][ T3452] __se_sys_ioctl+0xcb/0x140 [ 97.030156][ T3452] __x64_sys_ioctl+0x3f/0x50 [ 97.034908][ T3452] do_syscall_64+0x44/0xd0 [ 97.039334][ T3452] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.045212][ T3452] RIP: 0033:0x7fbc8e8ddc57 [ 97.049610][ T3452] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 97.069550][ T3452] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 97.077947][ T3452] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 97.085906][ T3452] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 97.093859][ T3452] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 97.101840][ T3452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 97.109793][ T3452] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 97.117795][ T3452] 14:57:44 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3fb, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 97.123967][ T3453] loop1: detected capacity change from 0 to 1024 [ 97.126691][ T3454] loop0: detected capacity change from 0 to 1024 [ 97.132112][ T1906] net_ratelimit: 2 callbacks suppressed [ 97.132123][ T1906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.168206][ T3456] loop5: detected capacity change from 0 to 4 14:57:44 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 39) [ 97.174610][ T3458] loop2: detected capacity change from 0 to 1 [ 97.181905][ T3453] EXT4-fs (loop1): unsupported descriptor size 0 [ 97.192606][ T3460] FAULT_INJECTION: forcing a failure. [ 97.192606][ T3460] name failslab, interval 1, probability 0, space 0, times 0 [ 97.194072][ T3454] EXT4-fs (loop0): unsupported descriptor size 0 [ 97.205267][ T3460] CPU: 1 PID: 3460 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 97.220265][ T3460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.230314][ T3460] Call Trace: [ 97.233591][ T3460] [ 97.236519][ T3460] dump_stack_lvl+0xd6/0x122 [ 97.241114][ T3460] dump_stack+0x11/0x1b [ 97.245291][ T3460] should_fail+0x23c/0x250 [ 97.249775][ T3460] ? security_inode_alloc+0x30/0x180 [ 97.255117][ T3460] __should_failslab+0x81/0x90 [ 97.259884][ T3460] should_failslab+0x5/0x20 [ 97.264374][ T3460] kmem_cache_alloc+0x4f/0x320 [ 97.269192][ T3460] security_inode_alloc+0x30/0x180 [ 97.274299][ T3460] inode_init_always+0x214/0x3e0 [ 97.279222][ T3460] ? set_qf_name+0x230/0x230 [ 97.283799][ T3460] new_inode_pseudo+0x6f/0x190 [ 97.288597][ T3460] new_inode+0x21/0x100 [ 97.292755][ T3460] __ext4_new_inode+0x13f/0x2fc0 [ 97.297680][ T3460] ? avc_has_perm+0xd5/0x160 [ 97.302257][ T3460] ext4_mkdir+0x28a/0x760 [ 97.306576][ T3460] vfs_mkdir+0x2c8/0x3d0 [ 97.310853][ T3460] do_mkdirat+0x12e/0x2c0 [ 97.315170][ T3460] __x64_sys_mkdir+0x40/0x50 [ 97.319742][ T3460] do_syscall_64+0x44/0xd0 [ 97.324142][ T3460] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.330085][ T3460] RIP: 0033:0x7fbd63e3afa7 [ 97.334554][ T3460] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 97.354143][ T3460] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 97.362589][ T3460] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 14:57:44 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 34) [ 97.370603][ T3460] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 97.378560][ T3460] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 97.386527][ T3460] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 97.394480][ T3460] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 97.402501][ T3460] [ 97.417973][ T3462] FAULT_INJECTION: forcing a failure. [ 97.417973][ T3462] name failslab, interval 1, probability 0, space 0, times 0 [ 97.421431][ T1912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.430653][ T3462] CPU: 1 PID: 3462 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 97.447347][ T3462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.457390][ T3462] Call Trace: [ 97.460650][ T3462] [ 97.463563][ T3462] dump_stack_lvl+0xd6/0x122 [ 97.468187][ T3462] dump_stack+0x11/0x1b [ 97.472326][ T3462] should_fail+0x23c/0x250 [ 97.476769][ T3462] ? skb_clone+0x12c/0x1f0 [ 97.481253][ T3462] __should_failslab+0x81/0x90 [ 97.486192][ T3462] should_failslab+0x5/0x20 [ 97.490686][ T3462] kmem_cache_alloc+0x4f/0x320 [ 97.495439][ T3462] skb_clone+0x12c/0x1f0 [ 97.499668][ T3462] netlink_broadcast+0x4e9/0xad0 [ 97.504622][ T3462] kobject_uevent_env+0x8c9/0xc40 [ 97.509636][ T3462] kobject_uevent+0x18/0x20 [ 97.514169][ T3462] loop_configure+0xd70/0xf30 [ 97.518829][ T3462] lo_ioctl+0x583/0x1270 [ 97.523130][ T3462] ? __rcu_read_unlock+0x5c/0x290 [ 97.528217][ T3462] ? blkdev_common_ioctl+0x438/0x1180 [ 97.533577][ T3462] ? selinux_file_ioctl+0x522/0x590 [ 97.538759][ T3462] ? do_vfs_ioctl+0x819/0x14a0 [ 97.543526][ T3462] ? lo_release+0x120/0x120 [ 97.548017][ T3462] blkdev_ioctl+0x20e/0x440 [ 97.552560][ T3462] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 97.558090][ T3462] __se_sys_ioctl+0xcb/0x140 [ 97.562707][ T3462] __x64_sys_ioctl+0x3f/0x50 [ 97.567282][ T3462] do_syscall_64+0x44/0xd0 [ 97.571684][ T3462] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.577567][ T3462] RIP: 0033:0x7fbc8e8ddc57 [ 97.581964][ T3462] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 97.601591][ T3462] RSP: 002b:00007fbc8da53f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 97.609985][ T3462] RAX: ffffffffffffffda RBX: 00007fbc8e9279c8 RCX: 00007fbc8e8ddc57 [ 97.617981][ T3462] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:57:44 executing program 0: pread64(0xffffffffffffffff, &(0x7f0000000240)=""/181, 0xb5, 0x101) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) set_mempolicy(0x2, &(0x7f0000000080)=0x7e37, 0x9) signalfd4(r0, &(0x7f0000000140)={[0x1]}, 0x8, 0x800) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000300)}}, 0x10) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @dev}, r1}}, 0x48) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) sendfile(r0, r2, 0x0, 0x28) r3 = socket$nl_generic(0x10, 0x3, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000480)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000180)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) r4 = socket$inet6(0xa, 0x4, 0xffff) setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f00000004c0)=0x2, 0x4) dup2(r3, r4) 14:57:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 97.625963][ T3462] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 97.633917][ T3462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 97.641873][ T3462] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 97.649840][ T3462] [ 97.655075][ T3456] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 14:57:44 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 40) 14:57:44 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b1385431", 0x10, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:44 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x402, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:44 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 35) [ 97.722907][ T24] audit: type=1400 audit(1639666664.953:161): avc: denied { write } for pid=3464 comm="syz-executor.0" name="rdma_cm" dev="devtmpfs" ino=226 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 97.737702][ T3471] loop2: detected capacity change from 0 to 2 [ 97.753731][ T3472] FAULT_INJECTION: forcing a failure. [ 97.753731][ T3472] name failslab, interval 1, probability 0, space 0, times 0 [ 97.760202][ T3474] loop5: detected capacity change from 0 to 4 [ 97.766360][ T3472] CPU: 0 PID: 3472 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 97.766385][ T3472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.766395][ T3472] Call Trace: [ 97.766401][ T3472] [ 97.766407][ T3472] dump_stack_lvl+0xd6/0x122 [ 97.766431][ T3472] dump_stack+0x11/0x1b [ 97.776113][ T3469] loop1: detected capacity change from 0 to 1024 [ 97.781171][ T3472] should_fail+0x23c/0x250 [ 97.781196][ T3472] ? jbd2__journal_start+0xf7/0x3f0 [ 97.793055][ T3470] FAULT_INJECTION: forcing a failure. [ 97.793055][ T3470] name failslab, interval 1, probability 0, space 0, times 0 [ 97.794496][ T3472] __should_failslab+0x81/0x90 [ 97.839476][ T3472] should_failslab+0x5/0x20 [ 97.843977][ T3472] kmem_cache_alloc+0x4f/0x320 [ 97.848763][ T3472] ? find_group_orlov+0x52d/0x840 [ 97.853813][ T3472] jbd2__journal_start+0xf7/0x3f0 [ 97.858887][ T3472] __ext4_journal_start_sb+0x159/0x310 [ 97.864334][ T3472] __ext4_new_inode+0xd95/0x2fc0 [ 97.869331][ T3472] ext4_mkdir+0x28a/0x760 [ 97.873694][ T3472] vfs_mkdir+0x2c8/0x3d0 [ 97.878017][ T3472] do_mkdirat+0x12e/0x2c0 [ 97.882330][ T3472] __x64_sys_mkdir+0x40/0x50 [ 97.886986][ T3472] do_syscall_64+0x44/0xd0 [ 97.891390][ T3472] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.897281][ T3472] RIP: 0033:0x7fbd63e3afa7 [ 97.901680][ T3472] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 97.921316][ T3472] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 97.929753][ T3472] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 97.937708][ T3472] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 97.945659][ T3472] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 97.953613][ T3472] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 97.961564][ T3472] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 97.969629][ T3472] [ 97.972670][ T3470] CPU: 1 PID: 3470 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 97.972713][ T3472] EXT4-fs error (device sda1) in __ext4_new_inode:1085: Out of memory [ 97.981340][ T3470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.997482][ T3474] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 97.999494][ T3470] Call Trace: [ 97.999502][ T3470] [ 97.999509][ T3470] dump_stack_lvl+0xd6/0x122 [ 97.999534][ T3470] dump_stack+0x11/0x1b [ 98.006432][ T3469] EXT4-fs (loop1): unsupported descriptor size 0 [ 98.009286][ T3470] should_fail+0x23c/0x250 [ 98.009312][ T3470] ? getname_flags+0x84/0x3f0 [ 98.009330][ T3470] __should_failslab+0x81/0x90 [ 98.041136][ T3470] should_failslab+0x5/0x20 [ 98.045643][ T3470] kmem_cache_alloc+0x4f/0x320 [ 98.050404][ T3470] getname_flags+0x84/0x3f0 [ 98.054951][ T3470] __x64_sys_mkdir+0x31/0x50 [ 98.059678][ T3470] do_syscall_64+0x44/0xd0 [ 98.064094][ T3470] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 98.069983][ T3470] RIP: 0033:0x7fbc8e8dcfa7 [ 98.074478][ T3470] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 98.094146][ T3470] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 98.102549][ T3470] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 98.110501][ T3470] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 98.118464][ T3470] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 98.126468][ T3470] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 98.134442][ T3470] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 98.142400][ T3470] [ 98.146218][ T2047] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:45 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 36) [ 98.171543][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 98.193523][ T3478] FAULT_INJECTION: forcing a failure. [ 98.193523][ T3478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.206654][ T3478] CPU: 1 PID: 3478 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 98.215369][ T3478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:57:45 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x406, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:45 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 41) [ 98.225550][ T3478] Call Trace: [ 98.228838][ T3478] [ 98.231824][ T3478] dump_stack_lvl+0xd6/0x122 [ 98.233859][ T3482] loop2: detected capacity change from 0 to 2 [ 98.236421][ T3478] dump_stack+0x11/0x1b [ 98.244450][ T3481] FAULT_INJECTION: forcing a failure. [ 98.244450][ T3481] name failslab, interval 1, probability 0, space 0, times 0 [ 98.246626][ T3478] should_fail+0x23c/0x250 [ 98.246650][ T3478] should_fail_usercopy+0x16/0x20 [ 98.268726][ T3478] strncpy_from_user+0x21/0x250 [ 98.273573][ T3478] getname_flags+0xb8/0x3f0 [ 98.278164][ T3478] __x64_sys_mkdir+0x31/0x50 [ 98.282738][ T3478] do_syscall_64+0x44/0xd0 [ 98.287181][ T3478] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 98.293064][ T3478] RIP: 0033:0x7fbc8e8dcfa7 [ 98.297563][ T3478] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 98.317501][ T3478] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 98.325896][ T3478] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 98.333851][ T3478] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 98.341998][ T3478] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 98.349954][ T3478] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 98.357906][ T3478] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 98.366122][ T3478] 14:57:45 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b1385431", 0x10, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 98.369157][ T3481] CPU: 0 PID: 3481 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 98.377925][ T3481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.388032][ T3481] Call Trace: [ 98.391321][ T3481] [ 98.394248][ T3481] dump_stack_lvl+0xd6/0x122 [ 98.398886][ T3481] dump_stack+0x11/0x1b [ 98.403045][ T3481] should_fail+0x23c/0x250 [ 98.407468][ T3481] ? sidtab_sid2str_get+0xb0/0x140 [ 98.411804][ T3485] loop5: detected capacity change from 0 to 4 [ 98.412586][ T3481] __should_failslab+0x81/0x90 [ 98.412613][ T3481] should_failslab+0x5/0x20 [ 98.419752][ T3485] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 98.423407][ T3481] __kmalloc_track_caller+0x6d/0x370 [ 98.423435][ T3481] kmemdup+0x21/0x50 [ 98.431346][ T3486] loop1: detected capacity change from 0 to 1024 [ 98.434439][ T3481] sidtab_sid2str_get+0xb0/0x140 [ 98.440781][ T3486] EXT4-fs (loop1): unsupported descriptor size 0 [ 98.443641][ T3481] security_sid_to_context_core+0x1d0/0x2d0 [ 98.443672][ T3481] security_sid_to_context_force+0x2f/0x40 [ 98.443695][ T3481] selinux_inode_init_security+0x4e4/0x590 [ 98.443717][ T3481] security_inode_init_security+0xe4/0x260 [ 98.484430][ T3481] ? ext4_init_security+0x40/0x40 [ 98.489515][ T3481] ext4_init_security+0x30/0x40 [ 98.494367][ T3481] __ext4_new_inode+0x29a3/0x2fc0 [ 98.499386][ T3481] ext4_mkdir+0x28a/0x760 [ 98.503773][ T3481] vfs_mkdir+0x2c8/0x3d0 [ 98.508078][ T3481] do_mkdirat+0x12e/0x2c0 [ 98.512417][ T3481] __x64_sys_mkdir+0x40/0x50 [ 98.517002][ T3481] do_syscall_64+0x44/0xd0 14:57:45 executing program 0: pread64(0xffffffffffffffff, &(0x7f0000000240)=""/181, 0xb5, 0x101) (async) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) set_mempolicy(0x2, &(0x7f0000000080)=0x7e37, 0x9) signalfd4(r0, &(0x7f0000000140)={[0x1]}, 0x8, 0x800) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000300)}}, 0x10) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @dev}, r1}}, 0x48) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) (async) sendfile(r0, r2, 0x0, 0x28) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000480)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000180)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async, rerun: 32) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) (async, rerun: 32) r4 = socket$inet6(0xa, 0x4, 0xffff) setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f00000004c0)=0x2, 0x4) (async) dup2(r3, r4) [ 98.521448][ T3481] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 98.527523][ T3481] RIP: 0033:0x7fbd63e3afa7 [ 98.531938][ T3481] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 98.551639][ T3481] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 98.560084][ T3481] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 98.568085][ T3481] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 14:57:45 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x500, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:45 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 37) [ 98.576038][ T3481] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 98.583992][ T3481] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 98.592080][ T3481] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 98.600046][ T3481] [ 98.617464][ T3491] loop2: detected capacity change from 0 to 2 14:57:45 executing program 0: pread64(0xffffffffffffffff, &(0x7f0000000240)=""/181, 0xb5, 0x101) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) set_mempolicy(0x2, &(0x7f0000000080)=0x7e37, 0x9) (async) signalfd4(r0, &(0x7f0000000140)={[0x1]}, 0x8, 0x800) (async) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000300)}}, 0x10) (async) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @dev}, r1}}, 0x48) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) sendfile(r0, r2, 0x0, 0x28) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000480)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000180)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) (async) r4 = socket$inet6(0xa, 0x4, 0xffff) setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f00000004c0)=0x2, 0x4) (async) dup2(r3, r4) [ 98.628611][ T3498] FAULT_INJECTION: forcing a failure. [ 98.628611][ T3498] name failslab, interval 1, probability 0, space 0, times 0 [ 98.641291][ T3498] CPU: 0 PID: 3498 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 98.649970][ T3498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.660018][ T3498] Call Trace: [ 98.663284][ T3498] [ 98.666197][ T3498] dump_stack_lvl+0xd6/0x122 [ 98.671296][ T3498] dump_stack+0x11/0x1b [ 98.675435][ T3498] should_fail+0x23c/0x250 [ 98.679912][ T3498] ? __d_alloc+0x36/0x370 [ 98.684230][ T3498] __should_failslab+0x81/0x90 [ 98.689026][ T3498] should_failslab+0x5/0x20 [ 98.693558][ T3498] kmem_cache_alloc+0x4f/0x320 [ 98.698348][ T3498] __d_alloc+0x36/0x370 [ 98.702572][ T3498] d_alloc+0x2a/0x110 [ 98.706558][ T3498] __lookup_hash+0x8f/0x180 [ 98.711080][ T3498] filename_create+0xfc/0x270 [ 98.715765][ T3498] do_mkdirat+0x53/0x2c0 [ 98.719992][ T3498] __x64_sys_mkdir+0x40/0x50 [ 98.724566][ T3498] do_syscall_64+0x44/0xd0 [ 98.728971][ T3498] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 98.734850][ T3498] RIP: 0033:0x7fbc8e8dcfa7 [ 98.739299][ T3498] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 98.758904][ T3498] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 98.767365][ T3498] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 14:57:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f465", 0x33, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:46 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 42) 14:57:46 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b1385431", 0x10, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 98.775331][ T3498] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 98.783357][ T3498] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 98.791399][ T3498] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 98.799362][ T3498] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 98.807339][ T3498] [ 98.845936][ T3507] loop5: detected capacity change from 0 to 4 [ 98.848640][ T3509] FAULT_INJECTION: forcing a failure. [ 98.848640][ T3509] name failslab, interval 1, probability 0, space 0, times 0 [ 98.854124][ T3510] loop1: detected capacity change from 0 to 1024 [ 98.864696][ T3509] CPU: 1 PID: 3509 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 98.879655][ T3509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.889787][ T3509] Call Trace: [ 98.893137][ T3509] [ 98.896051][ T3509] dump_stack_lvl+0xd6/0x122 [ 98.900632][ T3509] dump_stack+0x11/0x1b [ 98.904827][ T3509] should_fail+0x23c/0x250 [ 98.909226][ T3509] ? kcalloc+0x32/0x50 [ 98.913334][ T3509] __should_failslab+0x81/0x90 [ 98.918085][ T3509] should_failslab+0x5/0x20 [ 98.922649][ T3509] __kmalloc+0x6f/0x370 [ 98.926807][ T3509] ? chksum_update+0x39/0x50 [ 98.931380][ T3509] kcalloc+0x32/0x50 [ 98.935266][ T3509] ext4_find_extent+0x19f/0x7e0 [ 98.940148][ T3509] ? __getblk_gfp+0x3f/0x530 [ 98.944798][ T3509] ext4_ext_map_blocks+0x115/0x2120 [ 98.949990][ T3509] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 98.956155][ T3509] ? ext4_es_lookup_extent+0x221/0x500 [ 98.961597][ T3509] ext4_map_blocks+0x1cf/0xf00 [ 98.966385][ T3509] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 98.972058][ T3509] ext4_getblk+0xc6/0x3e0 [ 98.976376][ T3509] ext4_bread+0x28/0x100 [ 98.980682][ T3509] ext4_append+0xd1/0x1c0 [ 98.985021][ T3509] ext4_init_new_dir+0x177/0x500 [ 98.989943][ T3509] ext4_mkdir+0x329/0x760 [ 98.994256][ T3509] vfs_mkdir+0x2c8/0x3d0 [ 98.998529][ T3509] do_mkdirat+0x12e/0x2c0 [ 99.002863][ T3509] __x64_sys_mkdir+0x40/0x50 [ 99.007506][ T3509] do_syscall_64+0x44/0xd0 [ 99.011906][ T3509] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 99.017827][ T3509] RIP: 0033:0x7fbd63e3afa7 [ 99.022293][ T3509] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:46 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x59c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:46 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 38) [ 99.041943][ T3509] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 99.050341][ T3509] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 99.058295][ T3509] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 99.066252][ T3509] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 99.074286][ T3509] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 99.082240][ T3509] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 99.090219][ T3509] [ 99.108823][ T3507] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 99.118640][ T3510] EXT4-fs (loop1): unsupported descriptor size 0 [ 99.119002][ T3512] loop2: detected capacity change from 0 to 2 [ 99.134687][ T3514] FAULT_INJECTION: forcing a failure. [ 99.134687][ T3514] name failslab, interval 1, probability 0, space 0, times 0 [ 99.147381][ T3514] CPU: 1 PID: 3514 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 99.156058][ T3514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.157644][ T3516] FAULT_INJECTION: forcing a failure. [ 99.157644][ T3516] name failslab, interval 1, probability 0, space 0, times 0 [ 99.166111][ T3514] Call Trace: [ 99.166120][ T3514] [ 99.166127][ T3514] dump_stack_lvl+0xd6/0x122 [ 99.166181][ T3514] dump_stack+0x11/0x1b [ 99.193683][ T3514] should_fail+0x23c/0x250 [ 99.198090][ T3514] ? ext4_alloc_inode+0x27/0x300 [ 99.203016][ T3514] __should_failslab+0x81/0x90 [ 99.207820][ T3514] ? set_qf_name+0x230/0x230 [ 99.212396][ T3514] should_failslab+0x5/0x20 [ 99.216968][ T3514] kmem_cache_alloc+0x4f/0x320 [ 99.221748][ T3514] ? set_qf_name+0x230/0x230 [ 99.226397][ T3514] ext4_alloc_inode+0x27/0x300 [ 99.231189][ T3514] ? set_qf_name+0x230/0x230 [ 99.235769][ T3514] new_inode_pseudo+0x38/0x190 [ 99.240552][ T3514] new_inode+0x21/0x100 [ 99.244689][ T3514] __ext4_new_inode+0x13f/0x2fc0 [ 99.249640][ T3514] ? avc_has_perm+0xd5/0x160 [ 99.254215][ T3514] ext4_mkdir+0x28a/0x760 [ 99.258542][ T3514] vfs_mkdir+0x2c8/0x3d0 [ 99.262832][ T3514] do_mkdirat+0x12e/0x2c0 [ 99.267144][ T3514] __x64_sys_mkdir+0x40/0x50 [ 99.271720][ T3514] do_syscall_64+0x44/0xd0 [ 99.276120][ T3514] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 99.282030][ T3514] RIP: 0033:0x7fbc8e8dcfa7 [ 99.286425][ T3514] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:46 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 43) [ 99.306075][ T3514] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 99.314469][ T3514] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 99.322422][ T3514] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 99.330439][ T3514] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 99.338391][ T3514] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 99.346458][ T3514] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 99.354413][ T3514] 14:57:46 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 99.357411][ T3516] CPU: 0 PID: 3516 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 99.366131][ T3516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.376620][ T3516] Call Trace: [ 99.379932][ T3516] [ 99.382857][ T3516] dump_stack_lvl+0xd6/0x122 [ 99.387515][ T3516] dump_stack+0x11/0x1b [ 99.390318][ T3518] loop1: detected capacity change from 0 to 1024 [ 99.391693][ T3516] should_fail+0x23c/0x250 [ 99.391717][ T3516] ? __es_insert_extent+0x546/0xe80 [ 99.391736][ T3516] __should_failslab+0x81/0x90 [ 99.400400][ T3518] EXT4-fs (loop1): unsupported descriptor size 0 [ 99.402482][ T3516] should_failslab+0x5/0x20 [ 99.402506][ T3516] kmem_cache_alloc+0x4f/0x320 [ 99.427929][ T3516] __es_insert_extent+0x546/0xe80 [ 99.432952][ T3516] ext4_es_insert_extent+0x1cb/0x19c0 [ 99.438402][ T3516] ext4_ext_map_blocks+0xff7/0x2120 [ 99.443663][ T3516] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 99.449641][ T3516] ext4_map_blocks+0x1cf/0xf00 [ 99.454390][ T3516] ? __ext4_mark_inode_dirty+0x502/0x5f0 14:57:46 executing program 0: r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x184}, 0xc) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @private1}}, {{0xa, 0x5, 0x0, @empty}}}, 0x108) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) dup2(r1, r0) r2 = socket$can_raw(0x1d, 0x3, 0x1) r3 = fspick(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1) sendfile(r2, r3, &(0x7f00000001c0)=0x9, 0x1) [ 99.460009][ T3516] ext4_getblk+0xc6/0x3e0 [ 99.464359][ T3516] ext4_bread+0x28/0x100 [ 99.468581][ T3516] ext4_append+0xd1/0x1c0 [ 99.472889][ T3516] ext4_init_new_dir+0x177/0x500 [ 99.477807][ T3516] ext4_mkdir+0x329/0x760 [ 99.482224][ T3516] vfs_mkdir+0x2c8/0x3d0 [ 99.486613][ T3516] do_mkdirat+0x12e/0x2c0 [ 99.490948][ T3516] __x64_sys_mkdir+0x40/0x50 [ 99.495545][ T3516] do_syscall_64+0x44/0xd0 [ 99.499974][ T3516] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 99.505988][ T3516] RIP: 0033:0x7fbd63e3afa7 [ 99.506469][ T24] audit: type=1400 audit(1639666666.733:162): avc: denied { create } for pid=3519 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 99.510396][ T3516] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 99.510429][ T3516] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 14:57:46 executing program 0: r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) (async) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x184}, 0xc) (async) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @private1}}, {{0xa, 0x5, 0x0, @empty}}}, 0x108) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) dup2(r1, r0) (async) r2 = socket$can_raw(0x1d, 0x3, 0x1) r3 = fspick(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1) sendfile(r2, r3, &(0x7f00000001c0)=0x9, 0x1) 14:57:46 executing program 0: r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x184}, 0xc) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @private1}}, {{0xa, 0x5, 0x0, @empty}}}, 0x108) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) dup2(r1, r0) r2 = socket$can_raw(0x1d, 0x3, 0x1) r3 = fspick(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1) sendfile(r2, r3, &(0x7f00000001c0)=0x9, 0x1) [ 99.510448][ T3516] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 99.510461][ T3516] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 99.510472][ T3516] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 99.532432][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.549665][ T3516] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 99.549679][ T3516] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 99.549696][ T3516] 14:57:46 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5c2, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:46 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 39) 14:57:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f465", 0x33, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 99.626028][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.634477][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.683256][ T3530] loop2: detected capacity change from 0 to 2 [ 99.691827][ T3533] FAULT_INJECTION: forcing a failure. [ 99.691827][ T3533] name failslab, interval 1, probability 0, space 0, times 0 [ 99.704517][ T3533] CPU: 1 PID: 3533 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 99.713198][ T3533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.723261][ T3533] Call Trace: [ 99.726551][ T3533] [ 99.729494][ T3533] dump_stack_lvl+0xd6/0x122 [ 99.734101][ T3533] dump_stack+0x11/0x1b [ 99.738304][ T3533] should_fail+0x23c/0x250 [ 99.742729][ T3533] ? security_inode_alloc+0x30/0x180 [ 99.748023][ T3533] __should_failslab+0x81/0x90 [ 99.750566][ T3536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.752821][ T3533] should_failslab+0x5/0x20 [ 99.752847][ T3533] kmem_cache_alloc+0x4f/0x320 [ 99.770217][ T3533] security_inode_alloc+0x30/0x180 [ 99.775344][ T3533] inode_init_always+0x214/0x3e0 [ 99.780363][ T3533] ? set_qf_name+0x230/0x230 [ 99.785139][ T3533] new_inode_pseudo+0x6f/0x190 [ 99.789919][ T3533] new_inode+0x21/0x100 [ 99.791669][ T3536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.794080][ T3533] __ext4_new_inode+0x13f/0x2fc0 [ 99.794133][ T3533] ? avc_has_perm+0xd5/0x160 [ 99.811646][ T3533] ext4_mkdir+0x28a/0x760 [ 99.815985][ T3533] vfs_mkdir+0x2c8/0x3d0 [ 99.820312][ T3533] do_mkdirat+0x12e/0x2c0 [ 99.823465][ T3536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.824738][ T3533] __x64_sys_mkdir+0x40/0x50 [ 99.837398][ T3533] do_syscall_64+0x44/0xd0 [ 99.841822][ T3533] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 99.847755][ T3533] RIP: 0033:0x7fbc8e8dcfa7 [ 99.852271][ T3533] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 99.871942][ T3533] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 14:57:46 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000400000084) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x36200, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) shutdown(r0, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1, 0xffffffff}, 0x6b) sendto$inet6(r0, &(0x7f0000000040)="b6", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0x8, 0xee9, 0x22, @local, @mcast2, 0x7800, 0x7, 0x4, 0x5}}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@ipv4={""/10, ""/2, @empty}}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000480)=0xe8) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000006c0)={'ip6_vti0\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x4, 0xf0, 0x6, 0x0, 0x12, @private1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7818, 0x40, 0x5, 0x4}}) getpeername$packet(r1, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000740)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'ip_vti0\x00', 0x0}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000f40)={0x11, 0x0, 0x0}, &(0x7f0000000f80)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000001040)={'ip6tnl0\x00', &(0x7f0000000fc0)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x6, 0x58, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2, 0x20, 0x700, 0xfffffffd, 0x8}}) sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000001600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001640)=ANY=[@ANYBLOB="44050000", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fedbdf250000000008000100", @ANYRES32=r2, @ANYBLOB="fc0102804c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c0004000100205110370000000205237c0d000000800303060000003c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400c4ae000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000001000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004002304000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004008100000008000600", @ANYRES32=r3, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004007c87000008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000000000008000100", @ANYRES32=r5, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000100000008000100", @ANYRES32=r6, @ANYBLOB="6802028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000800000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400008000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff400001002400010071756575655f6964000000000000700c000000000000000000008100000000000500030003000000080004004800000008000600769467d87e3e6060f3855b02ed40efdca4766f3102519c0bad8875e5b15cab70ee698cc69934e20d338bedb17a257d45a610d2114b46a8d06b6befd4b35cf919b7cb5f0cb5916770b3f5a2e5cfab329e8f527a89f59dc3b564b4a2134b8f2141ea4ba140a12716b1f379b1a7251490643e386a35c9ebb78db81a2c8450948306612b6a28139d671ca15e15e1d8e6f63f497f4d8987f10eb2bced844a2ac09bbd6075fe0cb3a0b62f746927629ab8e27a39d016d22e8de2471b711329a32dd176a5275a170fe6ad1947fc8451fcff392dd466a18805099d1e6e8d", @ANYRES32=r7, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff08000100", @ANYRES32=r7, @ANYBLOB="700002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c00040031fa4008080000000700094f810000000d000601050000007f007fd2050000000000017f010000000b001f80d600000000007a40ff030000"], 0x544}, 0x1, 0x0, 0x0, 0x8091}, 0x8000) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000140)={0x200, {{0xa, 0x4e24, 0xffff, @mcast1, 0x9}}, 0x0, 0x1, [{{0xa, 0x4e22, 0x1, @mcast2, 0x80000000}}]}, 0x110) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2a1e0400000000006c00128009000100766c616e000000005c00028006000100000000000c0002001c0000001b00000004000380400004800c000100fbffffff050000000c00010041020000050000000c000100f7ffffffffff00000c00010000000000b2d600000c000100020000000600000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="8cdb925d038254a25abb63ff4ff4969c2870b703bc4558301b6612fd088c41536445d95e6cbb5e5d093d0a7140dbc99e2166a68d19ca77e0904ac12a86191a3287228b98f3ac58d74016d3bd11e035"], 0x9c}}, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @mcast1, 0x6, 0x8000, 0x5, 0x500, 0x7fff, 0x30200a8, r8}) close(r0) 14:57:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000400000084) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x36200, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async) shutdown(r0, 0x0) (async) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1, 0xffffffff}, 0x6b) (async) sendto$inet6(r0, &(0x7f0000000040)="b6", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async, rerun: 32) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0x8, 0xee9, 0x22, @local, @mcast2, 0x7800, 0x7, 0x4, 0x5}}) (async, rerun: 32) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@ipv4={""/10, ""/2, @empty}}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000480)=0xe8) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000006c0)={'ip6_vti0\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x4, 0xf0, 0x6, 0x0, 0x12, @private1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7818, 0x40, 0x5, 0x4}}) getpeername$packet(r1, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000740)=0x14) (async, rerun: 64) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'ip_vti0\x00', 0x0}) (async, rerun: 64) getpeername$packet(0xffffffffffffffff, &(0x7f0000000f40)={0x11, 0x0, 0x0}, &(0x7f0000000f80)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000001040)={'ip6tnl0\x00', &(0x7f0000000fc0)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x6, 0x58, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2, 0x20, 0x700, 0xfffffffd, 0x8}}) sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000001600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001640)=ANY=[@ANYBLOB="44050000", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fedbdf250000000008000100", @ANYRES32=r2, @ANYBLOB="fc0102804c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c0004000100205110370000000205237c0d000000800303060000003c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400c4ae000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000001000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004002304000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004008100000008000600", @ANYRES32=r3, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004007c87000008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000000000008000100", @ANYRES32=r5, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000100000008000100", @ANYRES32=r6, @ANYBLOB="6802028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000800000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400008000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff400001002400010071756575655f6964000000000000700c000000000000000000008100000000000500030003000000080004004800000008000600769467d87e3e6060f3855b02ed40efdca4766f3102519c0bad8875e5b15cab70ee698cc69934e20d338bedb17a257d45a610d2114b46a8d06b6befd4b35cf919b7cb5f0cb5916770b3f5a2e5cfab329e8f527a89f59dc3b564b4a2134b8f2141ea4ba140a12716b1f379b1a7251490643e386a35c9ebb78db81a2c8450948306612b6a28139d671ca15e15e1d8e6f63f497f4d8987f10eb2bced844a2ac09bbd6075fe0cb3a0b62f746927629ab8e27a39d016d22e8de2471b711329a32dd176a5275a170fe6ad1947fc8451fcff392dd466a18805099d1e6e8d", @ANYRES32=r7, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff08000100", @ANYRES32=r7, @ANYBLOB="700002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c00040031fa4008080000000700094f810000000d000601050000007f007fd2050000000000017f010000000b001f80d600000000007a40ff030000"], 0x544}, 0x1, 0x0, 0x0, 0x8091}, 0x8000) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000140)={0x200, {{0xa, 0x4e24, 0xffff, @mcast1, 0x9}}, 0x0, 0x1, [{{0xa, 0x4e22, 0x1, @mcast2, 0x80000000}}]}, 0x110) (async, rerun: 64) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14) (rerun: 64) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2a1e0400000000006c00128009000100766c616e000000005c00028006000100000000000c0002001c0000001b00000004000380400004800c000100fbffffff050000000c00010041020000050000000c000100f7ffffffffff00000c00010000000000b2d600000c000100020000000600000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="8cdb925d038254a25abb63ff4ff4969c2870b703bc4558301b6612fd088c41536445d95e6cbb5e5d093d0a7140dbc99e2166a68d19ca77e0904ac12a86191a3287228b98f3ac58d74016d3bd11e035"], 0x9c}}, 0x0) (async) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @mcast1, 0x6, 0x8000, 0x5, 0x500, 0x7fff, 0x30200a8, r8}) close(r0) 14:57:47 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 99.880362][ T3533] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 99.888385][ T3533] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 99.896363][ T3533] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 99.904338][ T3533] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 99.912359][ T3533] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 99.920339][ T3533] [ 99.929089][ T24] audit: type=1400 audit(1639666666.933:163): avc: denied { create } for pid=3535 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 99.930301][ T3546] loop1: detected capacity change from 0 to 1024 [ 99.949500][ T24] audit: type=1400 audit(1639666666.933:164): avc: denied { bind } for pid=3535 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 99.975333][ T24] audit: type=1400 audit(1639666666.933:165): avc: denied { name_bind } for pid=3535 comm="syz-executor.0" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 99.997338][ T24] audit: type=1400 audit(1639666666.933:166): avc: denied { node_bind } for pid=3535 comm="syz-executor.0" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 14:57:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000400000084) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x36200, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) shutdown(r0, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1, 0xffffffff}, 0x6b) sendto$inet6(r0, &(0x7f0000000040)="b6", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0x8, 0xee9, 0x22, @local, @mcast2, 0x7800, 0x7, 0x4, 0x5}}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@ipv4={""/10, ""/2, @empty}}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000480)=0xe8) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000006c0)={'ip6_vti0\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x4, 0xf0, 0x6, 0x0, 0x12, @private1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7818, 0x40, 0x5, 0x4}}) getpeername$packet(r1, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000740)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'ip_vti0\x00', 0x0}) getpeername$packet(0xffffffffffffffff, &(0x7f0000000f40)={0x11, 0x0, 0x0}, &(0x7f0000000f80)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000001040)={'ip6tnl0\x00', &(0x7f0000000fc0)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x6, 0x58, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2, 0x20, 0x700, 0xfffffffd, 0x8}}) sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000001600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001640)=ANY=[@ANYBLOB="44050000", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fedbdf250000000008000100", @ANYRES32=r2, @ANYBLOB="fc0102804c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c0004000100205110370000000205237c0d000000800303060000003c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400c4ae000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000001000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004002304000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004008100000008000600", @ANYRES32=r3, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004007c87000008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000000000008000100", @ANYRES32=r5, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000100000008000100", @ANYRES32=r6, @ANYBLOB="6802028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000800000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400008000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff400001002400010071756575655f6964000000000000700c000000000000000000008100000000000500030003000000080004004800000008000600769467d87e3e6060f3855b02ed40efdca4766f3102519c0bad8875e5b15cab70ee698cc69934e20d338bedb17a257d45a610d2114b46a8d06b6befd4b35cf919b7cb5f0cb5916770b3f5a2e5cfab329e8f527a89f59dc3b564b4a2134b8f2141ea4ba140a12716b1f379b1a7251490643e386a35c9ebb78db81a2c8450948306612b6a28139d671ca15e15e1d8e6f63f497f4d8987f10eb2bced844a2ac09bbd6075fe0cb3a0b62f746927629ab8e27a39d016d22e8de2471b711329a32dd176a5275a170fe6ad1947fc8451fcff392dd466a18805099d1e6e8d", @ANYRES32=r7, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff08000100", @ANYRES32=r7, @ANYBLOB="700002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c00040031fa4008080000000700094f810000000d000601050000007f007fd2050000000000017f010000000b001f80d600000000007a40ff030000"], 0x544}, 0x1, 0x0, 0x0, 0x8091}, 0x8000) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000140)={0x200, {{0xa, 0x4e24, 0xffff, @mcast1, 0x9}}, 0x0, 0x1, [{{0xa, 0x4e22, 0x1, @mcast2, 0x80000000}}]}, 0x110) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2a1e0400000000006c00128009000100766c616e000000005c00028006000100000000000c0002001c0000001b00000004000380400004800c000100fbffffff050000000c00010041020000050000000c000100f7ffffffffff00000c00010000000000b2d600000c000100020000000600000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="8cdb925d038254a25abb63ff4ff4969c2870b703bc4558301b6612fd088c41536445d95e6cbb5e5d093d0a7140dbc99e2166a68d19ca77e0904ac12a86191a3287228b98f3ac58d74016d3bd11e035"], 0x9c}}, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @mcast1, 0x6, 0x8000, 0x5, 0x500, 0x7fff, 0x30200a8, r8}) close(r0) socket$inet6(0xa, 0x1, 0x8010000400000084) (async) openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x36200, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1) (async) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async) shutdown(r0, 0x0) (async) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1, 0xffffffff}, 0x6b) (async) sendto$inet6(r0, &(0x7f0000000040)="b6", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x2f, 0x2, 0x8, 0xee9, 0x22, @local, @mcast2, 0x7800, 0x7, 0x4, 0x5}}) (async) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@ipv4={""/10, ""/2, @empty}}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000480)=0xe8) (async) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000006c0)={'ip6_vti0\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x4, 0xf0, 0x6, 0x0, 0x12, @private1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7818, 0x40, 0x5, 0x4}}) (async) getpeername$packet(r1, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000740)=0x14) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'ip_vti0\x00'}) (async) getpeername$packet(0xffffffffffffffff, &(0x7f0000000f40), &(0x7f0000000f80)=0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000001040)={'ip6tnl0\x00', &(0x7f0000000fc0)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x6, 0x58, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2, 0x20, 0x700, 0xfffffffd, 0x8}}) (async) sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000001600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001640)=ANY=[@ANYBLOB="44050000", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fedbdf250000000008000100", @ANYRES32=r2, @ANYBLOB="fc0102804c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c0004000100205110370000000205237c0d000000800303060000003c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400c4ae000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000001000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004002304000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004008100000008000600", @ANYRES32=r3, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004007c87000008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000000000008000100", @ANYRES32=r5, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000100000008000100", @ANYRES32=r6, @ANYBLOB="6802028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000800000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400008000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ff00000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff400001002400010071756575655f6964000000000000700c000000000000000000008100000000000500030003000000080004004800000008000600769467d87e3e6060f3855b02ed40efdca4766f3102519c0bad8875e5b15cab70ee698cc69934e20d338bedb17a257d45a610d2114b46a8d06b6befd4b35cf919b7cb5f0cb5916770b3f5a2e5cfab329e8f527a89f59dc3b564b4a2134b8f2141ea4ba140a12716b1f379b1a7251490643e386a35c9ebb78db81a2c8450948306612b6a28139d671ca15e15e1d8e6f63f497f4d8987f10eb2bced844a2ac09bbd6075fe0cb3a0b62f746927629ab8e27a39d016d22e8de2471b711329a32dd176a5275a170fe6ad1947fc8451fcff392dd466a18805099d1e6e8d", @ANYRES32=r7, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400f7ffffff08000100", @ANYRES32=r7, @ANYBLOB="700002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c00040031fa4008080000000700094f810000000d000601050000007f007fd2050000000000017f010000000b001f80d600000000007a40ff030000"], 0x544}, 0x1, 0x0, 0x0, 0x8091}, 0x8000) (async) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000140)={0x200, {{0xa, 0x4e24, 0xffff, @mcast1, 0x9}}, 0x0, 0x1, [{{0xa, 0x4e22, 0x1, @mcast2, 0x80000000}}]}, 0x110) (async) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2a1e0400000000006c00128009000100766c616e000000005c00028006000100000000000c0002001c0000001b00000004000380400004800c000100fbffffff050000000c00010041020000050000000c000100f7ffffffffff00000c00010000000000b2d600000c000100020000000600000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="8cdb925d038254a25abb63ff4ff4969c2870b703bc4558301b6612fd088c41536445d95e6cbb5e5d093d0a7140dbc99e2166a68d19ca77e0904ac12a86191a3287228b98f3ac58d74016d3bd11e035"], 0x9c}}, 0x0) (async) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @mcast1, 0x6, 0x8000, 0x5, 0x500, 0x7fff, 0x30200a8, r8}) (async) close(r0) (async) [ 100.019433][ T24] audit: type=1400 audit(1639666666.933:167): avc: denied { shutdown } for pid=3535 comm="syz-executor.0" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 100.041246][ T24] audit: type=1400 audit(1639666666.933:168): avc: denied { setopt } for pid=3535 comm="syz-executor.0" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 100.062894][ T24] audit: type=1400 audit(1639666666.933:169): avc: denied { write } for pid=3535 comm="syz-executor.0" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 100.063791][ T3546] EXT4-fs (loop1): unsupported descriptor size 0 [ 100.084545][ T24] audit: type=1400 audit(1639666666.933:170): avc: denied { connect } for pid=3535 comm="syz-executor.0" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 100.117164][ T3534] loop5: detected capacity change from 0 to 4 14:57:47 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 44) 14:57:47 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x600, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:47 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 40) 14:57:47 executing program 0: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) r1 = open(&(0x7f0000000080)='./bus\x00', 0x234d80, 0x1fe) ftruncate(r1, 0x7) io_setup(0x202, &(0x7f0000000200)=0x0) ftruncate(r0, 0x81fd) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) fallocate(r0, 0x3, 0x0, 0x1001) 14:57:47 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e14", 0x18, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 100.142355][ T3534] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 100.160077][ T3569] loop2: detected capacity change from 0 to 3 [ 100.187199][ T3576] loop1: detected capacity change from 0 to 1024 [ 100.204738][ T3577] FAULT_INJECTION: forcing a failure. [ 100.204738][ T3577] name failslab, interval 1, probability 0, space 0, times 0 [ 100.217403][ T3577] CPU: 1 PID: 3577 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 100.226124][ T3577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:57:47 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x604, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 100.236315][ T3577] Call Trace: [ 100.239656][ T3577] [ 100.242590][ T3577] dump_stack_lvl+0xd6/0x122 [ 100.247339][ T3577] dump_stack+0x11/0x1b [ 100.251499][ T3577] should_fail+0x23c/0x250 [ 100.255992][ T3577] ? kcalloc+0x32/0x50 [ 100.260109][ T3577] __should_failslab+0x81/0x90 [ 100.264878][ T3577] should_failslab+0x5/0x20 [ 100.269457][ T3577] __kmalloc+0x6f/0x370 [ 100.273619][ T3577] kcalloc+0x32/0x50 [ 100.277581][ T3577] ext4_find_extent+0x19f/0x7e0 [ 100.282475][ T3577] ? kfree+0xf8/0x1f0 [ 100.286545][ T3577] ext4_ext_map_blocks+0x115/0x2120 [ 100.291798][ T3577] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 100.297788][ T3577] ext4_map_blocks+0x71e/0xf00 [ 100.302592][ T3577] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 100.308254][ T3577] ext4_getblk+0xc6/0x3e0 [ 100.312593][ T3577] ext4_bread+0x28/0x100 [ 100.316844][ T3577] ext4_append+0xd1/0x1c0 [ 100.321175][ T3577] ext4_init_new_dir+0x177/0x500 [ 100.326200][ T3577] ext4_mkdir+0x329/0x760 [ 100.330567][ T3577] vfs_mkdir+0x2c8/0x3d0 [ 100.334810][ T3577] do_mkdirat+0x12e/0x2c0 [ 100.339197][ T3577] __x64_sys_mkdir+0x40/0x50 [ 100.343890][ T3577] do_syscall_64+0x44/0xd0 [ 100.348392][ T3577] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 100.354292][ T3577] RIP: 0033:0x7fbd63e3afa7 [ 100.358985][ T3577] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 100.378748][ T3577] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 100.387181][ T3577] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 100.395194][ T3577] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 100.403172][ T3577] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 100.411263][ T3577] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 100.419335][ T3577] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 100.427386][ T3577] 14:57:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f465", 0x33, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 100.434922][ T3580] loop2: detected capacity change from 0 to 3 [ 100.436555][ T3576] EXT4-fs (loop1): unsupported descriptor size 0 [ 100.442296][ T3578] FAULT_INJECTION: forcing a failure. [ 100.442296][ T3578] name failslab, interval 1, probability 0, space 0, times 0 [ 100.459985][ T3578] CPU: 1 PID: 3578 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 100.468690][ T3578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 100.478794][ T3578] Call Trace: [ 100.482067][ T3578] [ 100.484994][ T3578] dump_stack_lvl+0xd6/0x122 [ 100.489589][ T3578] dump_stack+0x11/0x1b [ 100.493774][ T3578] should_fail+0x23c/0x250 [ 100.498271][ T3578] ? jbd2__journal_start+0xf7/0x3f0 [ 100.503468][ T3578] __should_failslab+0x81/0x90 [ 100.508267][ T3578] should_failslab+0x5/0x20 [ 100.512785][ T3578] kmem_cache_alloc+0x4f/0x320 [ 100.517548][ T3578] ? find_group_orlov+0x52d/0x840 [ 100.522720][ T3578] jbd2__journal_start+0xf7/0x3f0 [ 100.527749][ T3578] __ext4_journal_start_sb+0x159/0x310 [ 100.533217][ T3578] __ext4_new_inode+0xd95/0x2fc0 [ 100.538360][ T3578] ext4_mkdir+0x28a/0x760 [ 100.542701][ T3578] vfs_mkdir+0x2c8/0x3d0 [ 100.547052][ T3578] do_mkdirat+0x12e/0x2c0 [ 100.551385][ T3578] __x64_sys_mkdir+0x40/0x50 [ 100.556129][ T3578] do_syscall_64+0x44/0xd0 [ 100.560551][ T3578] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 100.566488][ T3578] RIP: 0033:0x7fbc8e8dcfa7 14:57:47 executing program 0: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) r1 = open(&(0x7f0000000080)='./bus\x00', 0x234d80, 0x1fe) ftruncate(r1, 0x7) io_setup(0x202, &(0x7f0000000200)=0x0) ftruncate(r0, 0x81fd) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) fallocate(r0, 0x3, 0x0, 0x1001) creat(&(0x7f0000000000)='./bus\x00', 0x0) (async) fcntl$setstatus(r0, 0x4, 0x6000) (async) open(&(0x7f0000000080)='./bus\x00', 0x234d80, 0x1fe) (async) ftruncate(r1, 0x7) (async) io_setup(0x202, &(0x7f0000000200)) (async) ftruncate(r0, 0x81fd) (async) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) (async) fallocate(r0, 0x3, 0x0, 0x1001) (async) [ 100.570901][ T3578] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 100.584357][ T3582] loop5: detected capacity change from 0 to 4 [ 100.590593][ T3578] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 100.590617][ T3578] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 100.590630][ T3578] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 100.590642][ T3578] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 100.598108][ T3582] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 14:57:47 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55", 0x1c, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:47 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 45) [ 100.605142][ T3578] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 100.605160][ T3578] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 100.605177][ T3578] [ 100.605744][ T3578] EXT4-fs error (device sda1) in __ext4_new_inode:1085: Out of memory [ 100.692571][ T3593] FAULT_INJECTION: forcing a failure. [ 100.692571][ T3593] name failslab, interval 1, probability 0, space 0, times 0 [ 100.695152][ T3595] loop1: detected capacity change from 0 to 1024 [ 100.705228][ T3593] CPU: 0 PID: 3593 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 100.720299][ T3593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 100.730454][ T3593] Call Trace: [ 100.733764][ T3593] [ 100.736772][ T3593] dump_stack_lvl+0xd6/0x122 [ 100.741504][ T3593] dump_stack+0x11/0x1b [ 100.745674][ T3593] should_fail+0x23c/0x250 [ 100.750089][ T3593] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 100.755432][ T3593] __should_failslab+0x81/0x90 [ 100.759589][ T3595] EXT4-fs (loop1): unsupported descriptor size 0 [ 100.760199][ T3593] should_failslab+0x5/0x20 [ 100.771078][ T3593] kmem_cache_alloc+0x4f/0x320 [ 100.775870][ T3593] ext4_mb_new_blocks+0x328/0x1ee0 [ 100.781028][ T3593] ? kcalloc+0x32/0x50 [ 100.785101][ T3593] ? ext4_find_extent+0x6d7/0x7e0 [ 100.790142][ T3593] ? ext4_ext_search_right+0x301/0x4f0 [ 100.793654][ T3599] loop5: detected capacity change from 0 to 4 [ 100.795635][ T3593] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 100.795665][ T3593] ext4_ext_map_blocks+0x1658/0x2120 [ 100.812695][ T3593] ? _raw_spin_unlock+0x2e/0x50 [ 100.817578][ T3593] ext4_map_blocks+0x71e/0xf00 [ 100.822392][ T3593] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 100.828032][ T3593] ext4_getblk+0xc6/0x3e0 [ 100.832357][ T3593] ext4_bread+0x28/0x100 [ 100.836609][ T3593] ext4_append+0xd1/0x1c0 [ 100.840924][ T3593] ext4_init_new_dir+0x177/0x500 [ 100.845892][ T3593] ext4_mkdir+0x329/0x760 [ 100.850215][ T3593] vfs_mkdir+0x2c8/0x3d0 [ 100.854530][ T3593] do_mkdirat+0x12e/0x2c0 [ 100.858860][ T3593] __x64_sys_mkdir+0x40/0x50 [ 100.863435][ T3593] do_syscall_64+0x44/0xd0 [ 100.867860][ T3593] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 100.873766][ T3593] RIP: 0033:0x7fbd63e3afa7 [ 100.878163][ T3593] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 100.898179][ T3593] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 100.906575][ T3593] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 100.914543][ T3593] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 100.922497][ T3593] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 100.930536][ T3593] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 14:57:47 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x700, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:47 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 41) 14:57:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 100.938491][ T3593] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 100.946448][ T3593] [ 100.956095][ T3599] EXT4-fs (loop5): invalid first ino: 0 [ 100.962820][ T3600] FAULT_INJECTION: forcing a failure. [ 100.962820][ T3600] name failslab, interval 1, probability 0, space 0, times 0 [ 100.975514][ T3600] CPU: 1 PID: 3600 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 100.984196][ T3600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 100.994250][ T3600] Call Trace: [ 100.997602][ T3600] [ 101.000537][ T3600] dump_stack_lvl+0xd6/0x122 [ 101.001386][ T3601] loop2: detected capacity change from 0 to 3 [ 101.005134][ T3600] dump_stack+0x11/0x1b [ 101.005159][ T3600] should_fail+0x23c/0x250 [ 101.019754][ T3600] ? sidtab_sid2str_get+0xb0/0x140 [ 101.024860][ T3600] __should_failslab+0x81/0x90 [ 101.029616][ T3600] should_failslab+0x5/0x20 [ 101.034109][ T3600] __kmalloc_track_caller+0x6d/0x370 [ 101.039445][ T3600] kmemdup+0x21/0x50 [ 101.043330][ T3600] sidtab_sid2str_get+0xb0/0x140 [ 101.048331][ T3600] security_sid_to_context_core+0x1d0/0x2d0 [ 101.054307][ T3600] security_sid_to_context_force+0x2f/0x40 [ 101.060157][ T3600] selinux_inode_init_security+0x4e4/0x590 [ 101.065991][ T3600] security_inode_init_security+0xe4/0x260 [ 101.071864][ T3600] ? ext4_init_security+0x40/0x40 [ 101.076922][ T3600] ext4_init_security+0x30/0x40 [ 101.081834][ T3600] __ext4_new_inode+0x29a3/0x2fc0 [ 101.086850][ T3600] ext4_mkdir+0x28a/0x760 [ 101.091179][ T3600] vfs_mkdir+0x2c8/0x3d0 [ 101.095485][ T3600] do_mkdirat+0x12e/0x2c0 [ 101.099821][ T3600] __x64_sys_mkdir+0x40/0x50 [ 101.104411][ T3600] do_syscall_64+0x44/0xd0 [ 101.108827][ T3600] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.114713][ T3600] RIP: 0033:0x7fbc8e8dcfa7 [ 101.119113][ T3600] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:48 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x900, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:48 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55", 0x1c, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:48 executing program 0: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) (async) r1 = open(&(0x7f0000000080)='./bus\x00', 0x234d80, 0x1fe) ftruncate(r1, 0x7) (async) io_setup(0x202, &(0x7f0000000200)=0x0) ftruncate(r0, 0x81fd) (async) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) fallocate(r0, 0x3, 0x0, 0x1001) 14:57:48 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 46) [ 101.138773][ T3600] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 101.147186][ T3600] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 101.155142][ T3600] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 101.163110][ T3600] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 101.171066][ T3600] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 101.179039][ T3600] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 101.187033][ T3600] [ 101.232616][ T3606] FAULT_INJECTION: forcing a failure. [ 101.232616][ T3606] name failslab, interval 1, probability 0, space 0, times 0 [ 101.245400][ T3606] CPU: 1 PID: 3606 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 101.247370][ T3608] loop1: detected capacity change from 0 to 1024 [ 101.254217][ T3606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.254231][ T3606] Call Trace: [ 101.254236][ T3606] [ 101.254242][ T3606] dump_stack_lvl+0xd6/0x122 [ 101.254269][ T3606] dump_stack+0x11/0x1b [ 101.254287][ T3606] should_fail+0x23c/0x250 [ 101.265613][ T3608] EXT4-fs (loop1): unsupported descriptor size 0 [ 101.270726][ T3606] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 101.274582][ T3607] loop2: detected capacity change from 0 to 4 [ 101.277022][ T3606] __should_failslab+0x81/0x90 [ 101.277048][ T3606] should_failslab+0x5/0x20 [ 101.277070][ T3606] kmem_cache_alloc+0x4f/0x320 [ 101.323196][ T3606] ext4_mb_new_blocks+0x328/0x1ee0 [ 101.328333][ T3606] ? kcalloc+0x32/0x50 [ 101.332412][ T3606] ? ext4_find_extent+0x6d7/0x7e0 [ 101.337482][ T3606] ? ext4_ext_search_right+0x301/0x4f0 [ 101.343028][ T3606] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 101.348760][ T3606] ext4_ext_map_blocks+0x1658/0x2120 [ 101.354186][ T3606] ext4_map_blocks+0x71e/0xf00 [ 101.359095][ T3606] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 101.364736][ T3606] ext4_getblk+0xc6/0x3e0 [ 101.369082][ T3606] ext4_bread+0x28/0x100 [ 101.373404][ T3606] ext4_append+0xd1/0x1c0 [ 101.377741][ T3606] ext4_init_new_dir+0x177/0x500 [ 101.382691][ T3606] ext4_mkdir+0x329/0x760 [ 101.387042][ T3606] vfs_mkdir+0x2c8/0x3d0 [ 101.391314][ T3606] do_mkdirat+0x12e/0x2c0 [ 101.395682][ T3606] __x64_sys_mkdir+0x40/0x50 [ 101.400278][ T3606] do_syscall_64+0x44/0xd0 [ 101.404710][ T3606] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.410619][ T3606] RIP: 0033:0x7fbd63e3afa7 [ 101.415036][ T3606] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 101.434696][ T3606] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 101.435298][ T3612] FAULT_INJECTION: forcing a failure. [ 101.435298][ T3612] name failslab, interval 1, probability 0, space 0, times 0 [ 101.443138][ T3606] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 101.443154][ T3606] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 101.443167][ T3606] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 14:57:48 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 42) [ 101.443177][ T3606] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 101.443188][ T3606] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 101.495723][ T3606] [ 101.498729][ T3612] CPU: 0 PID: 3612 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 101.507403][ T3612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.517453][ T3612] Call Trace: [ 101.520791][ T3612] [ 101.523721][ T3612] dump_stack_lvl+0xd6/0x122 [ 101.528400][ T3612] dump_stack+0x11/0x1b [ 101.532772][ T3612] should_fail+0x23c/0x250 [ 101.537217][ T3612] ? kcalloc+0x32/0x50 [ 101.541298][ T3612] __should_failslab+0x81/0x90 [ 101.546075][ T3612] should_failslab+0x5/0x20 [ 101.550661][ T3612] __kmalloc+0x6f/0x370 [ 101.554878][ T3612] ? chksum_update+0x39/0x50 [ 101.559525][ T3612] kcalloc+0x32/0x50 [ 101.563430][ T3612] ext4_find_extent+0x19f/0x7e0 [ 101.568355][ T3612] ? ext4_inode_csum+0x240/0x490 [ 101.573417][ T3612] ext4_ext_map_blocks+0x115/0x2120 [ 101.577744][ T3614] loop5: detected capacity change from 0 to 4 [ 101.578712][ T3612] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 101.578802][ T3612] ? ext4_es_lookup_extent+0x221/0x500 [ 101.596219][ T3612] ext4_map_blocks+0x1cf/0xf00 [ 101.600995][ T3612] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 101.606685][ T3612] ext4_getblk+0xc6/0x3e0 [ 101.611044][ T3612] ext4_bread+0x28/0x100 [ 101.615287][ T3612] ext4_append+0xd1/0x1c0 [ 101.619600][ T3612] ext4_init_new_dir+0x177/0x500 [ 101.624524][ T3612] ext4_mkdir+0x329/0x760 [ 101.628838][ T3612] vfs_mkdir+0x2c8/0x3d0 [ 101.633064][ T3612] do_mkdirat+0x12e/0x2c0 [ 101.637377][ T3612] __x64_sys_mkdir+0x40/0x50 [ 101.642110][ T3612] do_syscall_64+0x44/0xd0 [ 101.646528][ T3612] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.652507][ T3612] RIP: 0033:0x7fbc8e8dcfa7 [ 101.657014][ T3612] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 101.676705][ T3612] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 101.685139][ T3612] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 101.693096][ T3612] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 101.701059][ T3612] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 101.709025][ T3612] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 101.716999][ T3612] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 101.725007][ T3612] 14:57:48 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 47) [ 101.732326][ T3614] EXT4-fs (loop5): invalid first ino: 0 14:57:49 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:49 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55", 0x1c, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 101.763770][ T3616] FAULT_INJECTION: forcing a failure. [ 101.763770][ T3616] name failslab, interval 1, probability 0, space 0, times 0 [ 101.776434][ T3616] CPU: 1 PID: 3616 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 101.785287][ T3616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.795345][ T3616] Call Trace: [ 101.795721][ T3619] loop1: detected capacity change from 0 to 1024 [ 101.798622][ T3616] [ 101.798631][ T3616] dump_stack_lvl+0xd6/0x122 [ 101.798655][ T3616] dump_stack+0x11/0x1b [ 101.816899][ T3616] should_fail+0x23c/0x250 [ 101.821320][ T3616] ? __es_insert_extent+0x546/0xe80 [ 101.826530][ T3616] __should_failslab+0x81/0x90 [ 101.831340][ T3616] should_failslab+0x5/0x20 [ 101.835914][ T3616] kmem_cache_alloc+0x4f/0x320 [ 101.840730][ T3616] __es_insert_extent+0x546/0xe80 [ 101.845763][ T3616] ? ext4_ext_map_blocks+0x1128/0x2120 [ 101.851240][ T3616] ext4_es_insert_extent+0x1cb/0x19c0 [ 101.856623][ T3616] ext4_map_blocks+0xa5d/0xf00 [ 101.861560][ T3616] ext4_getblk+0xc6/0x3e0 [ 101.865899][ T3616] ext4_bread+0x28/0x100 [ 101.870221][ T3616] ext4_append+0xd1/0x1c0 [ 101.874622][ T3616] ext4_init_new_dir+0x177/0x500 [ 101.879675][ T3616] ext4_mkdir+0x329/0x760 [ 101.884025][ T3616] vfs_mkdir+0x2c8/0x3d0 [ 101.888498][ T3616] do_mkdirat+0x12e/0x2c0 [ 101.892850][ T3616] __x64_sys_mkdir+0x40/0x50 [ 101.897471][ T3616] do_syscall_64+0x44/0xd0 [ 101.901925][ T3616] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.906081][ T3619] EXT4-fs (loop1): unsupported descriptor size 0 14:57:49 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d550100", 0x1e, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:49 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 43) [ 101.907827][ T3616] RIP: 0033:0x7fbd63e3afa7 [ 101.907846][ T3616] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 101.907863][ T3616] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 101.946867][ T3616] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 101.953987][ T3621] FAULT_INJECTION: forcing a failure. [ 101.953987][ T3621] name failslab, interval 1, probability 0, space 0, times 0 [ 101.954843][ T3616] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 101.954858][ T3616] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 101.983438][ T3616] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 101.991416][ T3616] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 101.999380][ T3616] [ 102.002400][ T3621] CPU: 0 PID: 3621 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 102.008634][ T3622] loop2: detected capacity change from 0 to 5 [ 102.011140][ T3621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.011152][ T3621] Call Trace: [ 102.011159][ T3621] [ 102.033518][ T3621] dump_stack_lvl+0xd6/0x122 [ 102.036787][ T3624] loop5: detected capacity change from 0 to 4 [ 102.038131][ T3621] dump_stack+0x11/0x1b [ 102.038154][ T3621] should_fail+0x23c/0x250 [ 102.038172][ T3621] ? __es_insert_extent+0x546/0xe80 [ 102.046391][ T3624] EXT4-fs (loop5): invalid first ino: 0 [ 102.048347][ T3621] __should_failslab+0x81/0x90 [ 102.068654][ T3621] should_failslab+0x5/0x20 [ 102.073251][ T3621] kmem_cache_alloc+0x4f/0x320 [ 102.078002][ T3621] ? debug_smp_processor_id+0x18/0x20 [ 102.083410][ T3621] __es_insert_extent+0x546/0xe80 [ 102.088422][ T3621] ext4_es_insert_extent+0x1cb/0x19c0 [ 102.093858][ T3621] ext4_ext_map_blocks+0xff7/0x2120 [ 102.099045][ T3621] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 102.105026][ T3621] ext4_map_blocks+0x1cf/0xf00 [ 102.109789][ T3621] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 102.115473][ T3621] ext4_getblk+0xc6/0x3e0 [ 102.119794][ T3621] ext4_bread+0x28/0x100 [ 102.124053][ T3621] ext4_append+0xd1/0x1c0 [ 102.128370][ T3621] ext4_init_new_dir+0x177/0x500 [ 102.133362][ T3621] ext4_mkdir+0x329/0x760 [ 102.137684][ T3621] vfs_mkdir+0x2c8/0x3d0 [ 102.141954][ T3621] do_mkdirat+0x12e/0x2c0 [ 102.146325][ T3621] __x64_sys_mkdir+0x40/0x50 [ 102.150903][ T3621] do_syscall_64+0x44/0xd0 [ 102.155354][ T3621] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.161359][ T3621] RIP: 0033:0x7fbc8e8dcfa7 [ 102.165766][ T3621] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.185458][ T3621] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 102.194031][ T3621] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 102.202020][ T3621] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 14:57:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2020003}}}, 0x10) bind$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) bind$tipc(r3, &(0x7f0000000080)=@id={0x1e, 0x3, 0x0, {0x4e20, 0x2}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10) r5 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) close(r3) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r1, @ANYRES32=r2], 0x14}}, 0x0) 14:57:49 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 48) 14:57:49 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 102.209987][ T3621] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 102.217941][ T3621] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 102.226010][ T3621] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 102.233978][ T3621] [ 102.246916][ T3626] loop1: detected capacity change from 0 to 1024 [ 102.255276][ T3626] EXT4-fs (loop1): unsupported descriptor size 0 [ 102.282655][ T3629] FAULT_INJECTION: forcing a failure. [ 102.282655][ T3629] name failslab, interval 1, probability 0, space 0, times 0 [ 102.289003][ T3631] loop5: detected capacity change from 0 to 4 [ 102.295458][ T3629] CPU: 1 PID: 3629 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 102.295483][ T3629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.303494][ T3631] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 102.310225][ T3629] Call Trace: [ 102.310235][ T3629] [ 102.310242][ T3629] dump_stack_lvl+0xd6/0x122 [ 102.310267][ T3629] dump_stack+0x11/0x1b [ 102.310285][ T3629] should_fail+0x23c/0x250 [ 102.347845][ T3629] ? jbd2_journal_add_journal_head+0x6c/0x3a0 [ 102.354174][ T3629] __should_failslab+0x81/0x90 [ 102.358990][ T3629] should_failslab+0x5/0x20 [ 102.363484][ T3629] kmem_cache_alloc+0x4f/0x320 [ 102.368276][ T3629] jbd2_journal_add_journal_head+0x6c/0x3a0 [ 102.374165][ T3629] jbd2_journal_get_create_access+0x2c/0x290 [ 102.380212][ T3629] __ext4_journal_get_create_access+0x65/0x320 [ 102.386407][ T3629] ext4_getblk+0x22b/0x3e0 [ 102.390878][ T3629] ext4_bread+0x28/0x100 [ 102.395196][ T3629] ext4_append+0xd1/0x1c0 [ 102.399513][ T3629] ext4_init_new_dir+0x177/0x500 [ 102.404871][ T3629] ext4_mkdir+0x329/0x760 [ 102.409192][ T3629] vfs_mkdir+0x2c8/0x3d0 [ 102.413428][ T3629] do_mkdirat+0x12e/0x2c0 [ 102.417743][ T3629] __x64_sys_mkdir+0x40/0x50 [ 102.422346][ T3629] do_syscall_64+0x44/0xd0 [ 102.426754][ T3629] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.432642][ T3629] RIP: 0033:0x7fbd63e3afa7 [ 102.437047][ T3629] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.457264][ T3629] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 102.465669][ T3629] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3afa7 [ 102.473636][ T3629] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 14:57:49 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 44) [ 102.481602][ T3629] RBP: 00007fbd62fb2020 R08: 0000000000000000 R09: 00007fbd62fb21d0 [ 102.489638][ T3629] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 102.497683][ T3629] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 102.505838][ T3629] [ 102.508872][ T3629] ENOMEM in journal_alloc_journal_head, retrying. 14:57:49 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d550100", 0x1e, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 102.532728][ T3635] loop2: detected capacity change from 0 to 5 [ 102.547438][ T3637] FAULT_INJECTION: forcing a failure. [ 102.547438][ T3637] name failslab, interval 1, probability 0, space 0, times 0 [ 102.556881][ T3639] loop1: detected capacity change from 0 to 1024 [ 102.560108][ T3637] CPU: 1 PID: 3637 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:49 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2020003}}}, 0x10) (async, rerun: 32) bind$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) (async, rerun: 32) bind$tipc(r3, &(0x7f0000000080)=@id={0x1e, 0x3, 0x0, {0x4e20, 0x2}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10) (async) r5 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) (async) close(r3) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) (async) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r1, @ANYRES32=r2], 0x14}}, 0x0) 14:57:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:49 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 49) [ 102.575154][ T3637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.584052][ T3639] EXT4-fs (loop1): unsupported descriptor size 0 [ 102.585211][ T3637] Call Trace: [ 102.585219][ T3637] [ 102.585226][ T3637] dump_stack_lvl+0xd6/0x122 [ 102.602558][ T3637] dump_stack+0x11/0x1b [ 102.606721][ T3637] should_fail+0x23c/0x250 [ 102.611247][ T3637] ? kcalloc+0x32/0x50 [ 102.615310][ T3637] __should_failslab+0x81/0x90 [ 102.620065][ T3637] should_failslab+0x5/0x20 [ 102.624654][ T3637] __kmalloc+0x6f/0x370 [ 102.628848][ T3637] kcalloc+0x32/0x50 [ 102.632788][ T3637] ext4_find_extent+0x19f/0x7e0 [ 102.637650][ T3637] ? kfree+0xf8/0x1f0 [ 102.641641][ T3637] ext4_ext_map_blocks+0x115/0x2120 [ 102.646841][ T3637] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 102.652940][ T3637] ext4_map_blocks+0x71e/0xf00 [ 102.657711][ T3637] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 102.663806][ T3637] ext4_getblk+0xc6/0x3e0 [ 102.668124][ T3637] ext4_bread+0x28/0x100 [ 102.672357][ T3637] ext4_append+0xd1/0x1c0 [ 102.676676][ T3637] ext4_init_new_dir+0x177/0x500 [ 102.681757][ T3637] ext4_mkdir+0x329/0x760 [ 102.686114][ T3637] vfs_mkdir+0x2c8/0x3d0 [ 102.690437][ T3637] do_mkdirat+0x12e/0x2c0 [ 102.694759][ T3637] __x64_sys_mkdir+0x40/0x50 [ 102.699336][ T3637] do_syscall_64+0x44/0xd0 [ 102.703830][ T3637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.709782][ T3637] RIP: 0033:0x7fbc8e8dcfa7 [ 102.714182][ T3637] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.733806][ T3637] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 102.742240][ T3637] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 102.750199][ T3637] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 102.758159][ T3637] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 102.766115][ T3637] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 102.774253][ T3637] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 102.782215][ T3637] [ 102.787619][ T1911] net_ratelimit: 26 callbacks suppressed [ 102.787631][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 102.790225][ T3644] loop5: detected capacity change from 0 to 4 [ 102.794899][ T3645] FAULT_INJECTION: forcing a failure. [ 102.794899][ T3645] name failslab, interval 1, probability 0, space 0, times 0 [ 102.815982][ T3644] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 102.820384][ T3645] CPU: 1 PID: 3645 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 102.837141][ T3645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.847225][ T3645] Call Trace: [ 102.850495][ T3645] [ 102.853412][ T3645] dump_stack_lvl+0xd6/0x122 [ 102.857997][ T3645] dump_stack+0x11/0x1b [ 102.862152][ T3645] should_fail+0x23c/0x250 [ 102.866573][ T3645] ? strndup_user+0x64/0xa0 [ 102.871097][ T3645] __should_failslab+0x81/0x90 [ 102.875852][ T3645] should_failslab+0x5/0x20 [ 102.880433][ T3645] __kmalloc_track_caller+0x6d/0x370 [ 102.885883][ T3645] memdup_user+0x22/0xb0 [ 102.890153][ T3645] strndup_user+0x64/0xa0 [ 102.894551][ T3645] __se_sys_mount+0x4e/0x2f0 [ 102.899128][ T3645] ? debug_smp_processor_id+0x18/0x20 [ 102.904621][ T3645] __x64_sys_mount+0x63/0x70 [ 102.909244][ T3645] do_syscall_64+0x44/0xd0 [ 102.913704][ T3645] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.919672][ T3645] RIP: 0033:0x7fbd63e3d3ca [ 102.924076][ T3645] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.943674][ T3645] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 102.952160][ T3645] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 102.960139][ T3645] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 102.968093][ T3645] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 102.976132][ T3645] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:57:50 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:50 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2020003}}}, 0x10) bind$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) bind$tipc(r3, &(0x7f0000000080)=@id={0x1e, 0x3, 0x0, {0x4e20, 0x2}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10) r5 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) close(r3) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r1, @ANYRES32=r2], 0x14}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$tipc(0x1e, 0x2, 0x0) (async) bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2020003}}}, 0x10) (async) bind$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) (async) bind$tipc(r3, &(0x7f0000000080)=@id={0x1e, 0x3, 0x0, {0x4e20, 0x2}}, 0x10) (async) socket$tipc(0x1e, 0x2, 0x0) (async) bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10) (async) socket$tipc(0x1e, 0x2, 0x0) (async) bind$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) (async) close(r3) (async) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x35, 0x0, 0x0, 0x1ff}, {0x84}, {0x6, 0x0, 0x0, 0xffffff97}]}, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) (async) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRESDEC=r1, @ANYRES32=r2], 0x14}}, 0x0) (async) 14:57:50 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 45) 14:57:50 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d550100", 0x1e, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 102.984147][ T3645] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 102.992448][ T3645] [ 103.003541][ T3652] loop2: detected capacity change from 0 to 6 14:57:50 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 50) 14:57:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 103.049503][ T3672] FAULT_INJECTION: forcing a failure. [ 103.049503][ T3672] name failslab, interval 1, probability 0, space 0, times 0 [ 103.062201][ T3672] CPU: 1 PID: 3672 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 103.066311][ T3674] loop1: detected capacity change from 0 to 1024 [ 103.070888][ T3672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.070903][ T3672] Call Trace: [ 103.070908][ T3672] [ 103.070914][ T3672] dump_stack_lvl+0xd6/0x122 [ 103.085752][ T3678] loop5: detected capacity change from 0 to 4 [ 103.087279][ T3672] dump_stack+0x11/0x1b [ 103.093990][ T3677] FAULT_INJECTION: forcing a failure. [ 103.093990][ T3677] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.098037][ T3672] should_fail+0x23c/0x250 [ 103.098062][ T3672] ? kcalloc+0x32/0x50 [ 103.129724][ T3672] __should_failslab+0x81/0x90 [ 103.134489][ T3672] should_failslab+0x5/0x20 [ 103.139029][ T3672] __kmalloc+0x6f/0x370 [ 103.143172][ T3672] kcalloc+0x32/0x50 [ 103.147062][ T3672] ext4_find_extent+0x19f/0x7e0 [ 103.151918][ T3672] ? kfree+0xf8/0x1f0 [ 103.155884][ T3672] ext4_ext_map_blocks+0x115/0x2120 [ 103.161070][ T3672] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 103.167090][ T3672] ext4_map_blocks+0x71e/0xf00 [ 103.171847][ T3672] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 103.177563][ T3672] ext4_getblk+0xc6/0x3e0 [ 103.181876][ T3672] ext4_bread+0x28/0x100 [ 103.186112][ T3672] ext4_append+0xd1/0x1c0 [ 103.190501][ T3672] ext4_init_new_dir+0x177/0x500 [ 103.195501][ T3672] ext4_mkdir+0x329/0x760 [ 103.199910][ T3672] vfs_mkdir+0x2c8/0x3d0 [ 103.204315][ T3672] do_mkdirat+0x12e/0x2c0 [ 103.208627][ T3672] __x64_sys_mkdir+0x40/0x50 [ 103.213300][ T3672] do_syscall_64+0x44/0xd0 [ 103.217869][ T3672] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.223747][ T3672] RIP: 0033:0x7fbc8e8dcfa7 [ 103.228168][ T3672] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 103.247760][ T3672] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 103.256173][ T3672] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 103.264148][ T3672] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 103.272101][ T3672] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 103.280076][ T3672] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 103.288043][ T3672] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 103.295999][ T3672] [ 103.299004][ T3677] CPU: 0 PID: 3677 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 103.307675][ T3677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.317732][ T3677] Call Trace: [ 103.320590][ T3674] EXT4-fs (loop1): unsupported descriptor size 0 [ 103.321008][ T3677] [ 103.329839][ T3678] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 103.331417][ T3677] dump_stack_lvl+0xd6/0x122 [ 103.331461][ T3677] dump_stack+0x11/0x1b [ 103.331480][ T3677] should_fail+0x23c/0x250 [ 103.331505][ T3677] should_fail_usercopy+0x16/0x20 [ 103.331523][ T3677] _copy_from_user+0x1c/0xd0 [ 103.362302][ T3677] memdup_user+0x5b/0xb0 [ 103.366537][ T3677] strndup_user+0x64/0xa0 [ 103.370929][ T3677] __se_sys_mount+0x4e/0x2f0 [ 103.375571][ T3677] ? __this_cpu_preempt_check+0x18/0x20 [ 103.381177][ T3677] ? switch_fpu_return+0xc9/0x190 [ 103.386194][ T3677] __x64_sys_mount+0x63/0x70 [ 103.390796][ T3677] do_syscall_64+0x44/0xd0 [ 103.395320][ T3677] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.401387][ T3677] RIP: 0033:0x7fbd63e3d3ca [ 103.405798][ T3677] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 103.425518][ T3677] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 103.433928][ T3677] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 103.441949][ T3677] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 14:57:50 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:50 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 103.449944][ T3677] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 103.457966][ T3677] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 103.465928][ T3677] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 103.473890][ T3677] [ 103.484651][ T3681] loop0: detected capacity change from 0 to 4 [ 103.484855][ T3682] loop2: detected capacity change from 0 to 6 14:57:50 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 46) [ 103.493860][ T3681] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 103.519256][ T3684] FAULT_INJECTION: forcing a failure. [ 103.519256][ T3684] name failslab, interval 1, probability 0, space 0, times 0 [ 103.532137][ T3684] CPU: 0 PID: 3684 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 103.540832][ T3684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.550900][ T3684] Call Trace: [ 103.554172][ T3684] [ 103.557149][ T3684] dump_stack_lvl+0xd6/0x122 [ 103.561753][ T3684] dump_stack+0x11/0x1b [ 103.565941][ T3684] should_fail+0x23c/0x250 [ 103.570363][ T3684] ? ext4_mb_new_blocks+0x73e/0x1ee0 [ 103.575644][ T3684] __should_failslab+0x81/0x90 [ 103.580460][ T3684] should_failslab+0x5/0x20 [ 103.584951][ T3684] kmem_cache_alloc+0x4f/0x320 [ 103.589702][ T3684] ext4_mb_new_blocks+0x73e/0x1ee0 [ 103.594887][ T3684] ? kcalloc+0x32/0x50 [ 103.598959][ T3684] ? ext4_find_extent+0x6d7/0x7e0 [ 103.604134][ T3684] ? ext4_ext_search_right+0x301/0x4f0 [ 103.609597][ T3684] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 103.615386][ T3684] ext4_ext_map_blocks+0x1658/0x2120 [ 103.620678][ T3684] ext4_map_blocks+0x71e/0xf00 [ 103.625430][ T3684] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 103.631145][ T3684] ext4_getblk+0xc6/0x3e0 [ 103.635530][ T3684] ext4_bread+0x28/0x100 [ 103.639826][ T3684] ext4_append+0xd1/0x1c0 [ 103.644145][ T3684] ext4_init_new_dir+0x177/0x500 [ 103.649127][ T3684] ext4_mkdir+0x329/0x760 [ 103.653458][ T3684] vfs_mkdir+0x2c8/0x3d0 [ 103.657749][ T3684] do_mkdirat+0x12e/0x2c0 [ 103.662063][ T3684] __x64_sys_mkdir+0x40/0x50 [ 103.666639][ T3684] do_syscall_64+0x44/0xd0 [ 103.671091][ T3684] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.677033][ T3684] RIP: 0033:0x7fbc8e8dcfa7 [ 103.681433][ T3684] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:51 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:51 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 103.701118][ T3684] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 103.709527][ T3684] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 103.717531][ T3684] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 103.725488][ T3684] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 103.733444][ T3684] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 103.741458][ T3684] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 103.749481][ T3684] 14:57:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 103.781205][ T3687] loop1: detected capacity change from 0 to 1024 [ 103.788502][ T3687] EXT4-fs (loop1): unsupported descriptor size 0 [ 103.795152][ T3688] loop2: detected capacity change from 0 to 7 [ 103.807387][ T3691] loop5: detected capacity change from 0 to 4 [ 103.807531][ T3692] loop0: detected capacity change from 0 to 4 14:57:51 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 47) 14:57:51 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 51) [ 103.826415][ T3692] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 103.840209][ T3691] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 103.843667][ T3695] FAULT_INJECTION: forcing a failure. [ 103.843667][ T3695] name failslab, interval 1, probability 0, space 0, times 0 [ 103.861352][ T3695] CPU: 0 PID: 3695 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 103.863164][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 103.870355][ T3695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.888449][ T3695] Call Trace: [ 103.890302][ T3696] FAULT_INJECTION: forcing a failure. [ 103.890302][ T3696] name failslab, interval 1, probability 0, space 0, times 0 [ 103.891798][ T3695] [ 103.891805][ T3695] dump_stack_lvl+0xd6/0x122 [ 103.891829][ T3695] dump_stack+0x11/0x1b [ 103.891846][ T3695] should_fail+0x23c/0x250 [ 103.920448][ T3695] ? __es_insert_extent+0x546/0xe80 [ 103.925677][ T3695] __should_failslab+0x81/0x90 [ 103.930431][ T3695] should_failslab+0x5/0x20 [ 103.934919][ T3695] kmem_cache_alloc+0x4f/0x320 [ 103.939735][ T3695] __es_insert_extent+0x546/0xe80 [ 103.944744][ T3695] ? ext4_ext_map_blocks+0x1128/0x2120 [ 103.950279][ T3695] ext4_es_insert_extent+0x1cb/0x19c0 [ 103.955664][ T3695] ext4_map_blocks+0xa5d/0xf00 [ 103.960466][ T3695] ext4_getblk+0xc6/0x3e0 [ 103.964785][ T3695] ext4_bread+0x28/0x100 [ 103.969102][ T3695] ext4_append+0xd1/0x1c0 [ 103.973417][ T3695] ext4_init_new_dir+0x177/0x500 [ 103.978408][ T3695] ext4_mkdir+0x329/0x760 [ 103.982774][ T3695] vfs_mkdir+0x2c8/0x3d0 [ 103.987112][ T3695] do_mkdirat+0x12e/0x2c0 [ 103.991427][ T3695] __x64_sys_mkdir+0x40/0x50 [ 103.996198][ T3695] do_syscall_64+0x44/0xd0 [ 104.000598][ T3695] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.006477][ T3695] RIP: 0033:0x7fbc8e8dcfa7 [ 104.010875][ T3695] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.030464][ T3695] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 104.038887][ T3695] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 104.046857][ T3695] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 104.054898][ T3695] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 104.062854][ T3695] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 104.070810][ T3695] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 104.078793][ T3695] 14:57:51 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1020, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:51 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 104.081795][ T3696] CPU: 1 PID: 3696 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 104.090481][ T3696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.100531][ T3696] Call Trace: [ 104.103813][ T3696] [ 104.106743][ T3696] dump_stack_lvl+0xd6/0x122 [ 104.111453][ T3696] dump_stack+0x11/0x1b [ 104.115615][ T3696] should_fail+0x23c/0x250 [ 104.120031][ T3696] ? strndup_user+0x64/0xa0 [ 104.124142][ T3700] loop1: detected capacity change from 0 to 1024 [ 104.124644][ T3696] __should_failslab+0x81/0x90 [ 104.124672][ T3696] should_failslab+0x5/0x20 [ 104.132247][ T3700] EXT4-fs (loop1): unsupported descriptor size 0 [ 104.135983][ T3696] __kmalloc_track_caller+0x6d/0x370 [ 104.136013][ T3696] memdup_user+0x22/0xb0 [ 104.143401][ T3698] loop2: detected capacity change from 0 to 8 [ 104.146855][ T3696] strndup_user+0x64/0xa0 [ 104.166865][ T3696] __se_sys_mount+0x91/0x2f0 [ 104.171461][ T3696] ? debug_smp_processor_id+0x18/0x20 [ 104.176823][ T3696] __x64_sys_mount+0x63/0x70 [ 104.181420][ T3696] do_syscall_64+0x44/0xd0 [ 104.185899][ T3696] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.191858][ T3696] RIP: 0033:0x7fbd63e3d3ca [ 104.196364][ T3696] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.216119][ T3696] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 104.224597][ T3696] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca 14:57:51 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 48) [ 104.232642][ T3696] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 104.240808][ T3696] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 104.248771][ T3696] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 104.256775][ T3696] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 104.264731][ T3696] [ 104.272978][ T2047] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 104.301815][ T3702] FAULT_INJECTION: forcing a failure. [ 104.301815][ T3702] name failslab, interval 1, probability 0, space 0, times 0 [ 104.314503][ T3702] CPU: 0 PID: 3702 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 104.323261][ T3702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.325792][ T3704] loop5: detected capacity change from 0 to 4 [ 104.333315][ T3702] Call Trace: [ 104.333325][ T3702] [ 104.333331][ T3702] dump_stack_lvl+0xd6/0x122 14:57:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:51 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:51 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 104.333356][ T3702] dump_stack+0x11/0x1b [ 104.333372][ T3702] should_fail+0x23c/0x250 [ 104.333431][ T3702] ? jbd2_journal_add_journal_head+0x6c/0x3a0 [ 104.349545][ T3708] loop1: detected capacity change from 0 to 1024 [ 104.350291][ T3702] __should_failslab+0x81/0x90 [ 104.355058][ T3706] loop0: detected capacity change from 0 to 4 [ 104.358842][ T3702] should_failslab+0x5/0x20 [ 104.358868][ T3702] kmem_cache_alloc+0x4f/0x320 [ 104.367244][ T3708] EXT4-fs (loop1): unsupported descriptor size 0 14:57:51 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1100, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:51 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 52) [ 104.371268][ T3702] jbd2_journal_add_journal_head+0x6c/0x3a0 [ 104.377438][ T3704] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 104.382072][ T3702] jbd2_journal_get_create_access+0x2c/0x290 [ 104.382157][ T3702] __ext4_journal_get_create_access+0x65/0x320 [ 104.388479][ T3706] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 104.391344][ T3702] ext4_getblk+0x22b/0x3e0 [ 104.436460][ T3702] ext4_bread+0x28/0x100 [ 104.440709][ T3702] ext4_append+0xd1/0x1c0 [ 104.445080][ T3702] ext4_init_new_dir+0x177/0x500 [ 104.446342][ T3712] FAULT_INJECTION: forcing a failure. [ 104.446342][ T3712] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.450122][ T3702] ext4_mkdir+0x329/0x760 [ 104.450148][ T3702] vfs_mkdir+0x2c8/0x3d0 [ 104.471665][ T3702] do_mkdirat+0x12e/0x2c0 [ 104.475985][ T3702] __x64_sys_mkdir+0x40/0x50 [ 104.480614][ T3702] do_syscall_64+0x44/0xd0 [ 104.485058][ T3702] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.490942][ T3702] RIP: 0033:0x7fbc8e8dcfa7 [ 104.495446][ T3702] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.515033][ T3702] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 104.523540][ T3702] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8dcfa7 [ 104.531498][ T3702] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 104.539465][ T3702] RBP: 00007fbc8da54020 R08: 0000000000000000 R09: 00007fbc8da541d0 [ 104.547421][ T3702] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 104.555414][ T3702] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 104.563434][ T3702] [ 104.566478][ T3712] CPU: 1 PID: 3712 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 104.566505][ T3702] ENOMEM in journal_alloc_journal_head, retrying. [ 104.567787][ T3710] loop2: detected capacity change from 0 to 8 [ 104.575267][ T3712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.575280][ T3712] Call Trace: [ 104.575287][ T3712] [ 104.575308][ T3712] dump_stack_lvl+0xd6/0x122 [ 104.608601][ T3712] dump_stack+0x11/0x1b [ 104.613203][ T3712] should_fail+0x23c/0x250 [ 104.617626][ T3712] should_fail_usercopy+0x16/0x20 [ 104.622656][ T3712] _copy_from_user+0x1c/0xd0 [ 104.627252][ T3712] memdup_user+0x5b/0xb0 [ 104.631489][ T3712] strndup_user+0x64/0xa0 [ 104.635804][ T3712] __se_sys_mount+0x91/0x2f0 [ 104.640482][ T3712] ? __this_cpu_preempt_check+0x18/0x20 [ 104.646029][ T3712] ? switch_fpu_return+0xc9/0x190 [ 104.651089][ T3712] __x64_sys_mount+0x63/0x70 [ 104.655680][ T3712] do_syscall_64+0x44/0xd0 [ 104.660093][ T3712] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.665971][ T3712] RIP: 0033:0x7fbd63e3d3ca [ 104.670563][ T3712] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.690179][ T3712] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:57:52 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1200, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:52 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 49) [ 104.698665][ T3712] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 104.707153][ T3712] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 104.715179][ T3712] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 104.723132][ T3712] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 104.731087][ T3712] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 104.739067][ T3712] 14:57:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 104.778286][ T3714] loop2: detected capacity change from 0 to 9 [ 104.794007][ T3716] FAULT_INJECTION: forcing a failure. [ 104.794007][ T3716] name failslab, interval 1, probability 0, space 0, times 0 [ 104.806995][ T3718] loop5: detected capacity change from 0 to 4 [ 104.813088][ T3716] CPU: 1 PID: 3716 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:52 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:52 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 53) 14:57:52 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 104.821845][ T3716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.826461][ T3722] loop0: detected capacity change from 0 to 4 [ 104.831898][ T3716] Call Trace: [ 104.831907][ T3716] [ 104.831914][ T3716] dump_stack_lvl+0xd6/0x122 [ 104.831938][ T3716] dump_stack+0x11/0x1b [ 104.841116][ T3718] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 104.841277][ T3716] should_fail+0x23c/0x250 [ 104.841305][ T3716] ? strndup_user+0x64/0xa0 [ 104.849665][ T3723] loop1: detected capacity change from 0 to 1024 [ 104.852916][ T3716] __should_failslab+0x81/0x90 [ 104.852956][ T3716] should_failslab+0x5/0x20 [ 104.852976][ T3716] __kmalloc_track_caller+0x6d/0x370 [ 104.869534][ T3723] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 104.870005][ T3716] ? lock_page_maybe_drop_mmap+0x200/0x200 [ 104.879612][ T3724] FAULT_INJECTION: forcing a failure. [ 104.879612][ T3724] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.881066][ T3716] memdup_user+0x22/0xb0 [ 104.920366][ T3716] strndup_user+0x64/0xa0 [ 104.924688][ T3716] __se_sys_mount+0x4e/0x2f0 [ 104.929343][ T3716] __x64_sys_mount+0x63/0x70 [ 104.933928][ T3716] do_syscall_64+0x44/0xd0 [ 104.938342][ T3716] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.944325][ T3716] RIP: 0033:0x7fbc8e8df3ca [ 104.948729][ T3716] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.968334][ T3716] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 104.976733][ T3716] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 104.984700][ T3716] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 104.992722][ T3716] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 105.000678][ T3716] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 105.008646][ T3716] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 105.016604][ T3716] [ 105.019606][ T3724] CPU: 0 PID: 3724 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 14:57:52 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 105.020820][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 105.028292][ T3724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.028304][ T3724] Call Trace: [ 105.028310][ T3724] [ 105.028316][ T3724] dump_stack_lvl+0xd6/0x122 [ 105.048541][ T3726] loop2: detected capacity change from 0 to 16 [ 105.049749][ T3724] dump_stack+0x11/0x1b [ 105.049779][ T3724] should_fail+0x23c/0x250 [ 105.071902][ T3724] should_fail_usercopy+0x16/0x20 [ 105.076947][ T3724] _copy_from_user+0x1c/0xd0 [ 105.081527][ T3724] memdup_user+0x5b/0xb0 [ 105.085771][ T3724] strndup_user+0x64/0xa0 [ 105.090145][ T3724] __se_sys_mount+0x91/0x2f0 [ 105.094793][ T3724] ? debug_smp_processor_id+0x18/0x20 [ 105.100170][ T3724] __x64_sys_mount+0x63/0x70 [ 105.105178][ T3724] do_syscall_64+0x44/0xd0 [ 105.109584][ T3724] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.115469][ T3724] RIP: 0033:0x7fbd63e3d3ca [ 105.119863][ T3724] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.139464][ T3724] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 105.147941][ T3724] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 105.155913][ T3724] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 105.163906][ T3724] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 105.171863][ T3724] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:57:52 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500", 0x63, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:52 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 50) 14:57:52 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2010, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 105.179837][ T3724] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 105.187802][ T3724] [ 105.207847][ T3728] loop5: detected capacity change from 0 to 4 [ 105.215294][ T3728] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) 14:57:52 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 54) [ 105.231729][ T3730] FAULT_INJECTION: forcing a failure. [ 105.231729][ T3730] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 105.244831][ T3730] CPU: 0 PID: 3730 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 105.253689][ T3730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.263744][ T3730] Call Trace: [ 105.266197][ T3733] FAULT_INJECTION: forcing a failure. [ 105.266197][ T3733] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 105.267022][ T3730] [ 105.267030][ T3730] dump_stack_lvl+0xd6/0x122 [ 105.287660][ T3730] dump_stack+0x11/0x1b [ 105.291850][ T3730] should_fail+0x23c/0x250 [ 105.296253][ T3730] should_fail_usercopy+0x16/0x20 [ 105.301261][ T3730] _copy_from_user+0x1c/0xd0 [ 105.305940][ T3730] memdup_user+0x5b/0xb0 [ 105.310168][ T3730] strndup_user+0x64/0xa0 [ 105.314484][ T3730] __se_sys_mount+0x4e/0x2f0 [ 105.319244][ T3730] __x64_sys_mount+0x63/0x70 [ 105.323818][ T3730] do_syscall_64+0x44/0xd0 [ 105.328261][ T3730] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.334139][ T3730] RIP: 0033:0x7fbc8e8df3ca [ 105.338537][ T3730] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.358269][ T3730] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 105.366681][ T3730] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 105.374689][ T3730] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 105.382718][ T3730] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 105.390675][ T3730] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 105.398665][ T3730] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 105.406625][ T3730] [ 105.409640][ T3733] CPU: 1 PID: 3733 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 105.418319][ T3733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:57:52 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 105.423920][ T3734] loop2: detected capacity change from 0 to 16 [ 105.428370][ T3733] Call Trace: [ 105.428378][ T3733] [ 105.428384][ T3733] dump_stack_lvl+0xd6/0x122 [ 105.428449][ T3733] dump_stack+0x11/0x1b [ 105.439479][ T3736] loop1: detected capacity change from 0 to 1024 [ 105.440767][ T3733] should_fail+0x23c/0x250 [ 105.446502][ T3736] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 105.449505][ T3733] should_fail_usercopy+0x16/0x20 [ 105.471694][ T3733] _copy_from_user+0x1c/0xd0 [ 105.476301][ T3733] __se_sys_mount+0x119/0x2f0 [ 105.481071][ T3733] ? __this_cpu_preempt_check+0x18/0x20 [ 105.486631][ T3733] ? switch_fpu_return+0xc9/0x190 [ 105.491738][ T3733] __x64_sys_mount+0x63/0x70 [ 105.496371][ T3733] do_syscall_64+0x44/0xd0 [ 105.500775][ T3733] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.506695][ T3733] RIP: 0033:0x7fbd63e3d3ca [ 105.511128][ T3733] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.530796][ T3733] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 105.539231][ T3733] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 105.547201][ T3733] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 105.555159][ T3733] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 105.563133][ T3733] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 105.571085][ T3733] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 105.579048][ T3733] 14:57:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500", 0x63, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:52 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 51) [ 105.588803][ T3738] loop0: detected capacity change from 0 to 4 14:57:52 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:52 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:52 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2200, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 105.630402][ T3740] FAULT_INJECTION: forcing a failure. [ 105.630402][ T3740] name failslab, interval 1, probability 0, space 0, times 0 [ 105.643265][ T3740] CPU: 1 PID: 3740 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 105.652030][ T3740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.659616][ T3743] loop1: detected capacity change from 0 to 1024 [ 105.662086][ T3740] Call Trace: [ 105.662096][ T3740] [ 105.662102][ T3740] dump_stack_lvl+0xd6/0x122 14:57:52 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 55) [ 105.662128][ T3740] dump_stack+0x11/0x1b [ 105.662146][ T3740] should_fail+0x23c/0x250 [ 105.669551][ T3743] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 105.671736][ T3740] ? strndup_user+0x64/0xa0 [ 105.682463][ T3745] loop2: detected capacity change from 0 to 17 [ 105.683393][ T3740] __should_failslab+0x81/0x90 [ 105.683421][ T3740] should_failslab+0x5/0x20 [ 105.698739][ T3747] loop5: detected capacity change from 0 to 4 [ 105.698772][ T3740] __kmalloc_track_caller+0x6d/0x370 [ 105.706029][ T3747] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 105.709724][ T3740] memdup_user+0x22/0xb0 [ 105.716075][ T3748] FAULT_INJECTION: forcing a failure. [ 105.716075][ T3748] name failslab, interval 1, probability 0, space 0, times 0 [ 105.720280][ T3740] strndup_user+0x64/0xa0 [ 105.720307][ T3740] __se_sys_mount+0x91/0x2f0 [ 105.720338][ T3740] __x64_sys_mount+0x63/0x70 [ 105.763974][ T3740] do_syscall_64+0x44/0xd0 [ 105.768385][ T3740] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.774274][ T3740] RIP: 0033:0x7fbc8e8df3ca [ 105.778860][ T3740] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.798510][ T3740] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 105.806929][ T3740] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 105.814884][ T3740] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 105.822846][ T3740] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 105.830810][ T3740] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 105.838803][ T3740] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 105.846836][ T3740] [ 105.849843][ T3748] CPU: 0 PID: 3748 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 105.858564][ T3748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.868622][ T3748] Call Trace: [ 105.871894][ T3748] [ 105.874817][ T3748] dump_stack_lvl+0xd6/0x122 [ 105.879412][ T3748] dump_stack+0x11/0x1b [ 105.883556][ T3748] should_fail+0x23c/0x250 [ 105.887955][ T3748] ? __se_sys_mount+0xf7/0x2f0 [ 105.892701][ T3748] __should_failslab+0x81/0x90 [ 105.897540][ T3748] should_failslab+0x5/0x20 [ 105.902051][ T3748] kmem_cache_alloc_trace+0x52/0x350 [ 105.907333][ T3748] ? memdup_user+0x96/0xb0 [ 105.911753][ T3748] __se_sys_mount+0xf7/0x2f0 [ 105.916399][ T3748] ? debug_smp_processor_id+0x18/0x20 [ 105.921862][ T3748] __x64_sys_mount+0x63/0x70 [ 105.926513][ T3748] do_syscall_64+0x44/0xd0 [ 105.931049][ T3748] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.936970][ T3748] RIP: 0033:0x7fbd63e3d3ca [ 105.941363][ T3748] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.960958][ T3748] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 105.969417][ T3748] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca 14:57:53 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3f00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:53 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:53 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 52) [ 105.977384][ T3748] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 105.985338][ T3748] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 105.993299][ T3748] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 106.001261][ T3748] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 106.009233][ T3748] [ 106.039198][ T3752] loop2: detected capacity change from 0 to 31 [ 106.046271][ T3753] loop1: detected capacity change from 0 to 1024 [ 106.053614][ T3754] FAULT_INJECTION: forcing a failure. [ 106.053614][ T3754] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 106.066709][ T3754] CPU: 1 PID: 3754 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 106.071866][ T3756] loop0: detected capacity change from 0 to 4 14:57:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500", 0x63, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 106.075386][ T3754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.075400][ T3754] Call Trace: [ 106.075405][ T3754] [ 106.075412][ T3754] dump_stack_lvl+0xd6/0x122 [ 106.100305][ T3758] loop5: detected capacity change from 0 to 4 [ 106.102413][ T3754] dump_stack+0x11/0x1b [ 106.112106][ T3753] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 106.112630][ T3754] should_fail+0x23c/0x250 [ 106.112654][ T3754] should_fail_usercopy+0x16/0x20 [ 106.121454][ T3758] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) 14:57:53 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:53 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 56) [ 106.123524][ T3754] _copy_from_user+0x1c/0xd0 [ 106.123553][ T3754] memdup_user+0x5b/0xb0 [ 106.145544][ T3754] strndup_user+0x64/0xa0 [ 106.150009][ T3754] __se_sys_mount+0x91/0x2f0 [ 106.151958][ T3760] FAULT_INJECTION: forcing a failure. [ 106.151958][ T3760] name failslab, interval 1, probability 0, space 0, times 0 [ 106.154661][ T3754] __x64_sys_mount+0x63/0x70 [ 106.154687][ T3754] do_syscall_64+0x44/0xd0 [ 106.176352][ T3754] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.182242][ T3754] RIP: 0033:0x7fbc8e8df3ca [ 106.186649][ T3754] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.206361][ T3754] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 106.214760][ T3754] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 106.222758][ T3754] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 106.230800][ T3754] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 106.238766][ T3754] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 106.246768][ T3754] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 106.254726][ T3754] [ 106.257727][ T3760] CPU: 0 PID: 3760 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 106.266552][ T3760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.276620][ T3760] Call Trace: [ 106.279896][ T3760] [ 106.282809][ T3760] dump_stack_lvl+0xd6/0x122 [ 106.287435][ T3760] dump_stack+0x11/0x1b [ 106.291603][ T3760] should_fail+0x23c/0x250 [ 106.296022][ T3760] ? getname_flags+0x84/0x3f0 [ 106.300701][ T3760] __should_failslab+0x81/0x90 [ 106.305768][ T3760] should_failslab+0x5/0x20 [ 106.310350][ T3760] kmem_cache_alloc+0x4f/0x320 [ 106.315167][ T3760] getname_flags+0x84/0x3f0 [ 106.319694][ T3760] ? should_fail+0xd6/0x250 [ 106.324178][ T3760] user_path_at_empty+0x28/0x110 [ 106.329100][ T3760] __se_sys_mount+0x217/0x2f0 [ 106.333812][ T3760] ? __this_cpu_preempt_check+0x18/0x20 [ 106.339411][ T3760] __x64_sys_mount+0x63/0x70 [ 106.343982][ T3760] do_syscall_64+0x44/0xd0 [ 106.348452][ T3760] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.354332][ T3760] RIP: 0033:0x7fbd63e3d3ca [ 106.358743][ T3760] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.378334][ T3760] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 106.386780][ T3760] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 106.394755][ T3760] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 106.402816][ T3760] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 106.410875][ T3760] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 106.418862][ T3760] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 106.426817][ T3760] [ 106.430092][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:53 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:53 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b", 0x65, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:53 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4800, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 106.446272][ T3762] loop2: detected capacity change from 0 to 32 [ 106.476360][ T3764] loop1: detected capacity change from 0 to 1024 14:57:53 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 57) 14:57:53 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 53) [ 106.491017][ T3766] loop5: detected capacity change from 0 to 4 [ 106.498063][ T3764] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 106.508939][ T3766] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 106.522982][ T3770] loop2: detected capacity change from 0 to 36 [ 106.523512][ T3774] loop0: detected capacity change from 0 to 4 [ 106.530968][ T3771] FAULT_INJECTION: forcing a failure. [ 106.530968][ T3771] name failslab, interval 1, probability 0, space 0, times 0 [ 106.539156][ T3772] FAULT_INJECTION: forcing a failure. [ 106.539156][ T3772] name failslab, interval 1, probability 0, space 0, times 0 [ 106.547898][ T3771] CPU: 1 PID: 3771 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 106.547923][ T3771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.547933][ T3771] Call Trace: [ 106.582447][ T3771] [ 106.585365][ T3771] dump_stack_lvl+0xd6/0x122 [ 106.589958][ T3771] dump_stack+0x11/0x1b [ 106.594095][ T3771] should_fail+0x23c/0x250 [ 106.598501][ T3771] ? __se_sys_mount+0xf7/0x2f0 [ 106.603275][ T3771] __should_failslab+0x81/0x90 [ 106.608035][ T3771] should_failslab+0x5/0x20 [ 106.612537][ T3771] kmem_cache_alloc_trace+0x52/0x350 [ 106.617810][ T3771] ? memdup_user+0x96/0xb0 [ 106.622214][ T3771] __se_sys_mount+0xf7/0x2f0 [ 106.626799][ T3771] __x64_sys_mount+0x63/0x70 [ 106.631372][ T3771] do_syscall_64+0x44/0xd0 [ 106.635829][ T3771] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.641736][ T3771] RIP: 0033:0x7fbc8e8df3ca [ 106.646248][ T3771] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.665869][ T3771] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 106.674386][ T3771] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 106.682375][ T3771] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 106.690382][ T3771] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 106.698391][ T3771] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 106.706419][ T3771] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 106.714399][ T3771] [ 106.717400][ T3772] CPU: 0 PID: 3772 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 106.726110][ T3772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.736149][ T3772] Call Trace: [ 106.739414][ T3772] [ 106.742325][ T3772] dump_stack_lvl+0xd6/0x122 [ 106.746984][ T3772] dump_stack+0x11/0x1b [ 106.751180][ T3772] should_fail+0x23c/0x250 [ 106.755626][ T3772] ? alloc_fs_context+0x46/0x500 [ 106.760550][ T3772] __should_failslab+0x81/0x90 [ 106.765319][ T3772] should_failslab+0x5/0x20 [ 106.769830][ T3772] kmem_cache_alloc_trace+0x52/0x350 [ 106.775179][ T3772] alloc_fs_context+0x46/0x500 [ 106.779925][ T3772] ? strncmp+0x34/0x70 [ 106.784056][ T3772] fs_context_for_mount+0x1d/0x20 [ 106.789067][ T3772] path_mount+0xdf0/0x1c40 [ 106.793484][ T3772] ? kmem_cache_free+0x65/0x110 [ 106.798321][ T3772] __se_sys_mount+0x24b/0x2f0 [ 106.802989][ T3772] ? __this_cpu_preempt_check+0x18/0x20 [ 106.808552][ T3772] __x64_sys_mount+0x63/0x70 [ 106.813132][ T3772] do_syscall_64+0x44/0xd0 [ 106.817561][ T3772] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.823450][ T3772] RIP: 0033:0x7fbd63e3d3ca [ 106.827852][ T3772] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.847448][ T3772] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 106.855853][ T3772] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 106.863897][ T3772] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 106.871849][ T3772] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 106.879910][ T3772] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 106.887936][ T3772] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 14:57:54 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 106.895895][ T3772] 14:57:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b", 0x65, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:54 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4c00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:54 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:54 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 54) [ 106.920394][ T3776] loop1: detected capacity change from 0 to 1024 [ 106.927659][ T3776] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 106.948767][ T3779] loop5: detected capacity change from 0 to 4 [ 106.955315][ T3780] loop2: detected capacity change from 0 to 38 14:57:54 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 58) [ 106.966277][ T3782] loop0: detected capacity change from 0 to 4 [ 106.979014][ T3784] FAULT_INJECTION: forcing a failure. [ 106.979014][ T3784] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 106.992100][ T3784] CPU: 0 PID: 3784 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 106.992782][ T3779] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 107.000771][ T3784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.000785][ T3784] Call Trace: [ 107.015818][ T3786] FAULT_INJECTION: forcing a failure. [ 107.015818][ T3786] name failslab, interval 1, probability 0, space 0, times 0 [ 107.018998][ T3784] [ 107.019007][ T3784] dump_stack_lvl+0xd6/0x122 [ 107.042549][ T3784] dump_stack+0x11/0x1b [ 107.046708][ T3784] should_fail+0x23c/0x250 [ 107.051119][ T3784] should_fail_usercopy+0x16/0x20 [ 107.056140][ T3784] _copy_from_user+0x1c/0xd0 [ 107.060719][ T3784] __se_sys_mount+0x119/0x2f0 [ 107.065406][ T3784] __x64_sys_mount+0x63/0x70 [ 107.069994][ T3784] do_syscall_64+0x44/0xd0 [ 107.074427][ T3784] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.080412][ T3784] RIP: 0033:0x7fbc8e8df3ca [ 107.084875][ T3784] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.104844][ T3784] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 107.113329][ T3784] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca 14:57:54 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 107.121283][ T3784] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 107.129302][ T3784] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 107.137272][ T3784] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 107.145248][ T3784] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 107.153208][ T3784] [ 107.156262][ T3786] CPU: 1 PID: 3786 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 107.164957][ T3786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.169947][ T3788] loop1: detected capacity change from 0 to 1024 [ 107.175005][ T3786] Call Trace: [ 107.175013][ T3786] [ 107.175019][ T3786] dump_stack_lvl+0xd6/0x122 [ 107.175048][ T3786] dump_stack+0x11/0x1b [ 107.175136][ T3786] should_fail+0x23c/0x250 [ 107.182689][ T3788] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 107.184720][ T3786] ? legacy_init_fs_context+0x2d/0x70 [ 107.212664][ T3786] __should_failslab+0x81/0x90 [ 107.217422][ T3786] should_failslab+0x5/0x20 [ 107.221917][ T3786] kmem_cache_alloc_trace+0x52/0x350 [ 107.227310][ T3786] ? kmem_cache_alloc_trace+0x24b/0x350 [ 107.232880][ T3786] legacy_init_fs_context+0x2d/0x70 [ 107.238076][ T3786] alloc_fs_context+0x419/0x500 [ 107.242914][ T3786] fs_context_for_mount+0x1d/0x20 [ 107.248073][ T3786] path_mount+0xdf0/0x1c40 [ 107.253096][ T3786] ? kmem_cache_free+0x65/0x110 [ 107.257992][ T3786] __se_sys_mount+0x24b/0x2f0 [ 107.262673][ T3786] __x64_sys_mount+0x63/0x70 [ 107.267259][ T3786] do_syscall_64+0x44/0xd0 [ 107.271660][ T3786] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.277657][ T3786] RIP: 0033:0x7fbd63e3d3ca [ 107.282087][ T3786] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.301679][ T3786] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 107.310129][ T3786] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca 14:57:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b", 0x65, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:54 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:54 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6800, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:54 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 55) [ 107.318088][ T3786] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 107.326114][ T3786] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 107.334070][ T3786] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 107.342046][ T3786] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 107.350012][ T3786] [ 107.362937][ T1912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:54 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 59) 14:57:54 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 107.410472][ T3795] loop5: detected capacity change from 0 to 4 [ 107.413712][ T3796] FAULT_INJECTION: forcing a failure. [ 107.413712][ T3796] name failslab, interval 1, probability 0, space 0, times 0 [ 107.416849][ T3793] loop0: detected capacity change from 0 to 4 [ 107.429392][ T3796] CPU: 1 PID: 3796 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 107.444107][ T3796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.453425][ T3795] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 107.454153][ T3796] Call Trace: [ 107.454161][ T3796] [ 107.466521][ T3794] loop2: detected capacity change from 0 to 52 [ 107.468490][ T3796] dump_stack_lvl+0xd6/0x122 [ 107.468522][ T3796] dump_stack+0x11/0x1b [ 107.483358][ T3796] should_fail+0x23c/0x250 [ 107.487779][ T3796] ? getname_flags+0x84/0x3f0 [ 107.490597][ T3799] FAULT_INJECTION: forcing a failure. [ 107.490597][ T3799] name failslab, interval 1, probability 0, space 0, times 0 [ 107.492460][ T3796] __should_failslab+0x81/0x90 [ 107.492487][ T3796] should_failslab+0x5/0x20 [ 107.514316][ T3796] kmem_cache_alloc+0x4f/0x320 [ 107.519085][ T3796] getname_flags+0x84/0x3f0 [ 107.523596][ T3796] ? should_fail+0xd6/0x250 [ 107.528091][ T3796] user_path_at_empty+0x28/0x110 [ 107.533042][ T3796] __se_sys_mount+0x217/0x2f0 [ 107.537703][ T3796] __x64_sys_mount+0x63/0x70 [ 107.542280][ T3796] do_syscall_64+0x44/0xd0 [ 107.546703][ T3796] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.552590][ T3796] RIP: 0033:0x7fbc8e8df3ca [ 107.556988][ T3796] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.576606][ T3796] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 107.585211][ T3796] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 107.593165][ T3796] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 107.601123][ T3796] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 107.609078][ T3796] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 107.617056][ T3796] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 107.625022][ T3796] [ 107.628061][ T3799] CPU: 0 PID: 3799 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 107.628710][ T3800] loop1: detected capacity change from 0 to 1024 [ 107.636741][ T3799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.636754][ T3799] Call Trace: [ 107.636760][ T3799] [ 107.636766][ T3799] dump_stack_lvl+0xd6/0x122 [ 107.636792][ T3799] dump_stack+0x11/0x1b [ 107.646237][ T3800] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 107.653127][ T3799] should_fail+0x23c/0x250 [ 107.653151][ T3799] ? legacy_init_fs_context+0x2d/0x70 [ 107.653170][ T3799] __should_failslab+0x81/0x90 [ 107.689095][ T3799] should_failslab+0x5/0x20 [ 107.693615][ T3799] kmem_cache_alloc_trace+0x52/0x350 [ 107.699043][ T3799] ? kmem_cache_alloc_trace+0x24b/0x350 [ 107.704621][ T3799] legacy_init_fs_context+0x2d/0x70 [ 107.709820][ T3799] alloc_fs_context+0x419/0x500 [ 107.714709][ T3799] fs_context_for_mount+0x1d/0x20 [ 107.719799][ T3799] path_mount+0xdf0/0x1c40 [ 107.724264][ T3799] ? kmem_cache_free+0x65/0x110 [ 107.729099][ T3799] __se_sys_mount+0x24b/0x2f0 [ 107.733762][ T3799] ? __this_cpu_preempt_check+0x18/0x20 [ 107.739343][ T3799] __x64_sys_mount+0x63/0x70 [ 107.743974][ T3799] do_syscall_64+0x44/0xd0 [ 107.748378][ T3799] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.754343][ T3799] RIP: 0033:0x7fbd63e3d3ca [ 107.758742][ T3799] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.778345][ T3799] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 107.786739][ T3799] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 107.794694][ T3799] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 107.802703][ T3799] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 14:57:55 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:55 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 56) [ 107.810730][ T3799] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 107.818829][ T3799] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 107.826864][ T3799] [ 107.830420][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:55 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6c00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) [ 107.858829][ T3802] loop1: detected capacity change from 0 to 1024 [ 107.884289][ T3804] FAULT_INJECTION: forcing a failure. [ 107.884289][ T3804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 107.887664][ T3802] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 107.897377][ T3804] CPU: 0 PID: 3804 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 107.912507][ T3804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.915939][ T3809] loop5: detected capacity change from 0 to 4 [ 107.922559][ T3804] Call Trace: 14:57:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:57:55 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 60) [ 107.922566][ T3804] [ 107.922572][ T3804] dump_stack_lvl+0xd6/0x122 [ 107.922597][ T3804] dump_stack+0x11/0x1b [ 107.943315][ T3809] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 107.943637][ T3804] should_fail+0x23c/0x250 [ 107.954534][ T3804] should_fail_usercopy+0x16/0x20 [ 107.959640][ T3804] strncpy_from_user+0x21/0x250 [ 107.964547][ T3804] getname_flags+0xb8/0x3f0 [ 107.969049][ T3804] ? should_fail+0xd6/0x250 [ 107.973231][ T3812] loop2: detected capacity change from 0 to 54 [ 107.973550][ T3804] user_path_at_empty+0x28/0x110 [ 107.973573][ T3804] __se_sys_mount+0x217/0x2f0 [ 107.989384][ T3804] __x64_sys_mount+0x63/0x70 [ 107.990347][ T3814] FAULT_INJECTION: forcing a failure. [ 107.990347][ T3814] name failslab, interval 1, probability 0, space 0, times 0 [ 107.993973][ T3804] do_syscall_64+0x44/0xd0 [ 107.993998][ T3804] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.016880][ T3804] RIP: 0033:0x7fbc8e8df3ca [ 108.021282][ T3804] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.041020][ T3804] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 108.049439][ T3804] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 108.057471][ T3804] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 108.065428][ T3804] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 108.073384][ T3804] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:57:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:57:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}], 0x0, &(0x7f0000012b00)) [ 108.081421][ T3804] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 108.089383][ T3804] [ 108.092387][ T3814] CPU: 1 PID: 3814 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 108.101156][ T3814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.111245][ T3814] Call Trace: [ 108.114519][ T3814] [ 108.117443][ T3814] dump_stack_lvl+0xd6/0x122 [ 108.122044][ T3814] dump_stack+0x11/0x1b [ 108.123930][ T3818] loop0: detected capacity change from 0 to 4 [ 108.126201][ T3814] should_fail+0x23c/0x250 [ 108.126222][ T3814] ? msdos_mount+0x40/0x40 [ 108.133818][ T3818] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 108.136698][ T3814] ? getname_kernel+0x37/0x1d0 [ 108.136721][ T3814] __should_failslab+0x81/0x90 [ 108.158737][ T3814] should_failslab+0x5/0x20 [ 108.163245][ T3814] kmem_cache_alloc+0x4f/0x320 [ 108.168004][ T3814] ? avc_has_perm_noaudit+0x1c0/0x270 [ 108.173392][ T3814] ? msdos_mount+0x40/0x40 [ 108.177907][ T3814] getname_kernel+0x37/0x1d0 [ 108.182484][ T3814] ? msdos_mount+0x40/0x40 [ 108.186969][ T3814] kern_path+0x1d/0x100 [ 108.191255][ T3814] ? msdos_mount+0x40/0x40 [ 108.195669][ T3814] blkdev_get_by_path+0x63/0x220 [ 108.200631][ T3814] mount_bdev+0x47/0x290 [ 108.204867][ T3814] ? tsan.module_ctor+0x10/0x10 [ 108.209790][ T3814] msdos_mount+0x2d/0x40 [ 108.214054][ T3814] legacy_get_tree+0x70/0xc0 [ 108.218625][ T3814] vfs_get_tree+0x4a/0x1a0 [ 108.223059][ T3814] path_mount+0x11cf/0x1c40 [ 108.227557][ T3814] ? kmem_cache_free+0x65/0x110 [ 108.232392][ T3814] __se_sys_mount+0x24b/0x2f0 [ 108.237073][ T3814] ? __this_cpu_preempt_check+0x18/0x20 [ 108.242607][ T3814] __x64_sys_mount+0x63/0x70 [ 108.247221][ T3814] do_syscall_64+0x44/0xd0 [ 108.251645][ T3814] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.257529][ T3814] RIP: 0033:0x7fbd63e3d3ca [ 108.261953][ T3814] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.281594][ T3814] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 108.289993][ T3814] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 108.297991][ T3814] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 108.305982][ T3814] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 108.313949][ T3814] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 108.321925][ T3814] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 108.329878][ T3814] 14:57:55 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f465", 0x33, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:55 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7400, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012b00)) 14:57:55 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 57) [ 108.342535][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.355559][ T3820] loop1: detected capacity change from 0 to 1024 [ 108.363444][ T3820] EXT4-fs (loop1): VFS: Can't find ext4 filesystem 14:57:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:55 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 61) [ 108.396861][ T3822] loop2: detected capacity change from 0 to 58 [ 108.411460][ T3824] loop5: detected capacity change from 0 to 4 [ 108.419673][ T3824] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 108.425599][ T3829] FAULT_INJECTION: forcing a failure. [ 108.425599][ T3829] name failslab, interval 1, probability 0, space 0, times 0 [ 108.438894][ T3829] CPU: 0 PID: 3829 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 108.439841][ T3830] FAULT_INJECTION: forcing a failure. [ 108.439841][ T3830] name failslab, interval 1, probability 0, space 0, times 0 [ 108.447719][ T3829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.447733][ T3829] Call Trace: [ 108.447739][ T3829] [ 108.447745][ T3829] dump_stack_lvl+0xd6/0x122 [ 108.447783][ T3829] dump_stack+0x11/0x1b [ 108.485230][ T3829] should_fail+0x23c/0x250 [ 108.489636][ T3829] ? alloc_super+0x3a/0x520 [ 108.494141][ T3829] __should_failslab+0x81/0x90 [ 108.498931][ T3829] should_failslab+0x5/0x20 [ 108.503417][ T3829] kmem_cache_alloc_trace+0x52/0x350 [ 108.508692][ T3829] ? preempt_count_add+0x4e/0x90 [ 108.513692][ T3829] ? mount_bdev+0x290/0x290 [ 108.518177][ T3829] alloc_super+0x3a/0x520 [ 108.522564][ T3829] ? mount_bdev+0x290/0x290 [ 108.527057][ T3829] sget+0x189/0x370 [ 108.530908][ T3829] ? test_bdev_super+0x30/0x30 [ 108.535656][ T3829] mount_bdev+0xd3/0x290 [ 108.539882][ T3829] ? msdos_mount+0x40/0x40 [ 108.544348][ T3829] ? tsan.module_ctor+0x10/0x10 [ 108.549242][ T3829] msdos_mount+0x2d/0x40 [ 108.553565][ T3829] legacy_get_tree+0x70/0xc0 [ 108.558135][ T3829] vfs_get_tree+0x4a/0x1a0 [ 108.562579][ T3829] path_mount+0x11cf/0x1c40 [ 108.567067][ T3829] ? kmem_cache_free+0x65/0x110 [ 108.571899][ T3829] __se_sys_mount+0x24b/0x2f0 [ 108.576627][ T3829] ? __this_cpu_preempt_check+0x18/0x20 [ 108.582227][ T3829] __x64_sys_mount+0x63/0x70 [ 108.586799][ T3829] do_syscall_64+0x44/0xd0 [ 108.591274][ T3829] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.597177][ T3829] RIP: 0033:0x7fbd63e3d3ca [ 108.601574][ T3829] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.621209][ T3829] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 108.629669][ T3829] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 108.637634][ T3829] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 108.645672][ T3829] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 108.653653][ T3829] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 108.661636][ T3829] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 108.669601][ T3829] [ 108.672639][ T3830] CPU: 1 PID: 3830 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 108.675654][ T3828] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 108.681314][ T3830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:57:55 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f465", 0x33, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 108.681338][ T3830] Call Trace: [ 108.681354][ T3830] [ 108.681360][ T3830] dump_stack_lvl+0xd6/0x122 [ 108.681397][ T3830] dump_stack+0x11/0x1b [ 108.681416][ T3830] should_fail+0x23c/0x250 [ 108.681436][ T3830] ? alloc_fs_context+0x46/0x500 [ 108.681452][ T3830] __should_failslab+0x81/0x90 [ 108.681470][ T3830] should_failslab+0x5/0x20 [ 108.712035][ T3832] loop1: detected capacity change from 0 to 1024 [ 108.712902][ T3830] kmem_cache_alloc_trace+0x52/0x350 [ 108.718179][ T3832] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 108.722253][ T3830] alloc_fs_context+0x46/0x500 [ 108.754423][ T3830] ? strncmp+0x34/0x70 [ 108.758528][ T3830] fs_context_for_mount+0x1d/0x20 [ 108.763532][ T3830] path_mount+0xdf0/0x1c40 [ 108.768104][ T3830] ? kmem_cache_free+0x65/0x110 [ 108.773328][ T3830] __se_sys_mount+0x24b/0x2f0 [ 108.778021][ T3830] __x64_sys_mount+0x63/0x70 [ 108.782588][ T3830] do_syscall_64+0x44/0xd0 [ 108.787184][ T3830] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.793143][ T3830] RIP: 0033:0x7fbc8e8df3ca [ 108.797665][ T3830] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.817482][ T3830] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 108.825883][ T3830] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 108.833937][ T3830] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 14:57:56 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7a00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 108.841886][ T3830] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 108.849889][ T3830] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 108.857849][ T3830] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 108.865812][ T3830] [ 108.884127][ T3834] loop2: detected capacity change from 0 to 61 14:57:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012b00)) 14:57:56 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 58) 14:57:56 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f465", 0x33, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:56 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 62) [ 108.891597][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.948126][ T3840] loop5: detected capacity change from 0 to 4 [ 108.948219][ T3839] FAULT_INJECTION: forcing a failure. [ 108.948219][ T3839] name failslab, interval 1, probability 0, space 0, times 0 [ 108.966309][ T3838] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 108.966936][ T3839] CPU: 0 PID: 3839 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 108.966963][ T3839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.966973][ T3839] Call Trace: [ 108.966979][ T3839] [ 108.966985][ T3839] dump_stack_lvl+0xd6/0x122 [ 108.976870][ T3840] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 108.982119][ T3839] dump_stack+0x11/0x1b [ 108.982201][ T3839] should_fail+0x23c/0x250 [ 108.982219][ T3839] ? kzalloc+0x1d/0x30 [ 108.982241][ T3839] __should_failslab+0x81/0x90 [ 109.005616][ T3842] loop1: detected capacity change from 0 to 1024 [ 109.009544][ T3839] should_failslab+0x5/0x20 [ 109.016904][ T3842] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 109.018165][ T3839] __kmalloc+0x6f/0x370 [ 109.026873][ T3844] FAULT_INJECTION: forcing a failure. [ 109.026873][ T3844] name failslab, interval 1, probability 0, space 0, times 0 [ 109.026966][ T3839] kzalloc+0x1d/0x30 [ 109.027085][ T3839] security_sb_alloc+0x3c/0x180 [ 109.069775][ T3839] alloc_super+0x10b/0x520 [ 109.074367][ T3839] ? mount_bdev+0x290/0x290 [ 109.078854][ T3839] sget+0x189/0x370 [ 109.082679][ T3839] ? test_bdev_super+0x30/0x30 [ 109.087426][ T3839] mount_bdev+0xd3/0x290 [ 109.091656][ T3839] ? msdos_mount+0x40/0x40 [ 109.096068][ T3839] ? tsan.module_ctor+0x10/0x10 [ 109.100905][ T3839] msdos_mount+0x2d/0x40 [ 109.105178][ T3839] legacy_get_tree+0x70/0xc0 [ 109.109772][ T3839] vfs_get_tree+0x4a/0x1a0 [ 109.114169][ T3839] path_mount+0x11cf/0x1c40 [ 109.118655][ T3839] ? kmem_cache_free+0x65/0x110 [ 109.123493][ T3839] __se_sys_mount+0x24b/0x2f0 [ 109.128152][ T3839] __x64_sys_mount+0x63/0x70 [ 109.132723][ T3839] do_syscall_64+0x44/0xd0 [ 109.137123][ T3839] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.143018][ T3839] RIP: 0033:0x7fbd63e3d3ca [ 109.147426][ T3839] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.167026][ T3839] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 109.175507][ T3839] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 109.183495][ T3839] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 109.191447][ T3839] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 14:57:56 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9c05, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 109.199399][ T3839] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 109.207356][ T3839] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 109.215375][ T3839] [ 109.218381][ T3844] CPU: 1 PID: 3844 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 109.227135][ T3844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.230528][ T3846] loop2: detected capacity change from 0 to 78 [ 109.237182][ T3844] Call Trace: [ 109.237191][ T3844] [ 109.237198][ T3844] dump_stack_lvl+0xd6/0x122 [ 109.237223][ T3844] dump_stack+0x11/0x1b [ 109.258257][ T3844] should_fail+0x23c/0x250 [ 109.262660][ T3844] ? legacy_init_fs_context+0x2d/0x70 [ 109.268048][ T3844] __should_failslab+0x81/0x90 [ 109.272789][ T3844] should_failslab+0x5/0x20 [ 109.277272][ T3844] kmem_cache_alloc_trace+0x52/0x350 [ 109.282540][ T3844] ? kmem_cache_alloc_trace+0x24b/0x350 [ 109.288150][ T3844] legacy_init_fs_context+0x2d/0x70 [ 109.293403][ T3844] alloc_fs_context+0x419/0x500 [ 109.298296][ T3844] fs_context_for_mount+0x1d/0x20 [ 109.303360][ T3844] path_mount+0xdf0/0x1c40 [ 109.307829][ T3844] ? kmem_cache_free+0x65/0x110 [ 109.312752][ T3844] __se_sys_mount+0x24b/0x2f0 [ 109.317445][ T3844] __x64_sys_mount+0x63/0x70 [ 109.322020][ T3844] do_syscall_64+0x44/0xd0 [ 109.326491][ T3844] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.332395][ T3844] RIP: 0033:0x7fbc8e8df3ca [ 109.336797][ T3844] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.356499][ T3844] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 109.364982][ T3844] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 109.373013][ T3844] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 109.380964][ T3844] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 109.388918][ T3844] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:57:56 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 63) [ 109.396997][ T3844] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 109.404951][ T3844] [ 109.427660][ T3848] FAULT_INJECTION: forcing a failure. [ 109.427660][ T3848] name failslab, interval 1, probability 0, space 0, times 0 [ 109.440295][ T3848] CPU: 1 PID: 3848 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 109.448952][ T3848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.458678][ T3850] loop2: detected capacity change from 0 to 97 [ 109.459000][ T3848] Call Trace: [ 109.459008][ T3848] [ 109.459015][ T3848] dump_stack_lvl+0xd6/0x122 [ 109.475913][ T3848] dump_stack+0x11/0x1b [ 109.480089][ T3848] should_fail+0x23c/0x250 [ 109.484507][ T3848] ? __list_lru_init+0x70/0x6d0 [ 109.484672][ T3852] FAULT_INJECTION: forcing a failure. [ 109.484672][ T3852] name failslab, interval 1, probability 0, space 0, times 0 [ 109.489358][ T3848] __should_failslab+0x81/0x90 [ 109.489385][ T3848] should_failslab+0x5/0x20 [ 109.511275][ T3848] __kmalloc+0x6f/0x370 [ 109.515425][ T3848] ? prealloc_memcg_shrinker+0x444/0x460 [ 109.521043][ T3848] __list_lru_init+0x70/0x6d0 [ 109.525764][ T3848] alloc_super+0x490/0x520 [ 109.530236][ T3848] ? mount_bdev+0x290/0x290 [ 109.534719][ T3848] sget+0x189/0x370 [ 109.538544][ T3848] ? test_bdev_super+0x30/0x30 [ 109.543290][ T3848] mount_bdev+0xd3/0x290 [ 109.547555][ T3848] ? msdos_mount+0x40/0x40 [ 109.551957][ T3848] ? tsan.module_ctor+0x10/0x10 [ 109.556823][ T3848] msdos_mount+0x2d/0x40 [ 109.561114][ T3848] legacy_get_tree+0x70/0xc0 [ 109.565684][ T3848] vfs_get_tree+0x4a/0x1a0 [ 109.570085][ T3848] path_mount+0x11cf/0x1c40 [ 109.574570][ T3848] ? kmem_cache_free+0x65/0x110 [ 109.579407][ T3848] __se_sys_mount+0x24b/0x2f0 [ 109.584067][ T3848] ? __this_cpu_preempt_check+0x18/0x20 [ 109.589602][ T3848] __x64_sys_mount+0x63/0x70 [ 109.594176][ T3848] do_syscall_64+0x44/0xd0 [ 109.598577][ T3848] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.604470][ T3848] RIP: 0033:0x7fbd63e3d3ca [ 109.608937][ T3848] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.628528][ T3848] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 109.636992][ T3848] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca 14:57:56 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc205, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:56 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 59) [ 109.644946][ T3848] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 109.652898][ T3848] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 109.660928][ T3848] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 109.668922][ T3848] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 109.676881][ T3848] [ 109.679887][ T3852] CPU: 0 PID: 3852 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 109.688560][ T3852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.698686][ T3852] Call Trace: [ 109.701955][ T3852] [ 109.704869][ T3852] dump_stack_lvl+0xd6/0x122 [ 109.709513][ T3852] dump_stack+0x11/0x1b [ 109.713652][ T3852] should_fail+0x23c/0x250 [ 109.718050][ T3852] ? vfs_parse_fs_string+0x6d/0xd0 [ 109.723144][ T3852] __should_failslab+0x81/0x90 [ 109.727982][ T3852] should_failslab+0x5/0x20 [ 109.732513][ T3852] __kmalloc_track_caller+0x6d/0x370 [ 109.737787][ T3852] kmemdup_nul+0x27/0x70 [ 109.742056][ T3852] vfs_parse_fs_string+0x6d/0xd0 [ 109.746976][ T3852] path_mount+0xf94/0x1c40 [ 109.751378][ T3852] ? kmem_cache_free+0x65/0x110 [ 109.756214][ T3852] __se_sys_mount+0x24b/0x2f0 [ 109.760895][ T3852] __x64_sys_mount+0x63/0x70 [ 109.765545][ T3852] do_syscall_64+0x44/0xd0 [ 109.769947][ T3852] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.775833][ T3852] RIP: 0033:0x7fbc8e8df3ca [ 109.780263][ T3852] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:57:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, 0x0) 14:57:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012b00)) 14:57:57 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 109.799857][ T3852] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 109.808451][ T3852] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 109.816480][ T3852] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 109.824438][ T3852] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 109.832394][ T3852] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 109.840348][ T3852] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 109.848321][ T3852] 14:57:57 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xedc0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 109.879127][ T3855] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 109.879191][ T3856] loop5: detected capacity change from 0 to 4 [ 109.907172][ T3859] loop2: detected capacity change from 0 to 118 [ 109.910326][ T3860] loop1: detected capacity change from 0 to 1024 14:57:57 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xf903, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, 0x0) 14:57:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012b00)) 14:57:57 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 64) 14:57:57 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 60) [ 109.931704][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 109.933895][ T3860] EXT4-fs (loop1): invalid first ino: 0 [ 109.958596][ T3862] FAULT_INJECTION: forcing a failure. [ 109.958596][ T3862] name failslab, interval 1, probability 0, space 0, times 0 [ 109.968539][ T3865] loop0: detected capacity change from 0 to 4 [ 109.971260][ T3862] CPU: 0 PID: 3862 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 109.980936][ T3867] FAULT_INJECTION: forcing a failure. [ 109.980936][ T3867] name failslab, interval 1, probability 0, space 0, times 0 [ 109.985981][ T3862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.985995][ T3862] Call Trace: [ 109.986001][ T3862] [ 109.986007][ T3862] dump_stack_lvl+0xd6/0x122 [ 110.019333][ T3862] dump_stack+0x11/0x1b [ 110.023486][ T3862] should_fail+0x23c/0x250 [ 110.027900][ T3862] __should_failslab+0x81/0x90 [ 110.032647][ T3862] should_failslab+0x5/0x20 [ 110.037140][ T3862] kmem_cache_alloc_node_trace+0x61/0x310 [ 110.042845][ T3862] ? should_fail+0xd6/0x250 [ 110.047330][ T3862] ? __kmalloc_node+0x30/0x40 [ 110.051992][ T3862] __kmalloc_node+0x30/0x40 [ 110.056477][ T3862] kvmalloc_node+0x81/0x110 [ 110.060966][ T3862] __list_lru_init+0x2f7/0x6d0 [ 110.065715][ T3862] alloc_super+0x490/0x520 [ 110.070116][ T3862] ? mount_bdev+0x290/0x290 [ 110.074605][ T3862] sget+0x189/0x370 [ 110.078396][ T3862] ? test_bdev_super+0x30/0x30 [ 110.083143][ T3862] mount_bdev+0xd3/0x290 [ 110.087368][ T3862] ? msdos_mount+0x40/0x40 [ 110.091819][ T3862] ? tsan.module_ctor+0x10/0x10 [ 110.096656][ T3862] msdos_mount+0x2d/0x40 [ 110.100953][ T3862] legacy_get_tree+0x70/0xc0 [ 110.105597][ T3862] vfs_get_tree+0x4a/0x1a0 [ 110.110034][ T3862] path_mount+0x11cf/0x1c40 [ 110.114517][ T3862] ? kmem_cache_free+0x65/0x110 [ 110.119410][ T3862] __se_sys_mount+0x24b/0x2f0 [ 110.124178][ T3862] ? __this_cpu_preempt_check+0x18/0x20 [ 110.129734][ T3862] __x64_sys_mount+0x63/0x70 [ 110.134333][ T3862] do_syscall_64+0x44/0xd0 [ 110.138785][ T3862] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.144677][ T3862] RIP: 0033:0x7fbd63e3d3ca [ 110.149155][ T3862] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.168747][ T3862] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 110.177142][ T3862] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 110.185101][ T3862] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 110.193053][ T3862] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 110.201042][ T3862] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 110.208994][ T3862] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 110.216951][ T3862] [ 110.219960][ T3867] CPU: 1 PID: 3867 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 110.228634][ T3867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.238681][ T3867] Call Trace: [ 110.241943][ T3867] [ 110.244857][ T3867] dump_stack_lvl+0xd6/0x122 [ 110.249507][ T3867] dump_stack+0x11/0x1b [ 110.253757][ T3867] should_fail+0x23c/0x250 [ 110.258156][ T3867] ? msdos_mount+0x40/0x40 [ 110.262673][ T3867] ? getname_kernel+0x37/0x1d0 [ 110.267504][ T3867] __should_failslab+0x81/0x90 [ 110.272293][ T3867] should_failslab+0x5/0x20 [ 110.276782][ T3867] kmem_cache_alloc+0x4f/0x320 [ 110.281530][ T3867] ? avc_has_perm_noaudit+0x1c0/0x270 [ 110.286909][ T3867] ? msdos_mount+0x40/0x40 [ 110.291373][ T3867] getname_kernel+0x37/0x1d0 [ 110.295947][ T3867] ? msdos_mount+0x40/0x40 [ 110.300346][ T3867] kern_path+0x1d/0x100 [ 110.304481][ T3867] ? msdos_mount+0x40/0x40 [ 110.308894][ T3867] blkdev_get_by_path+0x63/0x220 [ 110.313853][ T3867] mount_bdev+0x47/0x290 [ 110.318262][ T3867] ? tsan.module_ctor+0x10/0x10 [ 110.323160][ T3867] msdos_mount+0x2d/0x40 [ 110.327387][ T3867] legacy_get_tree+0x70/0xc0 [ 110.331958][ T3867] vfs_get_tree+0x4a/0x1a0 [ 110.336359][ T3867] path_mount+0x11cf/0x1c40 [ 110.340847][ T3867] ? kmem_cache_free+0x65/0x110 [ 110.345724][ T3867] __se_sys_mount+0x24b/0x2f0 [ 110.350391][ T3867] __x64_sys_mount+0x63/0x70 [ 110.355058][ T3867] do_syscall_64+0x44/0xd0 [ 110.359529][ T3867] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.365409][ T3867] RIP: 0033:0x7fbc8e8df3ca [ 110.369812][ T3867] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.389422][ T3867] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 110.397821][ T3867] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 110.405771][ T3867] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 110.413732][ T3867] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 110.421773][ T3867] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:57:57 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfa03, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:57 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 65) [ 110.429729][ T3867] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 110.437686][ T3867] [ 110.442437][ T3868] loop2: detected capacity change from 0 to 124 [ 110.442819][ T3865] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 110.458259][ T1912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.472513][ T3870] loop5: detected capacity change from 0 to 4 14:57:57 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012b00)) 14:57:57 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 61) 14:57:57 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, 0x0) [ 110.504641][ T3872] loop2: detected capacity change from 0 to 125 [ 110.520252][ T3875] loop0: detected capacity change from 0 to 4 [ 110.531001][ T3878] loop1: detected capacity change from 0 to 1024 [ 110.540950][ T3876] FAULT_INJECTION: forcing a failure. [ 110.540950][ T3876] name failslab, interval 1, probability 0, space 0, times 0 [ 110.546264][ T3875] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 110.553585][ T3876] CPU: 1 PID: 3876 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 110.553610][ T3876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.553621][ T3876] Call Trace: [ 110.561650][ T3878] EXT4-fs (loop1): invalid first ino: 0 [ 110.568749][ T3876] [ 110.580787][ T3880] FAULT_INJECTION: forcing a failure. [ 110.580787][ T3880] name failslab, interval 1, probability 0, space 0, times 0 [ 110.582076][ T3876] dump_stack_lvl+0xd6/0x122 [ 110.607644][ T3876] dump_stack+0x11/0x1b [ 110.611795][ T3876] should_fail+0x23c/0x250 [ 110.616192][ T3876] ? __list_lru_init+0x352/0x6d0 [ 110.621111][ T3876] __should_failslab+0x81/0x90 [ 110.625976][ T3876] should_failslab+0x5/0x20 [ 110.630471][ T3876] kmem_cache_alloc_trace+0x52/0x350 [ 110.635752][ T3876] ? __kmalloc_node+0x30/0x40 [ 110.640453][ T3876] __list_lru_init+0x352/0x6d0 [ 110.645217][ T3876] alloc_super+0x490/0x520 [ 110.649641][ T3876] ? mount_bdev+0x290/0x290 [ 110.654142][ T3876] sget+0x189/0x370 [ 110.658002][ T3876] ? test_bdev_super+0x30/0x30 [ 110.662751][ T3876] mount_bdev+0xd3/0x290 [ 110.666983][ T3876] ? msdos_mount+0x40/0x40 [ 110.671396][ T3876] ? tsan.module_ctor+0x10/0x10 [ 110.676232][ T3876] msdos_mount+0x2d/0x40 [ 110.680493][ T3876] legacy_get_tree+0x70/0xc0 [ 110.685066][ T3876] vfs_get_tree+0x4a/0x1a0 [ 110.689464][ T3876] path_mount+0x11cf/0x1c40 [ 110.693984][ T3876] ? kmem_cache_free+0x65/0x110 [ 110.698817][ T3876] __se_sys_mount+0x24b/0x2f0 [ 110.703476][ T3876] __x64_sys_mount+0x63/0x70 [ 110.708100][ T3876] do_syscall_64+0x44/0xd0 [ 110.712506][ T3876] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.718462][ T3876] RIP: 0033:0x7fbd63e3d3ca [ 110.722860][ T3876] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.742482][ T3876] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 110.750876][ T3876] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 110.758978][ T3876] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 110.766936][ T3876] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 110.774892][ T3876] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 110.782852][ T3876] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 110.790810][ T3876] [ 110.793813][ T3880] CPU: 0 PID: 3880 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:57:58 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfb03, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 110.802543][ T3880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.812689][ T3880] Call Trace: [ 110.815068][ T3882] loop2: detected capacity change from 0 to 125 [ 110.815991][ T3880] [ 110.815998][ T3880] dump_stack_lvl+0xd6/0x122 [ 110.829719][ T3880] dump_stack+0x11/0x1b [ 110.833857][ T3880] should_fail+0x23c/0x250 [ 110.838278][ T3880] ? alloc_super+0x3a/0x520 [ 110.842805][ T3880] __should_failslab+0x81/0x90 [ 110.847561][ T3880] should_failslab+0x5/0x20 [ 110.852068][ T3880] kmem_cache_alloc_trace+0x52/0x350 [ 110.857436][ T3880] ? preempt_count_add+0x4e/0x90 [ 110.862440][ T3880] ? mount_bdev+0x290/0x290 [ 110.867008][ T3880] alloc_super+0x3a/0x520 [ 110.871388][ T3880] ? mount_bdev+0x290/0x290 [ 110.875884][ T3880] sget+0x189/0x370 [ 110.879692][ T3880] ? test_bdev_super+0x30/0x30 [ 110.884449][ T3880] mount_bdev+0xd3/0x290 [ 110.888673][ T3880] ? msdos_mount+0x40/0x40 [ 110.893109][ T3880] ? tsan.module_ctor+0x10/0x10 [ 110.897942][ T3880] msdos_mount+0x2d/0x40 [ 110.902338][ T3880] legacy_get_tree+0x70/0xc0 [ 110.906922][ T3880] vfs_get_tree+0x4a/0x1a0 [ 110.911320][ T3880] path_mount+0x11cf/0x1c40 [ 110.915841][ T3880] ? kmem_cache_free+0x65/0x110 [ 110.920671][ T3880] __se_sys_mount+0x24b/0x2f0 [ 110.925346][ T3880] __x64_sys_mount+0x63/0x70 [ 110.930011][ T3880] do_syscall_64+0x44/0xd0 [ 110.934412][ T3880] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.940353][ T3880] RIP: 0033:0x7fbc8e8df3ca [ 110.944766][ T3880] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.964484][ T3880] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 110.971717][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.972874][ T3880] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 110.972890][ T3880] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 110.972903][ T3880] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 110.972914][ T3880] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 111.012731][ T3880] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 111.020722][ T3880] [ 111.025808][ T1912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:58 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfeff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:58 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:58 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 66) 14:57:58 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 62) 14:57:58 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012b00)) [ 111.053561][ T3884] loop5: detected capacity change from 0 to 4 14:57:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, 0x0) [ 111.082179][ T3887] loop2: detected capacity change from 0 to 127 [ 111.088957][ T3888] loop1: detected capacity change from 0 to 1024 [ 111.109362][ T3891] FAULT_INJECTION: forcing a failure. [ 111.109362][ T3891] name failslab, interval 1, probability 0, space 0, times 0 [ 111.110124][ T3893] FAULT_INJECTION: forcing a failure. [ 111.110124][ T3893] name failslab, interval 1, probability 0, space 0, times 0 [ 111.122088][ T3891] CPU: 0 PID: 3891 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 111.143308][ T3891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.153350][ T3891] Call Trace: [ 111.156686][ T3891] [ 111.159600][ T3891] dump_stack_lvl+0xd6/0x122 [ 111.164203][ T3891] dump_stack+0x11/0x1b [ 111.168340][ T3891] should_fail+0x23c/0x250 [ 111.172787][ T3891] ? __list_lru_init+0x352/0x6d0 [ 111.177724][ T3891] __should_failslab+0x81/0x90 [ 111.182518][ T3891] should_failslab+0x5/0x20 [ 111.187003][ T3891] kmem_cache_alloc_trace+0x52/0x350 [ 111.192332][ T3891] ? __list_lru_init+0x352/0x6d0 [ 111.197303][ T3891] __list_lru_init+0x352/0x6d0 [ 111.202049][ T3891] alloc_super+0x490/0x520 [ 111.206450][ T3891] ? mount_bdev+0x290/0x290 [ 111.211059][ T3891] sget+0x189/0x370 [ 111.214868][ T3891] ? test_bdev_super+0x30/0x30 [ 111.219691][ T3891] mount_bdev+0xd3/0x290 [ 111.223962][ T3891] ? msdos_mount+0x40/0x40 [ 111.228405][ T3891] ? tsan.module_ctor+0x10/0x10 [ 111.233265][ T3891] msdos_mount+0x2d/0x40 [ 111.237491][ T3891] legacy_get_tree+0x70/0xc0 [ 111.242066][ T3891] vfs_get_tree+0x4a/0x1a0 [ 111.246493][ T3891] path_mount+0x11cf/0x1c40 [ 111.250995][ T3891] ? kmem_cache_free+0x65/0x110 [ 111.255878][ T3891] __se_sys_mount+0x24b/0x2f0 [ 111.260535][ T3891] ? __this_cpu_preempt_check+0x18/0x20 [ 111.266083][ T3891] __x64_sys_mount+0x63/0x70 [ 111.270704][ T3891] do_syscall_64+0x44/0xd0 [ 111.275103][ T3891] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.281034][ T3891] RIP: 0033:0x7fbd63e3d3ca [ 111.285430][ T3891] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.305018][ T3891] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 111.313410][ T3891] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 111.321433][ T3891] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 111.329422][ T3891] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 111.337480][ T3891] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 111.345438][ T3891] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 111.353458][ T3891] [ 111.356461][ T3893] CPU: 1 PID: 3893 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 111.362519][ T3888] EXT4-fs (loop1): invalid first ino: 0 [ 111.365295][ T3893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.365308][ T3893] Call Trace: [ 111.365314][ T3893] [ 111.365321][ T3893] dump_stack_lvl+0xd6/0x122 [ 111.373587][ T3894] loop0: detected capacity change from 0 to 4 [ 111.380883][ T3893] dump_stack+0x11/0x1b [ 111.380907][ T3893] should_fail+0x23c/0x250 [ 111.380924][ T3893] ? kzalloc+0x1d/0x30 [ 111.380945][ T3893] __should_failslab+0x81/0x90 [ 111.385321][ T3894] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 111.387170][ T3893] should_failslab+0x5/0x20 [ 111.426182][ T3893] __kmalloc+0x6f/0x370 [ 111.430344][ T3893] kzalloc+0x1d/0x30 [ 111.434262][ T3893] security_sb_alloc+0x3c/0x180 [ 111.439204][ T3893] alloc_super+0x10b/0x520 [ 111.443597][ T3893] ? mount_bdev+0x290/0x290 [ 111.448183][ T3893] sget+0x189/0x370 [ 111.451968][ T3893] ? test_bdev_super+0x30/0x30 [ 111.456716][ T3893] mount_bdev+0xd3/0x290 [ 111.460941][ T3893] ? msdos_mount+0x40/0x40 [ 111.465376][ T3893] ? tsan.module_ctor+0x10/0x10 [ 111.470327][ T3893] msdos_mount+0x2d/0x40 [ 111.474575][ T3893] legacy_get_tree+0x70/0xc0 [ 111.479153][ T3893] vfs_get_tree+0x4a/0x1a0 [ 111.483550][ T3893] path_mount+0x11cf/0x1c40 [ 111.488044][ T3893] ? kmem_cache_free+0x65/0x110 [ 111.493006][ T3893] __se_sys_mount+0x24b/0x2f0 [ 111.497669][ T3893] __x64_sys_mount+0x63/0x70 [ 111.502245][ T3893] do_syscall_64+0x44/0xd0 [ 111.506640][ T3893] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.512659][ T3893] RIP: 0033:0x7fbc8e8df3ca [ 111.517058][ T3893] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.536654][ T3893] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 111.545083][ T3893] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 111.553056][ T3893] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 111.561020][ T3893] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 111.568973][ T3893] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:57:58 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:58 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 63) [ 111.577003][ T3893] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 111.584972][ T3893] [ 111.595539][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 111.616123][ T3896] loop2: detected capacity change from 0 to 127 14:57:58 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 67) 14:57:58 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:58 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012b00)) 14:57:58 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x80000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 111.646766][ T3898] loop5: detected capacity change from 0 to 4 [ 111.672515][ T3900] FAULT_INJECTION: forcing a failure. [ 111.672515][ T3900] name failslab, interval 1, probability 0, space 0, times 0 [ 111.682612][ T3903] FAULT_INJECTION: forcing a failure. [ 111.682612][ T3903] name failslab, interval 1, probability 0, space 0, times 0 [ 111.685159][ T3900] CPU: 0 PID: 3900 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 111.706345][ T3900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.716386][ T3900] Call Trace: [ 111.719646][ T3900] [ 111.722688][ T3900] dump_stack_lvl+0xd6/0x122 [ 111.727308][ T3900] dump_stack+0x11/0x1b [ 111.731490][ T3900] should_fail+0x23c/0x250 [ 111.735928][ T3900] ? __list_lru_init+0x352/0x6d0 [ 111.740895][ T3900] __should_failslab+0x81/0x90 [ 111.745729][ T3900] should_failslab+0x5/0x20 [ 111.750317][ T3900] kmem_cache_alloc_trace+0x52/0x350 [ 111.755587][ T3900] ? __list_lru_init+0x352/0x6d0 [ 111.760517][ T3900] __list_lru_init+0x352/0x6d0 [ 111.765265][ T3900] alloc_super+0x490/0x520 [ 111.769741][ T3900] ? mount_bdev+0x290/0x290 [ 111.774229][ T3900] sget+0x189/0x370 [ 111.778185][ T3900] ? test_bdev_super+0x30/0x30 [ 111.782943][ T3900] mount_bdev+0xd3/0x290 [ 111.787186][ T3900] ? msdos_mount+0x40/0x40 [ 111.791589][ T3900] ? tsan.module_ctor+0x10/0x10 [ 111.796430][ T3900] msdos_mount+0x2d/0x40 [ 111.800706][ T3900] legacy_get_tree+0x70/0xc0 [ 111.805326][ T3900] vfs_get_tree+0x4a/0x1a0 [ 111.809791][ T3900] path_mount+0x11cf/0x1c40 [ 111.814316][ T3900] ? kmem_cache_free+0x65/0x110 [ 111.819167][ T3900] __se_sys_mount+0x24b/0x2f0 [ 111.823908][ T3900] __x64_sys_mount+0x63/0x70 [ 111.828485][ T3900] do_syscall_64+0x44/0xd0 [ 111.832905][ T3900] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.838787][ T3900] RIP: 0033:0x7fbd63e3d3ca [ 111.843192][ T3900] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.862878][ T3900] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 111.871273][ T3900] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 111.879232][ T3900] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 111.887380][ T3900] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 111.895436][ T3900] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 111.903388][ T3900] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 111.911343][ T3900] [ 111.914421][ T3903] CPU: 1 PID: 3903 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 111.922184][ T3906] loop0: detected capacity change from 0 to 4 [ 111.923113][ T3903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.923126][ T3903] Call Trace: [ 111.923132][ T3903] [ 111.923138][ T3903] dump_stack_lvl+0xd6/0x122 [ 111.930131][ T3906] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 111.939211][ T3903] dump_stack+0x11/0x1b [ 111.945306][ T3907] loop2: detected capacity change from 0 to 1024 [ 111.945479][ T3903] should_fail+0x23c/0x250 [ 111.965649][ T3908] loop1: detected capacity change from 0 to 1024 [ 111.967009][ T3903] ? kzalloc+0x1d/0x30 [ 111.967041][ T3903] __should_failslab+0x81/0x90 [ 111.972359][ T3908] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 111.977773][ T3903] should_failslab+0x5/0x20 [ 111.977820][ T3903] __kmalloc+0x6f/0x370 [ 111.977839][ T3903] kzalloc+0x1d/0x30 [ 111.977863][ T3903] security_sb_alloc+0x3c/0x180 [ 111.977881][ T3903] alloc_super+0x10b/0x520 [ 112.016584][ T3903] ? mount_bdev+0x290/0x290 [ 112.021159][ T3903] sget+0x189/0x370 [ 112.024964][ T3903] ? test_bdev_super+0x30/0x30 [ 112.029723][ T3903] mount_bdev+0xd3/0x290 [ 112.034034][ T3903] ? msdos_mount+0x40/0x40 [ 112.038452][ T3903] ? tsan.module_ctor+0x10/0x10 [ 112.043391][ T3903] msdos_mount+0x2d/0x40 [ 112.047627][ T3903] legacy_get_tree+0x70/0xc0 [ 112.052197][ T3903] vfs_get_tree+0x4a/0x1a0 [ 112.056644][ T3903] path_mount+0x11cf/0x1c40 [ 112.061255][ T3903] ? kmem_cache_free+0x65/0x110 [ 112.066107][ T3903] __se_sys_mount+0x24b/0x2f0 [ 112.071274][ T3903] __x64_sys_mount+0x63/0x70 [ 112.075856][ T3903] do_syscall_64+0x44/0xd0 [ 112.080259][ T3903] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.086131][ T3903] RIP: 0033:0x7fbc8e8df3ca [ 112.090525][ T3903] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.110113][ T3903] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 112.118542][ T3903] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 112.126566][ T3903] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 112.134521][ T3903] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 14:57:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:57:59 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x80040, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:57:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012b00)) [ 112.142502][ T3903] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 112.150514][ T3903] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 112.158472][ T3903] [ 112.162583][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:57:59 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 64) 14:57:59 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:59 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 68) [ 112.211876][ T3912] loop2: detected capacity change from 0 to 1024 [ 112.220311][ T3914] FAULT_INJECTION: forcing a failure. [ 112.220311][ T3914] name failslab, interval 1, probability 0, space 0, times 0 [ 112.228789][ T3910] loop0: detected capacity change from 0 to 4 [ 112.232979][ T3914] CPU: 0 PID: 3914 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 112.240680][ T3910] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 112.247717][ T3914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.247730][ T3914] Call Trace: [ 112.247736][ T3914] [ 112.247742][ T3914] dump_stack_lvl+0xd6/0x122 [ 112.257146][ T3916] loop1: detected capacity change from 0 to 1024 [ 112.264270][ T3914] dump_stack+0x11/0x1b [ 112.264294][ T3914] should_fail+0x23c/0x250 [ 112.268504][ T3916] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 112.270497][ T3914] __should_failslab+0x81/0x90 [ 112.270522][ T3914] should_failslab+0x5/0x20 [ 112.279683][ T3918] FAULT_INJECTION: forcing a failure. [ 112.279683][ T3918] name failslab, interval 1, probability 0, space 0, times 0 [ 112.281383][ T3914] kmem_cache_alloc_node_trace+0x61/0x310 [ 112.281409][ T3914] ? should_fail+0xd6/0x250 [ 112.330031][ T3914] ? __kmalloc_node+0x30/0x40 [ 112.334718][ T3914] __kmalloc_node+0x30/0x40 [ 112.339203][ T3914] kvmalloc_node+0x81/0x110 [ 112.343740][ T3914] __list_lru_init+0x2f7/0x6d0 [ 112.348525][ T3914] alloc_super+0x490/0x520 [ 112.352925][ T3914] ? mount_bdev+0x290/0x290 [ 112.357474][ T3914] sget+0x189/0x370 [ 112.361265][ T3914] ? test_bdev_super+0x30/0x30 [ 112.366071][ T3914] mount_bdev+0xd3/0x290 [ 112.370347][ T3914] ? msdos_mount+0x40/0x40 [ 112.374889][ T3914] ? tsan.module_ctor+0x10/0x10 [ 112.379723][ T3914] msdos_mount+0x2d/0x40 [ 112.383948][ T3914] legacy_get_tree+0x70/0xc0 [ 112.388521][ T3914] vfs_get_tree+0x4a/0x1a0 [ 112.392981][ T3914] path_mount+0x11cf/0x1c40 [ 112.397467][ T3914] ? kmem_cache_free+0x65/0x110 [ 112.402316][ T3914] __se_sys_mount+0x24b/0x2f0 [ 112.406990][ T3914] __x64_sys_mount+0x63/0x70 [ 112.411608][ T3914] do_syscall_64+0x44/0xd0 [ 112.416027][ T3914] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.421907][ T3914] RIP: 0033:0x7fbc8e8df3ca [ 112.426301][ T3914] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.445886][ T3914] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 112.454279][ T3914] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 112.462233][ T3914] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 112.470618][ T3914] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 112.478572][ T3914] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 112.486528][ T3914] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 112.494489][ T3914] [ 112.497489][ T3918] CPU: 1 PID: 3918 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 112.506163][ T3918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.512418][ T3920] loop5: detected capacity change from 0 to 4 [ 112.516213][ T3918] Call Trace: [ 112.516221][ T3918] [ 112.516227][ T3918] dump_stack_lvl+0xd6/0x122 [ 112.516251][ T3918] dump_stack+0x11/0x1b [ 112.523484][ T3920] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 112.525614][ T3918] should_fail+0x23c/0x250 [ 112.525643][ T3918] ? __list_lru_init+0x352/0x6d0 [ 112.554676][ T3918] __should_failslab+0x81/0x90 [ 112.559493][ T3918] should_failslab+0x5/0x20 [ 112.563979][ T3918] kmem_cache_alloc_trace+0x52/0x350 [ 112.569257][ T3918] ? __list_lru_init+0x352/0x6d0 [ 112.574174][ T3918] __list_lru_init+0x352/0x6d0 [ 112.578924][ T3918] alloc_super+0x490/0x520 [ 112.583332][ T3918] ? mount_bdev+0x290/0x290 [ 112.587900][ T3918] sget+0x189/0x370 [ 112.591713][ T3918] ? test_bdev_super+0x30/0x30 [ 112.596541][ T3918] mount_bdev+0xd3/0x290 [ 112.600766][ T3918] ? msdos_mount+0x40/0x40 [ 112.605181][ T3918] ? tsan.module_ctor+0x10/0x10 [ 112.610068][ T3918] msdos_mount+0x2d/0x40 [ 112.614296][ T3918] legacy_get_tree+0x70/0xc0 [ 112.618987][ T3918] vfs_get_tree+0x4a/0x1a0 [ 112.623398][ T3918] path_mount+0x11cf/0x1c40 [ 112.627897][ T3918] ? kmem_cache_free+0x65/0x110 [ 112.632757][ T3918] __se_sys_mount+0x24b/0x2f0 [ 112.637412][ T3918] ? __this_cpu_preempt_check+0x18/0x20 [ 112.642946][ T3918] __x64_sys_mount+0x63/0x70 [ 112.647533][ T3918] do_syscall_64+0x44/0xd0 [ 112.651936][ T3918] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.657812][ T3918] RIP: 0033:0x7fbd63e3d3ca [ 112.662204][ T3918] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.681791][ T3918] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 112.690186][ T3918] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 112.698150][ T3918] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 112.706161][ T3918] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 14:57:59 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 112.714119][ T3918] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 112.722080][ T3918] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 112.730227][ T3918] 14:57:59 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012b00)) 14:57:59 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:57:59 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 65) [ 112.755935][ T3922] loop2: detected capacity change from 0 to 32768 [ 112.771967][ T3926] loop1: detected capacity change from 0 to 1024 [ 112.774682][ T3925] FAULT_INJECTION: forcing a failure. [ 112.774682][ T3925] name failslab, interval 1, probability 0, space 0, times 0 [ 112.790948][ T3925] CPU: 0 PID: 3925 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 112.791473][ T3928] loop0: detected capacity change from 0 to 4 14:58:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:58:00 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 69) [ 112.799947][ T3925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.799961][ T3925] Call Trace: [ 112.799967][ T3925] [ 112.799974][ T3925] dump_stack_lvl+0xd6/0x122 [ 112.815808][ T3926] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 112.816081][ T3925] dump_stack+0x11/0x1b [ 112.819674][ T3928] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 112.822265][ T3925] should_fail+0x23c/0x250 [ 112.822306][ T3925] ? __list_lru_init+0x352/0x6d0 [ 112.854919][ T3925] __should_failslab+0x81/0x90 [ 112.857142][ T3932] FAULT_INJECTION: forcing a failure. [ 112.857142][ T3932] name failslab, interval 1, probability 0, space 0, times 0 [ 112.859690][ T3925] should_failslab+0x5/0x20 [ 112.859717][ T3925] kmem_cache_alloc_trace+0x52/0x350 [ 112.882012][ T3925] ? __kmalloc_node+0x30/0x40 [ 112.886729][ T3925] __list_lru_init+0x352/0x6d0 [ 112.891477][ T3925] alloc_super+0x490/0x520 [ 112.895946][ T3925] ? mount_bdev+0x290/0x290 [ 112.900558][ T3925] sget+0x189/0x370 [ 112.904442][ T3925] ? test_bdev_super+0x30/0x30 [ 112.909193][ T3925] mount_bdev+0xd3/0x290 [ 112.913448][ T3925] ? msdos_mount+0x40/0x40 [ 112.917852][ T3925] ? tsan.module_ctor+0x10/0x10 [ 112.922691][ T3925] msdos_mount+0x2d/0x40 [ 112.927012][ T3925] legacy_get_tree+0x70/0xc0 [ 112.931584][ T3925] vfs_get_tree+0x4a/0x1a0 [ 112.936026][ T3925] path_mount+0x11cf/0x1c40 [ 112.940511][ T3925] ? kmem_cache_free+0x65/0x110 [ 112.945423][ T3925] __se_sys_mount+0x24b/0x2f0 [ 112.950104][ T3925] __x64_sys_mount+0x63/0x70 [ 112.954684][ T3925] do_syscall_64+0x44/0xd0 [ 112.959115][ T3925] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.964994][ T3925] RIP: 0033:0x7fbc8e8df3ca [ 112.969675][ T3925] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.989348][ T3925] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 112.997749][ T3925] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 113.005701][ T3925] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 113.013723][ T3925] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 113.021675][ T3925] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 113.029659][ T3925] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 113.037616][ T3925] [ 113.040651][ T3932] CPU: 1 PID: 3932 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 113.045105][ T3930] loop5: detected capacity change from 0 to 4 [ 113.049385][ T3932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.049397][ T3932] Call Trace: [ 113.049403][ T3932] [ 113.049409][ T3932] dump_stack_lvl+0xd6/0x122 [ 113.058991][ T3930] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 113.065594][ T3932] dump_stack+0x11/0x1b [ 113.088841][ T3932] should_fail+0x23c/0x250 [ 113.093244][ T3932] ? __list_lru_init+0x352/0x6d0 [ 113.098174][ T3932] __should_failslab+0x81/0x90 [ 113.102969][ T3932] should_failslab+0x5/0x20 [ 113.107467][ T3932] kmem_cache_alloc_trace+0x52/0x350 [ 113.112824][ T3932] ? __list_lru_init+0x352/0x6d0 [ 113.117819][ T3932] __list_lru_init+0x352/0x6d0 [ 113.122646][ T3932] alloc_super+0x490/0x520 [ 113.127063][ T3932] ? mount_bdev+0x290/0x290 [ 113.131556][ T3932] sget+0x189/0x370 [ 113.135355][ T3932] ? test_bdev_super+0x30/0x30 [ 113.140176][ T3932] mount_bdev+0xd3/0x290 [ 113.144453][ T3932] ? msdos_mount+0x40/0x40 [ 113.148849][ T3932] ? tsan.module_ctor+0x10/0x10 [ 113.153685][ T3932] msdos_mount+0x2d/0x40 [ 113.157987][ T3932] legacy_get_tree+0x70/0xc0 [ 113.162658][ T3932] vfs_get_tree+0x4a/0x1a0 [ 113.167094][ T3932] path_mount+0x11cf/0x1c40 [ 113.171627][ T3932] ? kmem_cache_free+0x65/0x110 [ 113.176477][ T3932] __se_sys_mount+0x24b/0x2f0 [ 113.181151][ T3932] ? __this_cpu_preempt_check+0x18/0x20 [ 113.186768][ T3932] __x64_sys_mount+0x63/0x70 [ 113.191345][ T3932] do_syscall_64+0x44/0xd0 [ 113.195742][ T3932] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 113.201619][ T3932] RIP: 0033:0x7fbd63e3d3ca [ 113.206973][ T3932] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.226573][ T3932] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 113.235212][ T3932] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 113.243180][ T3932] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 14:58:00 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:00 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:00 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8", 0x2d, 0x400}], 0x0, &(0x7f0000012b00)) [ 113.251314][ T3932] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 113.259334][ T3932] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 113.267462][ T3932] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 113.275427][ T3932] [ 113.279485][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:00 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 70) [ 113.313913][ T3936] loop0: detected capacity change from 0 to 4 [ 113.320931][ T3936] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 113.323916][ T3934] loop2: detected capacity change from 0 to 65536 14:58:00 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 66) 14:58:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 113.360182][ T3940] FAULT_INJECTION: forcing a failure. [ 113.360182][ T3940] name failslab, interval 1, probability 0, space 0, times 0 [ 113.363592][ T3938] loop1: detected capacity change from 0 to 1024 [ 113.372914][ T3940] CPU: 0 PID: 3940 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 113.382383][ T3942] loop5: detected capacity change from 0 to 4 [ 113.387798][ T3940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.387812][ T3940] Call Trace: [ 113.387818][ T3940] [ 113.387825][ T3940] dump_stack_lvl+0xd6/0x122 [ 113.401315][ T3942] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 113.403948][ T3940] dump_stack+0x11/0x1b [ 113.403971][ T3940] should_fail+0x23c/0x250 [ 113.413716][ T3944] FAULT_INJECTION: forcing a failure. [ 113.413716][ T3944] name failslab, interval 1, probability 0, space 0, times 0 [ 113.414790][ T3940] ? __list_lru_init+0x352/0x6d0 [ 113.414817][ T3940] __should_failslab+0x81/0x90 [ 113.453743][ T3940] should_failslab+0x5/0x20 [ 113.458238][ T3940] kmem_cache_alloc_trace+0x52/0x350 [ 113.463514][ T3940] ? __list_lru_init+0x352/0x6d0 [ 113.468451][ T3940] __list_lru_init+0x352/0x6d0 [ 113.473220][ T3940] alloc_super+0x490/0x520 [ 113.477651][ T3940] ? mount_bdev+0x290/0x290 [ 113.482212][ T3940] sget+0x189/0x370 [ 113.486004][ T3940] ? test_bdev_super+0x30/0x30 [ 113.490766][ T3940] mount_bdev+0xd3/0x290 [ 113.495007][ T3940] ? msdos_mount+0x40/0x40 [ 113.499532][ T3940] ? tsan.module_ctor+0x10/0x10 [ 113.504406][ T3940] msdos_mount+0x2d/0x40 [ 113.508637][ T3940] legacy_get_tree+0x70/0xc0 [ 113.513218][ T3940] vfs_get_tree+0x4a/0x1a0 [ 113.517642][ T3940] path_mount+0x11cf/0x1c40 [ 113.522129][ T3940] ? kmem_cache_free+0x65/0x110 [ 113.527046][ T3940] __se_sys_mount+0x24b/0x2f0 [ 113.531720][ T3940] __x64_sys_mount+0x63/0x70 [ 113.536725][ T3940] do_syscall_64+0x44/0xd0 [ 113.541126][ T3940] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 113.547010][ T3940] RIP: 0033:0x7fbc8e8df3ca [ 113.551410][ T3940] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.571009][ T3940] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 113.579414][ T3940] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 113.587383][ T3940] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 113.595421][ T3940] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 113.603396][ T3940] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 113.611409][ T3940] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 113.619366][ T3940] [ 113.622371][ T3944] CPU: 1 PID: 3944 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 113.626399][ T3938] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 113.631105][ T3944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.631117][ T3944] Call Trace: [ 113.631124][ T3944] [ 113.631129][ T3944] dump_stack_lvl+0xd6/0x122 [ 113.631154][ T3944] dump_stack+0x11/0x1b [ 113.664272][ T3944] should_fail+0x23c/0x250 [ 113.668747][ T3944] ? __list_lru_init+0x352/0x6d0 [ 113.673770][ T3944] __should_failslab+0x81/0x90 [ 113.678678][ T3944] should_failslab+0x5/0x20 [ 113.683165][ T3944] kmem_cache_alloc_trace+0x52/0x350 [ 113.688435][ T3944] ? __list_lru_init+0x352/0x6d0 [ 113.693371][ T3944] __list_lru_init+0x352/0x6d0 [ 113.698118][ T3944] alloc_super+0x490/0x520 [ 113.702582][ T3944] ? mount_bdev+0x290/0x290 [ 113.707077][ T3944] sget+0x189/0x370 [ 113.710864][ T3944] ? test_bdev_super+0x30/0x30 [ 113.715608][ T3944] mount_bdev+0xd3/0x290 [ 113.719938][ T3944] ? msdos_mount+0x40/0x40 [ 113.724337][ T3944] ? tsan.module_ctor+0x10/0x10 [ 113.729166][ T3944] msdos_mount+0x2d/0x40 [ 113.733564][ T3944] legacy_get_tree+0x70/0xc0 [ 113.738185][ T3944] vfs_get_tree+0x4a/0x1a0 [ 113.742628][ T3944] path_mount+0x11cf/0x1c40 [ 113.747202][ T3944] ? kmem_cache_free+0x65/0x110 [ 113.752049][ T3944] __se_sys_mount+0x24b/0x2f0 [ 113.756803][ T3944] ? __this_cpu_preempt_check+0x18/0x20 [ 113.762335][ T3944] __x64_sys_mount+0x63/0x70 [ 113.766995][ T3944] do_syscall_64+0x44/0xd0 [ 113.771409][ T3944] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 113.777545][ T3944] RIP: 0033:0x7fbd63e3d3ca [ 113.781942][ T3944] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.801546][ T3944] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:58:01 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:01 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 67) [ 113.809986][ T3944] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 113.817958][ T3944] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 113.826011][ T3944] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 113.833971][ T3944] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 113.841934][ T3944] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 113.850012][ T3944] 14:58:01 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 71) 14:58:01 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2040000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:01 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8", 0x2d, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:01 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 113.903297][ T3949] FAULT_INJECTION: forcing a failure. [ 113.903297][ T3949] name failslab, interval 1, probability 0, space 0, times 0 [ 113.906763][ T3947] loop1: detected capacity change from 0 to 1024 [ 113.915930][ T3949] CPU: 0 PID: 3949 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 113.930900][ T3949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.941126][ T3949] Call Trace: [ 113.944412][ T3949] [ 113.946045][ T3952] loop0: detected capacity change from 0 to 4 [ 113.947399][ T3949] dump_stack_lvl+0xd6/0x122 [ 113.947427][ T3949] dump_stack+0x11/0x1b [ 113.962199][ T3949] should_fail+0x23c/0x250 [ 113.966617][ T3949] ? __list_lru_init+0x352/0x6d0 [ 113.971556][ T3949] __should_failslab+0x81/0x90 [ 113.976354][ T3949] should_failslab+0x5/0x20 [ 113.980906][ T3949] kmem_cache_alloc_trace+0x52/0x350 [ 113.986163][ T3952] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 113.986194][ T3949] ? __list_lru_init+0x352/0x6d0 [ 113.995549][ T3947] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 113.997582][ T3949] __list_lru_init+0x352/0x6d0 [ 113.997604][ T3949] alloc_super+0x490/0x520 [ 114.014903][ T3949] ? mount_bdev+0x290/0x290 [ 114.019470][ T3949] sget+0x189/0x370 [ 114.020096][ T3954] loop5: detected capacity change from 0 to 4 [ 114.023271][ T3949] ? test_bdev_super+0x30/0x30 [ 114.023303][ T3949] mount_bdev+0xd3/0x290 [ 114.023320][ T3949] ? msdos_mount+0x40/0x40 [ 114.033185][ T3955] FAULT_INJECTION: forcing a failure. [ 114.033185][ T3955] name failslab, interval 1, probability 0, space 0, times 0 [ 114.034115][ T3949] ? tsan.module_ctor+0x10/0x10 [ 114.060376][ T3949] msdos_mount+0x2d/0x40 [ 114.064606][ T3949] legacy_get_tree+0x70/0xc0 [ 114.069180][ T3949] vfs_get_tree+0x4a/0x1a0 [ 114.073590][ T3949] path_mount+0x11cf/0x1c40 [ 114.078076][ T3949] ? kmem_cache_free+0x65/0x110 [ 114.082912][ T3949] __se_sys_mount+0x24b/0x2f0 [ 114.087569][ T3949] ? __this_cpu_preempt_check+0x18/0x20 [ 114.093127][ T3949] __x64_sys_mount+0x63/0x70 [ 114.097763][ T3949] do_syscall_64+0x44/0xd0 [ 114.102216][ T3949] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.108109][ T3949] RIP: 0033:0x7fbd63e3d3ca [ 114.112520][ T3949] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.132107][ T3949] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.140552][ T3949] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 114.148506][ T3949] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 114.156607][ T3949] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 114.164561][ T3949] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 114.172565][ T3949] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 114.180520][ T3949] [ 114.183521][ T3955] CPU: 1 PID: 3955 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 114.184076][ T3956] loop2: detected capacity change from 0 to 66048 [ 114.192239][ T3955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.192252][ T3955] Call Trace: [ 114.192258][ T3955] [ 114.192264][ T3955] dump_stack_lvl+0xd6/0x122 [ 114.219466][ T3955] dump_stack+0x11/0x1b [ 114.223602][ T3955] should_fail+0x23c/0x250 [ 114.228022][ T3955] ? __list_lru_init+0x352/0x6d0 [ 114.232955][ T3955] __should_failslab+0x81/0x90 [ 114.237775][ T3955] should_failslab+0x5/0x20 [ 114.242259][ T3955] kmem_cache_alloc_trace+0x52/0x350 [ 114.247529][ T3955] ? __list_lru_init+0x352/0x6d0 [ 114.252448][ T3955] __list_lru_init+0x352/0x6d0 [ 114.257189][ T3955] alloc_super+0x490/0x520 [ 114.261635][ T3955] ? mount_bdev+0x290/0x290 [ 114.266118][ T3955] sget+0x189/0x370 [ 114.270073][ T3955] ? test_bdev_super+0x30/0x30 [ 114.274939][ T3955] mount_bdev+0xd3/0x290 [ 114.279247][ T3955] ? msdos_mount+0x40/0x40 [ 114.283650][ T3955] ? tsan.module_ctor+0x10/0x10 [ 114.288483][ T3955] msdos_mount+0x2d/0x40 [ 114.292705][ T3955] legacy_get_tree+0x70/0xc0 [ 114.297284][ T3955] vfs_get_tree+0x4a/0x1a0 [ 114.301769][ T3955] path_mount+0x11cf/0x1c40 [ 114.306309][ T3955] ? kmem_cache_free+0x65/0x110 [ 114.311234][ T3955] __se_sys_mount+0x24b/0x2f0 [ 114.315909][ T3955] __x64_sys_mount+0x63/0x70 [ 114.320493][ T3955] do_syscall_64+0x44/0xd0 [ 114.324964][ T3955] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.330875][ T3955] RIP: 0033:0x7fbc8e8df3ca [ 114.335285][ T3955] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.354920][ T3955] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.363316][ T3955] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 114.371272][ T3955] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 114.379224][ T3955] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 114.387176][ T3955] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 114.395149][ T3955] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 14:58:01 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:58:01 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:01 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:01 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8", 0x2d, 0x400}], 0x0, &(0x7f0000012b00)) [ 114.403105][ T3955] [ 114.407292][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:01 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 72) 14:58:01 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 68) [ 114.468054][ T3958] loop0: detected capacity change from 0 to 4 [ 114.479734][ T3962] loop1: detected capacity change from 0 to 1024 [ 114.481134][ T3963] loop2: detected capacity change from 0 to 98304 [ 114.497745][ T3964] FAULT_INJECTION: forcing a failure. [ 114.497745][ T3964] name failslab, interval 1, probability 0, space 0, times 0 [ 114.500246][ T3958] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 114.510388][ T3964] CPU: 1 PID: 3964 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 114.517806][ T3962] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 114.525509][ T3964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.525523][ T3964] Call Trace: [ 114.525529][ T3964] [ 114.525536][ T3964] dump_stack_lvl+0xd6/0x122 [ 114.538780][ T3966] loop5: detected capacity change from 0 to 4 [ 114.543849][ T3964] dump_stack+0x11/0x1b [ 114.543872][ T3964] should_fail+0x23c/0x250 [ 114.543889][ T3964] ? __list_lru_init+0x352/0x6d0 [ 114.553335][ T3968] FAULT_INJECTION: forcing a failure. [ 114.553335][ T3968] name failslab, interval 1, probability 0, space 0, times 0 [ 114.554638][ T3964] __should_failslab+0x81/0x90 [ 114.591414][ T3964] should_failslab+0x5/0x20 [ 114.595974][ T3964] kmem_cache_alloc_trace+0x52/0x350 [ 114.601251][ T3964] ? __list_lru_init+0x352/0x6d0 [ 114.606185][ T3964] __list_lru_init+0x352/0x6d0 [ 114.610958][ T3964] alloc_super+0x490/0x520 [ 114.615358][ T3964] ? mount_bdev+0x290/0x290 [ 114.619845][ T3964] sget+0x189/0x370 [ 114.623636][ T3964] ? test_bdev_super+0x30/0x30 [ 114.628382][ T3964] mount_bdev+0xd3/0x290 [ 114.632914][ T3964] ? msdos_mount+0x40/0x40 [ 114.637316][ T3964] ? tsan.module_ctor+0x10/0x10 [ 114.642206][ T3964] msdos_mount+0x2d/0x40 [ 114.646430][ T3964] legacy_get_tree+0x70/0xc0 [ 114.651045][ T3964] vfs_get_tree+0x4a/0x1a0 [ 114.655446][ T3964] path_mount+0x11cf/0x1c40 [ 114.659995][ T3964] ? kmem_cache_free+0x65/0x110 [ 114.664828][ T3964] __se_sys_mount+0x24b/0x2f0 [ 114.669505][ T3964] ? __this_cpu_preempt_check+0x18/0x20 [ 114.675036][ T3964] __x64_sys_mount+0x63/0x70 [ 114.679606][ T3964] do_syscall_64+0x44/0xd0 [ 114.684004][ T3964] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.689909][ T3964] RIP: 0033:0x7fbd63e3d3ca [ 114.694306][ T3964] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.713899][ T3964] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.722410][ T3964] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 114.730365][ T3964] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 114.738336][ T3964] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 114.746348][ T3964] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 114.754362][ T3964] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 114.762337][ T3964] [ 114.765343][ T3968] CPU: 0 PID: 3968 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 114.774055][ T3968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.784096][ T3968] Call Trace: [ 114.787708][ T3968] [ 114.790626][ T3968] dump_stack_lvl+0xd6/0x122 [ 114.795204][ T3968] dump_stack+0x11/0x1b [ 114.799342][ T3968] should_fail+0x23c/0x250 [ 114.803740][ T3968] ? __list_lru_init+0x352/0x6d0 [ 114.808705][ T3968] __should_failslab+0x81/0x90 [ 114.813521][ T3968] should_failslab+0x5/0x20 [ 114.818009][ T3968] kmem_cache_alloc_trace+0x52/0x350 [ 114.823344][ T3968] ? __list_lru_init+0x352/0x6d0 [ 114.828260][ T3968] __list_lru_init+0x352/0x6d0 [ 114.833069][ T3968] alloc_super+0x490/0x520 [ 114.837478][ T3968] ? mount_bdev+0x290/0x290 [ 114.842007][ T3968] sget+0x189/0x370 [ 114.845802][ T3968] ? test_bdev_super+0x30/0x30 [ 114.850694][ T3968] mount_bdev+0xd3/0x290 [ 114.854924][ T3968] ? msdos_mount+0x40/0x40 [ 114.859434][ T3968] ? tsan.module_ctor+0x10/0x10 [ 114.864350][ T3968] msdos_mount+0x2d/0x40 [ 114.868630][ T3968] legacy_get_tree+0x70/0xc0 [ 114.873251][ T3968] vfs_get_tree+0x4a/0x1a0 [ 114.877664][ T3968] path_mount+0x11cf/0x1c40 [ 114.882296][ T3968] ? kmem_cache_free+0x65/0x110 [ 114.887130][ T3968] __se_sys_mount+0x24b/0x2f0 [ 114.891794][ T3968] __x64_sys_mount+0x63/0x70 [ 114.896455][ T3968] do_syscall_64+0x44/0xd0 [ 114.900902][ T3968] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.906907][ T3968] RIP: 0033:0x7fbc8e8df3ca [ 114.911296][ T3968] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.930884][ T3968] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 114.939351][ T3968] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 114.947307][ T3968] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 114.955256][ T3968] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 14:58:02 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:58:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f", 0x44, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:02 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500", 0x63, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:02 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 114.963209][ T3968] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 114.971162][ T3968] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 114.979160][ T3968] [ 114.986481][ T2047] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:02 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 73) 14:58:02 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 69) [ 115.037448][ T3972] loop2: detected capacity change from 0 to 131072 [ 115.044871][ T3974] loop1: detected capacity change from 0 to 1024 [ 115.053960][ T3973] loop0: detected capacity change from 0 to 4 [ 115.059080][ T3976] FAULT_INJECTION: forcing a failure. [ 115.059080][ T3976] name failslab, interval 1, probability 0, space 0, times 0 [ 115.061190][ T3978] FAULT_INJECTION: forcing a failure. [ 115.061190][ T3978] name failslab, interval 1, probability 0, space 0, times 0 [ 115.072686][ T3976] CPU: 0 PID: 3976 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 115.093919][ T3976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 115.103957][ T3976] Call Trace: [ 115.107220][ T3976] [ 115.110309][ T3976] dump_stack_lvl+0xd6/0x122 [ 115.114890][ T3976] dump_stack+0x11/0x1b [ 115.119029][ T3976] should_fail+0x23c/0x250 [ 115.123547][ T3976] ? __list_lru_init+0x352/0x6d0 [ 115.128470][ T3976] __should_failslab+0x81/0x90 [ 115.133218][ T3976] should_failslab+0x5/0x20 [ 115.137709][ T3976] kmem_cache_alloc_trace+0x52/0x350 [ 115.143022][ T3976] ? __list_lru_init+0x352/0x6d0 [ 115.147944][ T3976] __list_lru_init+0x352/0x6d0 [ 115.152768][ T3976] alloc_super+0x490/0x520 [ 115.157261][ T3976] ? mount_bdev+0x290/0x290 [ 115.161792][ T3976] sget+0x189/0x370 [ 115.165584][ T3976] ? test_bdev_super+0x30/0x30 [ 115.170405][ T3976] mount_bdev+0xd3/0x290 [ 115.174631][ T3976] ? msdos_mount+0x40/0x40 [ 115.179034][ T3976] ? tsan.module_ctor+0x10/0x10 [ 115.183946][ T3976] msdos_mount+0x2d/0x40 [ 115.188247][ T3976] legacy_get_tree+0x70/0xc0 [ 115.192887][ T3976] vfs_get_tree+0x4a/0x1a0 [ 115.197514][ T3976] path_mount+0x11cf/0x1c40 [ 115.202036][ T3976] ? kmem_cache_free+0x65/0x110 [ 115.206885][ T3976] __se_sys_mount+0x24b/0x2f0 [ 115.211552][ T3976] ? __this_cpu_preempt_check+0x18/0x20 [ 115.217276][ T3976] __x64_sys_mount+0x63/0x70 [ 115.221848][ T3976] do_syscall_64+0x44/0xd0 [ 115.226251][ T3976] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 115.232129][ T3976] RIP: 0033:0x7fbd63e3d3ca [ 115.236532][ T3976] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 115.256306][ T3976] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 115.264701][ T3976] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 115.272713][ T3976] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 115.280673][ T3976] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 115.288627][ T3976] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 115.296689][ T3976] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 115.304647][ T3976] [ 115.307653][ T3978] CPU: 1 PID: 3978 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 115.307777][ T3974] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 115.316364][ T3978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 115.316378][ T3978] Call Trace: [ 115.316384][ T3978] [ 115.316391][ T3978] dump_stack_lvl+0xd6/0x122 [ 115.341692][ T3973] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 115.345292][ T3978] dump_stack+0x11/0x1b [ 115.357696][ T3978] should_fail+0x23c/0x250 [ 115.359551][ T3980] loop5: detected capacity change from 0 to 4 [ 115.362108][ T3978] ? __list_lru_init+0x352/0x6d0 [ 115.362141][ T3978] __should_failslab+0x81/0x90 [ 115.362203][ T3978] should_failslab+0x5/0x20 [ 115.382446][ T3978] kmem_cache_alloc_trace+0x52/0x350 [ 115.387744][ T3978] ? __list_lru_init+0x352/0x6d0 [ 115.392668][ T3978] __list_lru_init+0x352/0x6d0 [ 115.397425][ T3978] alloc_super+0x490/0x520 [ 115.401874][ T3978] ? mount_bdev+0x290/0x290 [ 115.406413][ T3978] sget+0x189/0x370 [ 115.410225][ T3978] ? test_bdev_super+0x30/0x30 [ 115.414968][ T3978] mount_bdev+0xd3/0x290 [ 115.419721][ T3978] ? msdos_mount+0x40/0x40 [ 115.424128][ T3978] ? tsan.module_ctor+0x10/0x10 [ 115.429015][ T3978] msdos_mount+0x2d/0x40 [ 115.433274][ T3978] legacy_get_tree+0x70/0xc0 [ 115.437855][ T3978] vfs_get_tree+0x4a/0x1a0 [ 115.442312][ T3978] path_mount+0x11cf/0x1c40 [ 115.446936][ T3978] ? kmem_cache_free+0x65/0x110 [ 115.451790][ T3978] __se_sys_mount+0x24b/0x2f0 [ 115.456549][ T3978] __x64_sys_mount+0x63/0x70 [ 115.461145][ T3978] do_syscall_64+0x44/0xd0 [ 115.465540][ T3978] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 115.471447][ T3978] RIP: 0033:0x7fbc8e8df3ca [ 115.475850][ T3978] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 115.495451][ T3978] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 115.503862][ T3978] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 115.511826][ T3978] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 115.519792][ T3978] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 115.527739][ T3978] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:02 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:58:02 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 74) 14:58:02 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500", 0x63, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:02 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 70) [ 115.535691][ T3978] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 115.543647][ T3978] [ 115.547917][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.574631][ T3982] loop2: detected capacity change from 0 to 163840 14:58:02 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4", 0x2e, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:02 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 115.633435][ T3990] loop2: detected capacity change from 0 to 196608 [ 115.634816][ T3987] loop1: detected capacity change from 0 to 1024 [ 115.642067][ T3992] loop5: detected capacity change from 0 to 4 [ 115.647193][ T3984] FAULT_INJECTION: forcing a failure. [ 115.647193][ T3984] name failslab, interval 1, probability 0, space 0, times 0 [ 115.664971][ T3984] CPU: 1 PID: 3984 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 115.665191][ T3987] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 115.673722][ T3984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 115.692008][ T3984] Call Trace: [ 115.695000][ T3988] FAULT_INJECTION: forcing a failure. [ 115.695000][ T3988] name failslab, interval 1, probability 0, space 0, times 0 [ 115.695278][ T3984] [ 115.710835][ T3984] dump_stack_lvl+0xd6/0x122 [ 115.715427][ T3984] dump_stack+0x11/0x1b [ 115.719577][ T3984] should_fail+0x23c/0x250 [ 115.724004][ T3984] ? __list_lru_init+0x352/0x6d0 [ 115.728983][ T3984] __should_failslab+0x81/0x90 [ 115.733770][ T3984] should_failslab+0x5/0x20 [ 115.738261][ T3984] kmem_cache_alloc_trace+0x52/0x350 [ 115.743533][ T3984] ? __list_lru_init+0x352/0x6d0 [ 115.748592][ T3984] __list_lru_init+0x352/0x6d0 [ 115.753484][ T3984] alloc_super+0x490/0x520 [ 115.757897][ T3984] ? mount_bdev+0x290/0x290 [ 115.762431][ T3984] sget+0x189/0x370 [ 115.766224][ T3984] ? test_bdev_super+0x30/0x30 [ 115.771068][ T3984] mount_bdev+0xd3/0x290 [ 115.775298][ T3984] ? msdos_mount+0x40/0x40 [ 115.779763][ T3984] ? tsan.module_ctor+0x10/0x10 [ 115.784600][ T3984] msdos_mount+0x2d/0x40 [ 115.788864][ T3984] legacy_get_tree+0x70/0xc0 [ 115.793439][ T3984] vfs_get_tree+0x4a/0x1a0 [ 115.797913][ T3984] path_mount+0x11cf/0x1c40 [ 115.802398][ T3984] ? kmem_cache_free+0x65/0x110 [ 115.807353][ T3984] __se_sys_mount+0x24b/0x2f0 [ 115.812100][ T3984] __x64_sys_mount+0x63/0x70 [ 115.816706][ T3984] do_syscall_64+0x44/0xd0 [ 115.821120][ T3984] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 115.827001][ T3984] RIP: 0033:0x7fbd63e3d3ca [ 115.831400][ T3984] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 115.850993][ T3984] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 115.859393][ T3984] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 115.867375][ T3984] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 115.875416][ T3984] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 14:58:03 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500", 0x63, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 115.883369][ T3984] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 115.891418][ T3984] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 115.899375][ T3984] [ 115.902375][ T3988] CPU: 0 PID: 3988 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 115.904517][ T3994] loop0: detected capacity change from 0 to 4 [ 115.911078][ T3988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 115.911090][ T3988] Call Trace: [ 115.911096][ T3988] [ 115.911103][ T3988] dump_stack_lvl+0xd6/0x122 [ 115.920657][ T3994] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 115.927270][ T3988] dump_stack+0x11/0x1b [ 115.927294][ T3988] should_fail+0x23c/0x250 [ 115.927311][ T3988] ? __list_lru_init+0x352/0x6d0 [ 115.957971][ T3988] __should_failslab+0x81/0x90 [ 115.962725][ T3988] should_failslab+0x5/0x20 [ 115.967224][ T3988] kmem_cache_alloc_trace+0x52/0x350 [ 115.972496][ T3988] ? __list_lru_init+0x352/0x6d0 [ 115.977459][ T3988] __list_lru_init+0x352/0x6d0 [ 115.982209][ T3988] alloc_super+0x490/0x520 [ 115.986683][ T3988] ? mount_bdev+0x290/0x290 [ 115.991179][ T3988] sget+0x189/0x370 [ 115.994976][ T3988] ? test_bdev_super+0x30/0x30 [ 115.999773][ T3988] mount_bdev+0xd3/0x290 [ 116.004005][ T3988] ? msdos_mount+0x40/0x40 [ 116.008421][ T3988] ? tsan.module_ctor+0x10/0x10 [ 116.013325][ T3988] msdos_mount+0x2d/0x40 [ 116.017556][ T3988] legacy_get_tree+0x70/0xc0 [ 116.022198][ T3988] vfs_get_tree+0x4a/0x1a0 [ 116.026603][ T3988] path_mount+0x11cf/0x1c40 [ 116.031090][ T3988] ? kmem_cache_free+0x65/0x110 [ 116.035973][ T3988] __se_sys_mount+0x24b/0x2f0 [ 116.040640][ T3988] __x64_sys_mount+0x63/0x70 [ 116.045290][ T3988] do_syscall_64+0x44/0xd0 [ 116.049691][ T3988] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 116.055592][ T3988] RIP: 0033:0x7fbc8e8df3ca [ 116.059997][ T3988] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:58:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:58:03 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6040000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:03 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 75) [ 116.079586][ T3988] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 116.088002][ T3988] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 116.095954][ T3988] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 116.103909][ T3988] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 116.111944][ T3988] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 116.119982][ T3988] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 116.127997][ T3988] [ 116.156105][ T3998] loop5: detected capacity change from 0 to 4 [ 116.164232][ T4001] loop2: detected capacity change from 0 to 197120 [ 116.165322][ T4002] FAULT_INJECTION: forcing a failure. [ 116.165322][ T4002] name failslab, interval 1, probability 0, space 0, times 0 [ 116.183456][ T4002] CPU: 0 PID: 4002 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 116.183841][ T3996] loop1: detected capacity change from 0 to 1024 14:58:03 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 71) [ 116.192175][ T4002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.192190][ T4002] Call Trace: [ 116.192197][ T4002] [ 116.192203][ T4002] dump_stack_lvl+0xd6/0x122 [ 116.192227][ T4002] dump_stack+0x11/0x1b [ 116.201362][ T3996] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 116.208638][ T4002] should_fail+0x23c/0x250 [ 116.208667][ T4002] ? __list_lru_init+0x70/0x6d0 [ 116.208687][ T4002] __should_failslab+0x81/0x90 [ 116.230081][ T4004] FAULT_INJECTION: forcing a failure. [ 116.230081][ T4004] name failslab, interval 1, probability 0, space 0, times 0 [ 116.231680][ T4002] should_failslab+0x5/0x20 [ 116.231740][ T4002] __kmalloc+0x6f/0x370 [ 116.266930][ T4002] ? __list_lru_init+0x352/0x6d0 [ 116.271859][ T4002] __list_lru_init+0x70/0x6d0 [ 116.276568][ T4002] alloc_super+0x4bf/0x520 [ 116.280997][ T4002] ? mount_bdev+0x290/0x290 [ 116.285615][ T4002] sget+0x189/0x370 [ 116.289410][ T4002] ? test_bdev_super+0x30/0x30 [ 116.294239][ T4002] mount_bdev+0xd3/0x290 [ 116.298467][ T4002] ? msdos_mount+0x40/0x40 [ 116.302954][ T4002] ? tsan.module_ctor+0x10/0x10 [ 116.307795][ T4002] msdos_mount+0x2d/0x40 [ 116.312077][ T4002] legacy_get_tree+0x70/0xc0 [ 116.316658][ T4002] vfs_get_tree+0x4a/0x1a0 [ 116.321069][ T4002] path_mount+0x11cf/0x1c40 [ 116.325562][ T4002] ? kmem_cache_free+0x65/0x110 [ 116.330470][ T4002] __se_sys_mount+0x24b/0x2f0 [ 116.335166][ T4002] __x64_sys_mount+0x63/0x70 [ 116.339744][ T4002] do_syscall_64+0x44/0xd0 [ 116.344149][ T4002] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 116.350103][ T4002] RIP: 0033:0x7fbd63e3d3ca [ 116.354501][ T4002] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.374094][ T4002] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 116.382493][ T4002] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 116.390498][ T4002] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 116.398452][ T4002] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 116.406474][ T4002] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 116.414431][ T4002] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 116.422468][ T4002] [ 116.425469][ T4004] CPU: 1 PID: 4004 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 116.434256][ T4004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.444310][ T4004] Call Trace: [ 116.447589][ T4004] [ 116.450517][ T4004] dump_stack_lvl+0xd6/0x122 14:58:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4", 0x2e, 0x400}], 0x0, &(0x7f0000012b00)) [ 116.454171][ T4006] loop0: detected capacity change from 0 to 4 [ 116.455114][ T4004] dump_stack+0x11/0x1b [ 116.455142][ T4004] should_fail+0x23c/0x250 [ 116.455160][ T4004] ? __list_lru_init+0x352/0x6d0 [ 116.462777][ T4006] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 116.465357][ T4004] __should_failslab+0x81/0x90 [ 116.465385][ T4004] should_failslab+0x5/0x20 [ 116.490733][ T4004] kmem_cache_alloc_trace+0x52/0x350 [ 116.496034][ T4004] ? __list_lru_init+0x352/0x6d0 [ 116.500967][ T4004] __list_lru_init+0x352/0x6d0 [ 116.505741][ T4004] alloc_super+0x490/0x520 [ 116.510257][ T4004] ? mount_bdev+0x290/0x290 [ 116.514831][ T4004] sget+0x189/0x370 [ 116.518629][ T4004] ? test_bdev_super+0x30/0x30 [ 116.523446][ T4004] mount_bdev+0xd3/0x290 [ 116.527721][ T4004] ? msdos_mount+0x40/0x40 [ 116.532151][ T4004] ? tsan.module_ctor+0x10/0x10 [ 116.537048][ T4004] msdos_mount+0x2d/0x40 [ 116.541309][ T4004] legacy_get_tree+0x70/0xc0 [ 116.545915][ T4004] vfs_get_tree+0x4a/0x1a0 [ 116.550400][ T4004] path_mount+0x11cf/0x1c40 [ 116.554888][ T4004] ? kmem_cache_free+0x65/0x110 [ 116.559759][ T4004] __se_sys_mount+0x24b/0x2f0 [ 116.564509][ T4004] __x64_sys_mount+0x63/0x70 [ 116.569090][ T4004] do_syscall_64+0x44/0xd0 [ 116.573506][ T4004] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 116.579442][ T4004] RIP: 0033:0x7fbc8e8df3ca [ 116.583939][ T4004] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.603544][ T4004] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 116.612126][ T4004] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 116.620210][ T4004] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 116.628239][ T4004] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 116.636331][ T4004] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 116.644389][ T4004] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 116.652362][ T4004] 14:58:03 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) 14:58:03 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 76) [ 116.656354][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 116.688908][ T4010] loop2: detected capacity change from 0 to 229376 [ 116.690804][ T4011] loop5: detected capacity change from 0 to 4 14:58:03 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4", 0x2e, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:03 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b", 0x65, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:03 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 72) [ 116.707239][ T4012] FAULT_INJECTION: forcing a failure. [ 116.707239][ T4012] name failslab, interval 1, probability 0, space 0, times 0 [ 116.719900][ T4012] CPU: 1 PID: 4012 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 116.728620][ T4012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.738677][ T4012] Call Trace: [ 116.741946][ T4012] [ 116.744872][ T4012] dump_stack_lvl+0xd6/0x122 [ 116.749504][ T4012] dump_stack+0x11/0x1b [ 116.753661][ T4012] should_fail+0x23c/0x250 [ 116.758120][ T4012] ? __list_lru_init+0x352/0x6d0 [ 116.763097][ T4012] __should_failslab+0x81/0x90 [ 116.763642][ T4016] FAULT_INJECTION: forcing a failure. [ 116.763642][ T4016] name failslab, interval 1, probability 0, space 0, times 0 [ 116.767963][ T4012] should_failslab+0x5/0x20 [ 116.785045][ T4012] kmem_cache_alloc_trace+0x52/0x350 [ 116.790331][ T4012] ? __list_lru_init+0x352/0x6d0 [ 116.795263][ T4012] __list_lru_init+0x352/0x6d0 [ 116.800012][ T4012] alloc_super+0x490/0x520 [ 116.804416][ T4012] ? mount_bdev+0x290/0x290 [ 116.808914][ T4012] sget+0x189/0x370 [ 116.812714][ T4012] ? test_bdev_super+0x30/0x30 [ 116.817550][ T4012] mount_bdev+0xd3/0x290 [ 116.821776][ T4012] ? msdos_mount+0x40/0x40 [ 116.826180][ T4012] ? tsan.module_ctor+0x10/0x10 [ 116.831017][ T4012] msdos_mount+0x2d/0x40 [ 116.835338][ T4012] legacy_get_tree+0x70/0xc0 [ 116.840164][ T4012] vfs_get_tree+0x4a/0x1a0 [ 116.844646][ T4012] path_mount+0x11cf/0x1c40 [ 116.849316][ T4012] ? kmem_cache_free+0x65/0x110 [ 116.854234][ T4012] __se_sys_mount+0x24b/0x2f0 [ 116.858942][ T4012] __x64_sys_mount+0x63/0x70 [ 116.863539][ T4012] do_syscall_64+0x44/0xd0 [ 116.867943][ T4012] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 116.873891][ T4012] RIP: 0033:0x7fbd63e3d3ca [ 116.878290][ T4012] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 116.897883][ T4012] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 116.906294][ T4012] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 116.914306][ T4012] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 116.922261][ T4012] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 116.930217][ T4012] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 116.938183][ T4012] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 116.946271][ T4012] [ 116.949349][ T4016] CPU: 0 PID: 4016 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 116.950213][ T4017] loop0: detected capacity change from 0 to 4 [ 116.958020][ T4016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.958034][ T4016] Call Trace: [ 116.965827][ T4018] loop1: detected capacity change from 0 to 1024 [ 116.974227][ T4016] [ 116.974236][ T4016] dump_stack_lvl+0xd6/0x122 [ 116.974259][ T4016] dump_stack+0x11/0x1b [ 116.974276][ T4016] should_fail+0x23c/0x250 [ 116.974293][ T4016] ? __list_lru_init+0x352/0x6d0 14:58:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:58:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:58:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000012b00)) 14:58:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000", 0x60, 0x400}], 0x0, &(0x7f0000012b00)) [ 116.974314][ T4016] __should_failslab+0x81/0x90 [ 116.981967][ T4017] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 116.983901][ T4016] should_failslab+0x5/0x20 [ 116.983928][ T4016] kmem_cache_alloc_trace+0x52/0x350 [ 116.986958][ T4018] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 116.991428][ T4016] ? __list_lru_init+0x352/0x6d0 [ 117.039590][ T4016] __list_lru_init+0x352/0x6d0 [ 117.044362][ T4016] alloc_super+0x490/0x520 [ 117.048824][ T4016] ? mount_bdev+0x290/0x290 [ 117.053331][ T4016] sget+0x189/0x370 [ 117.057148][ T4016] ? test_bdev_super+0x30/0x30 [ 117.059984][ T4026] loop5: detected capacity change from 0 to 4 [ 117.061917][ T4016] mount_bdev+0xd3/0x290 [ 117.061958][ T4016] ? msdos_mount+0x40/0x40 [ 117.061979][ T4016] ? tsan.module_ctor+0x10/0x10 [ 117.069074][ T4026] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 117.072255][ T4016] msdos_mount+0x2d/0x40 [ 117.072283][ T4016] legacy_get_tree+0x70/0xc0 [ 117.072301][ T4016] vfs_get_tree+0x4a/0x1a0 [ 117.103541][ T4016] path_mount+0x11cf/0x1c40 [ 117.108038][ T4016] ? kmem_cache_free+0x65/0x110 [ 117.112879][ T4016] __se_sys_mount+0x24b/0x2f0 [ 117.117555][ T4016] __x64_sys_mount+0x63/0x70 [ 117.122244][ T4016] do_syscall_64+0x44/0xd0 [ 117.126644][ T4016] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 117.132690][ T4016] RIP: 0033:0x7fbc8e8df3ca [ 117.137100][ T4016] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:58:04 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 117.156733][ T4016] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 117.165228][ T4016] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 117.173298][ T4016] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 117.181249][ T4016] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 117.189263][ T4016] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 117.197217][ T4016] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 117.205227][ T4016] 14:58:04 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 77) [ 117.224444][ T4028] loop2: detected capacity change from 0 to 262144 [ 117.232935][ T4030] FAULT_INJECTION: forcing a failure. [ 117.232935][ T4030] name failslab, interval 1, probability 0, space 0, times 0 [ 117.245572][ T4030] CPU: 0 PID: 4030 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 117.254292][ T4030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.264335][ T4030] Call Trace: [ 117.267605][ T4030] [ 117.270526][ T4030] dump_stack_lvl+0xd6/0x122 [ 117.275106][ T4030] dump_stack+0x11/0x1b [ 117.279268][ T4030] should_fail+0x23c/0x250 [ 117.283758][ T4030] __should_failslab+0x81/0x90 [ 117.288522][ T4030] should_failslab+0x5/0x20 [ 117.293017][ T4030] kmem_cache_alloc_node_trace+0x61/0x310 [ 117.298801][ T4030] ? should_fail+0xd6/0x250 [ 117.303290][ T4030] ? __kmalloc_node+0x30/0x40 [ 117.307954][ T4030] __kmalloc_node+0x30/0x40 [ 117.312464][ T4030] kvmalloc_node+0x81/0x110 [ 117.317031][ T4030] __list_lru_init+0x2f7/0x6d0 [ 117.321789][ T4030] alloc_super+0x4bf/0x520 [ 117.326407][ T4030] ? mount_bdev+0x290/0x290 [ 117.330954][ T4030] sget+0x189/0x370 [ 117.334760][ T4030] ? test_bdev_super+0x30/0x30 [ 117.339561][ T4030] mount_bdev+0xd3/0x290 [ 117.343939][ T4030] ? msdos_mount+0x40/0x40 [ 117.348369][ T4030] ? tsan.module_ctor+0x10/0x10 [ 117.353215][ T4030] msdos_mount+0x2d/0x40 [ 117.357453][ T4030] legacy_get_tree+0x70/0xc0 [ 117.362028][ T4030] vfs_get_tree+0x4a/0x1a0 [ 117.366432][ T4030] path_mount+0x11cf/0x1c40 [ 117.371012][ T4030] ? kmem_cache_free+0x65/0x110 [ 117.375917][ T4030] __se_sys_mount+0x24b/0x2f0 [ 117.380639][ T4030] __x64_sys_mount+0x63/0x70 [ 117.385216][ T4030] do_syscall_64+0x44/0xd0 [ 117.389620][ T4030] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 117.395508][ T4030] RIP: 0033:0x7fbd63e3d3ca [ 117.399910][ T4030] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:58:04 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:04 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b", 0x65, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 117.419580][ T4030] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 117.428064][ T4030] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 117.436146][ T4030] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 117.444102][ T4030] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 117.452293][ T4030] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 117.460250][ T4030] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 117.468212][ T4030] 14:58:04 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:04 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 73) 14:58:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012b00)) [ 117.503709][ T4032] loop2: detected capacity change from 0 to 264192 [ 117.529597][ T4034] loop1: detected capacity change from 0 to 1024 [ 117.541054][ T4037] FAULT_INJECTION: forcing a failure. [ 117.541054][ T4037] name failslab, interval 1, probability 0, space 0, times 0 [ 117.548370][ T4034] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 117.553912][ T4037] CPU: 1 PID: 4037 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 117.562465][ T4040] loop0: detected capacity change from 0 to 4 [ 117.570937][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.570956][ T4037] Call Trace: [ 117.570963][ T4037] [ 117.582992][ T4042] FAULT_INJECTION: forcing a failure. [ 117.582992][ T4042] name failslab, interval 1, probability 0, space 0, times 0 [ 117.587049][ T4037] dump_stack_lvl+0xd6/0x122 [ 117.610437][ T4037] dump_stack+0x11/0x1b [ 117.614588][ T4037] should_fail+0x23c/0x250 [ 117.618992][ T4037] ? __list_lru_init+0x352/0x6d0 [ 117.624025][ T4037] __should_failslab+0x81/0x90 [ 117.628776][ T4037] should_failslab+0x5/0x20 [ 117.633313][ T4037] kmem_cache_alloc_trace+0x52/0x350 [ 117.638584][ T4037] ? __list_lru_init+0x352/0x6d0 [ 117.643512][ T4037] __list_lru_init+0x352/0x6d0 [ 117.648269][ T4037] alloc_super+0x490/0x520 [ 117.652673][ T4037] ? mount_bdev+0x290/0x290 [ 117.657230][ T4037] sget+0x189/0x370 [ 117.661261][ T4037] ? test_bdev_super+0x30/0x30 [ 117.666017][ T4037] mount_bdev+0xd3/0x290 [ 117.670255][ T4037] ? msdos_mount+0x40/0x40 [ 117.674680][ T4037] ? tsan.module_ctor+0x10/0x10 [ 117.679593][ T4037] msdos_mount+0x2d/0x40 [ 117.683825][ T4037] legacy_get_tree+0x70/0xc0 [ 117.688407][ T4037] vfs_get_tree+0x4a/0x1a0 [ 117.692809][ T4037] path_mount+0x11cf/0x1c40 [ 117.697370][ T4037] ? kmem_cache_free+0x65/0x110 [ 117.702226][ T4037] __se_sys_mount+0x24b/0x2f0 [ 117.706938][ T4037] __x64_sys_mount+0x63/0x70 [ 117.711515][ T4037] do_syscall_64+0x44/0xd0 [ 117.715986][ T4037] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 117.721867][ T4037] RIP: 0033:0x7fbc8e8df3ca [ 117.726303][ T4037] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 117.745922][ T4037] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 117.754417][ T4037] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 117.762391][ T4037] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 117.770350][ T4037] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 117.778310][ T4037] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 117.786350][ T4037] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 117.794489][ T4037] 14:58:04 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 78) [ 117.797505][ T4042] CPU: 0 PID: 4042 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 117.799147][ T4039] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 117.807916][ T4042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.807931][ T4042] Call Trace: [ 117.807937][ T4042] [ 117.807943][ T4042] dump_stack_lvl+0xd6/0x122 [ 117.807968][ T4042] dump_stack+0x11/0x1b [ 117.816895][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 117.824507][ T4042] should_fail+0x23c/0x250 [ 117.824531][ T4042] ? __list_lru_init+0x352/0x6d0 [ 117.824550][ T4042] __should_failslab+0x81/0x90 [ 117.832811][ T4040] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 117.835343][ T4042] should_failslab+0x5/0x20 [ 117.835372][ T4042] kmem_cache_alloc_trace+0x52/0x350 [ 117.877845][ T4042] ? __kmalloc_node+0x30/0x40 [ 117.882549][ T4042] __list_lru_init+0x352/0x6d0 [ 117.887301][ T4042] alloc_super+0x4bf/0x520 [ 117.891708][ T4042] ? mount_bdev+0x290/0x290 [ 117.896263][ T4042] sget+0x189/0x370 [ 117.900064][ T4042] ? test_bdev_super+0x30/0x30 [ 117.904860][ T4042] mount_bdev+0xd3/0x290 [ 117.909095][ T4042] ? msdos_mount+0x40/0x40 [ 117.913510][ T4042] ? tsan.module_ctor+0x10/0x10 [ 117.918407][ T4042] msdos_mount+0x2d/0x40 [ 117.922647][ T4042] legacy_get_tree+0x70/0xc0 [ 117.927237][ T4042] vfs_get_tree+0x4a/0x1a0 [ 117.931642][ T4042] path_mount+0x11cf/0x1c40 [ 117.936141][ T4042] ? kmem_cache_free+0x65/0x110 [ 117.940986][ T4042] __se_sys_mount+0x24b/0x2f0 [ 117.945662][ T4042] ? __this_cpu_preempt_check+0x18/0x20 [ 117.951243][ T4042] __x64_sys_mount+0x63/0x70 [ 117.955833][ T4042] do_syscall_64+0x44/0xd0 [ 117.960311][ T4042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 117.966252][ T4042] RIP: 0033:0x7fbd63e3d3ca [ 117.970670][ T4042] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 117.990303][ T4042] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:58:05 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 117.998720][ T4042] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 118.006684][ T4042] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 118.014779][ T4042] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 118.022748][ T4042] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 118.030962][ T4042] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 118.038930][ T4042] [ 118.043651][ T2047] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012b00)) 14:58:05 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 74) [ 118.063125][ T4044] loop2: detected capacity change from 0 to 264192 14:58:05 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:05 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 79) [ 118.110489][ T4047] FAULT_INJECTION: forcing a failure. [ 118.110489][ T4047] name failslab, interval 1, probability 0, space 0, times 0 [ 118.123162][ T4047] CPU: 0 PID: 4047 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 118.131912][ T4047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.141970][ T4047] Call Trace: [ 118.145246][ T4047] [ 118.148176][ T4047] dump_stack_lvl+0xd6/0x122 [ 118.152768][ T4047] dump_stack+0x11/0x1b [ 118.156930][ T4047] should_fail+0x23c/0x250 [ 118.160091][ T4053] FAULT_INJECTION: forcing a failure. [ 118.160091][ T4053] name failslab, interval 1, probability 0, space 0, times 0 [ 118.161413][ T4047] ? __list_lru_init+0x352/0x6d0 [ 118.178944][ T4047] __should_failslab+0x81/0x90 [ 118.183739][ T4047] should_failslab+0x5/0x20 [ 118.188293][ T4047] kmem_cache_alloc_trace+0x52/0x350 [ 118.193566][ T4047] ? __list_lru_init+0x352/0x6d0 [ 118.198619][ T4047] __list_lru_init+0x352/0x6d0 [ 118.203374][ T4047] alloc_super+0x490/0x520 [ 118.207825][ T4047] ? mount_bdev+0x290/0x290 [ 118.212314][ T4047] sget+0x189/0x370 [ 118.216111][ T4047] ? test_bdev_super+0x30/0x30 [ 118.220867][ T4047] mount_bdev+0xd3/0x290 [ 118.225108][ T4047] ? msdos_mount+0x40/0x40 [ 118.229520][ T4047] ? tsan.module_ctor+0x10/0x10 [ 118.234366][ T4047] msdos_mount+0x2d/0x40 [ 118.238609][ T4047] legacy_get_tree+0x70/0xc0 [ 118.243182][ T4047] vfs_get_tree+0x4a/0x1a0 [ 118.247598][ T4047] path_mount+0x11cf/0x1c40 [ 118.252138][ T4047] ? kmem_cache_free+0x65/0x110 [ 118.256976][ T4047] __se_sys_mount+0x24b/0x2f0 [ 118.261660][ T4047] __x64_sys_mount+0x63/0x70 [ 118.266238][ T4047] do_syscall_64+0x44/0xd0 [ 118.270710][ T4047] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.276594][ T4047] RIP: 0033:0x7fbc8e8df3ca [ 118.280999][ T4047] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.300692][ T4047] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 118.309203][ T4047] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 118.317184][ T4047] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 118.325207][ T4047] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 118.333164][ T4047] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 118.341144][ T4047] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 118.349106][ T4047] [ 118.352107][ T4053] CPU: 1 PID: 4053 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 14:58:05 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b", 0x65, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 118.360884][ T4053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.362442][ T4054] loop0: detected capacity change from 0 to 4 [ 118.371080][ T4053] Call Trace: [ 118.371089][ T4053] [ 118.378676][ T4052] loop2: detected capacity change from 0 to 264192 [ 118.380394][ T4053] dump_stack_lvl+0xd6/0x122 [ 118.386347][ T4054] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 118.389810][ T4053] dump_stack+0x11/0x1b [ 118.397535][ T4048] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 118.400938][ T4053] should_fail+0x23c/0x250 [ 118.400963][ T4053] ? __list_lru_init+0x352/0x6d0 [ 118.400981][ T4053] __should_failslab+0x81/0x90 [ 118.408486][ T4056] loop1: detected capacity change from 0 to 1024 [ 118.411607][ T4053] should_failslab+0x5/0x20 [ 118.417031][ T4056] EXT4-fs (loop1): fragment/cluster size (16384) != block size (1024) [ 118.420966][ T4053] kmem_cache_alloc_trace+0x52/0x350 [ 118.420993][ T4053] ? __list_lru_init+0x352/0x6d0 [ 118.421013][ T4053] __list_lru_init+0x352/0x6d0 [ 118.459891][ T4053] alloc_super+0x4bf/0x520 [ 118.464322][ T4053] ? mount_bdev+0x290/0x290 [ 118.468811][ T4053] sget+0x189/0x370 [ 118.472684][ T4053] ? test_bdev_super+0x30/0x30 [ 118.477484][ T4053] mount_bdev+0xd3/0x290 [ 118.481769][ T4053] ? msdos_mount+0x40/0x40 [ 118.486166][ T4053] ? tsan.module_ctor+0x10/0x10 [ 118.491040][ T4053] msdos_mount+0x2d/0x40 [ 118.495285][ T4053] legacy_get_tree+0x70/0xc0 [ 118.499883][ T4053] vfs_get_tree+0x4a/0x1a0 [ 118.504295][ T4053] path_mount+0x11cf/0x1c40 [ 118.508780][ T4053] ? kmem_cache_free+0x65/0x110 [ 118.513616][ T4053] __se_sys_mount+0x24b/0x2f0 [ 118.518350][ T4053] ? __this_cpu_preempt_check+0x18/0x20 [ 118.523892][ T4053] __x64_sys_mount+0x63/0x70 [ 118.528478][ T4053] do_syscall_64+0x44/0xd0 [ 118.532971][ T4053] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.538990][ T4053] RIP: 0033:0x7fbd63e3d3ca [ 118.544216][ T4053] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.563802][ T4053] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 118.572223][ T4053] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 118.580247][ T4053] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 118.588218][ T4053] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 118.596192][ T4053] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 118.604150][ T4053] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 14:58:05 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:05 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 75) [ 118.612120][ T4053] 14:58:05 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000012b00)) 14:58:05 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 80) 14:58:05 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 118.648419][ T4059] loop2: detected capacity change from 0 to 264192 [ 118.660298][ T4060] FAULT_INJECTION: forcing a failure. [ 118.660298][ T4060] name failslab, interval 1, probability 0, space 0, times 0 [ 118.673010][ T4060] CPU: 0 PID: 4060 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 118.681714][ T4060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.691777][ T4060] Call Trace: [ 118.695053][ T4060] 14:58:05 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 118.698016][ T4060] dump_stack_lvl+0xd6/0x122 [ 118.702612][ T4060] dump_stack+0x11/0x1b [ 118.706155][ T4065] loop1: detected capacity change from 0 to 1024 [ 118.706776][ T4060] should_fail+0x23c/0x250 [ 118.706800][ T4060] ? __list_lru_init+0x70/0x6d0 [ 118.714351][ T4065] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 118.717504][ T4060] __should_failslab+0x81/0x90 [ 118.717532][ T4060] should_failslab+0x5/0x20 [ 118.738110][ T4060] __kmalloc+0x6f/0x370 [ 118.740149][ T4066] loop0: detected capacity change from 0 to 4 [ 118.742271][ T4060] ? __list_lru_init+0x352/0x6d0 [ 118.742295][ T4060] __list_lru_init+0x70/0x6d0 [ 118.750288][ T4066] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 118.753301][ T4060] alloc_super+0x4bf/0x520 [ 118.753327][ T4060] ? mount_bdev+0x290/0x290 [ 118.753345][ T4060] sget+0x189/0x370 [ 118.760072][ T4067] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 118.764495][ T4060] ? test_bdev_super+0x30/0x30 [ 118.764523][ T4060] mount_bdev+0xd3/0x290 [ 118.764540][ T4060] ? msdos_mount+0x40/0x40 [ 118.764562][ T4060] ? tsan.module_ctor+0x10/0x10 [ 118.771227][ T4068] FAULT_INJECTION: forcing a failure. [ 118.771227][ T4068] name failslab, interval 1, probability 0, space 0, times 0 [ 118.773506][ T4060] msdos_mount+0x2d/0x40 [ 118.773531][ T4060] legacy_get_tree+0x70/0xc0 [ 118.773550][ T4060] vfs_get_tree+0x4a/0x1a0 [ 118.828008][ T4060] path_mount+0x11cf/0x1c40 [ 118.832582][ T4060] ? kmem_cache_free+0x65/0x110 [ 118.837493][ T4060] __se_sys_mount+0x24b/0x2f0 [ 118.842174][ T4060] __x64_sys_mount+0x63/0x70 [ 118.846812][ T4060] do_syscall_64+0x44/0xd0 [ 118.851259][ T4060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.857181][ T4060] RIP: 0033:0x7fbc8e8df3ca [ 118.861647][ T4060] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.881301][ T4060] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 118.889696][ T4060] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 118.897716][ T4060] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 118.905676][ T4060] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 118.913647][ T4060] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 118.921603][ T4060] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 118.929598][ T4060] [ 118.932604][ T4068] CPU: 1 PID: 4068 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 118.941284][ T4068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.951341][ T4068] Call Trace: [ 118.954630][ T4068] [ 118.957550][ T4068] dump_stack_lvl+0xd6/0x122 [ 118.962162][ T4068] dump_stack+0x11/0x1b [ 118.966298][ T4068] should_fail+0x23c/0x250 [ 118.970743][ T4068] ? __list_lru_init+0x352/0x6d0 [ 118.975675][ T4068] __should_failslab+0x81/0x90 [ 118.980447][ T4068] should_failslab+0x5/0x20 [ 118.984973][ T4068] kmem_cache_alloc_trace+0x52/0x350 [ 118.990256][ T4068] ? __list_lru_init+0x352/0x6d0 [ 118.995187][ T4068] __list_lru_init+0x352/0x6d0 [ 118.999931][ T4068] alloc_super+0x4bf/0x520 [ 119.004330][ T4068] ? mount_bdev+0x290/0x290 [ 119.008828][ T4068] sget+0x189/0x370 [ 119.012625][ T4068] ? test_bdev_super+0x30/0x30 [ 119.017589][ T4068] mount_bdev+0xd3/0x290 [ 119.021863][ T4068] ? msdos_mount+0x40/0x40 [ 119.026272][ T4068] ? tsan.module_ctor+0x10/0x10 [ 119.031113][ T4068] msdos_mount+0x2d/0x40 [ 119.035338][ T4068] legacy_get_tree+0x70/0xc0 [ 119.039913][ T4068] vfs_get_tree+0x4a/0x1a0 [ 119.044398][ T4068] path_mount+0x11cf/0x1c40 [ 119.048924][ T4068] ? kmem_cache_free+0x65/0x110 [ 119.053760][ T4068] __se_sys_mount+0x24b/0x2f0 [ 119.058467][ T4068] ? __this_cpu_preempt_check+0x18/0x20 [ 119.064037][ T4068] __x64_sys_mount+0x63/0x70 [ 119.068630][ T4068] do_syscall_64+0x44/0xd0 [ 119.073107][ T4068] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.079143][ T4068] RIP: 0033:0x7fbd63e3d3ca [ 119.083550][ T4068] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.103153][ T4068] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 119.111549][ T4068] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 119.119503][ T4068] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 119.127475][ T4068] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 119.135568][ T4068] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:06 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 81) 14:58:06 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 76) [ 119.143582][ T4068] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 119.151569][ T4068] [ 119.155796][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 119.196795][ T4071] loop2: detected capacity change from 0 to 264192 [ 119.201271][ T4072] FAULT_INJECTION: forcing a failure. [ 119.201271][ T4072] name failslab, interval 1, probability 0, space 0, times 0 [ 119.215961][ T4072] CPU: 1 PID: 4072 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 119.220395][ T4074] FAULT_INJECTION: forcing a failure. [ 119.220395][ T4074] name failslab, interval 1, probability 0, space 0, times 0 [ 119.224698][ T4072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.224713][ T4072] Call Trace: [ 119.224720][ T4072] [ 119.224727][ T4072] dump_stack_lvl+0xd6/0x122 [ 119.224752][ T4072] dump_stack+0x11/0x1b [ 119.224771][ T4072] should_fail+0x23c/0x250 [ 119.266714][ T4072] ? __list_lru_init+0x352/0x6d0 [ 119.271644][ T4072] __should_failslab+0x81/0x90 [ 119.276432][ T4072] should_failslab+0x5/0x20 [ 119.280919][ T4072] kmem_cache_alloc_trace+0x52/0x350 [ 119.286235][ T4072] ? __list_lru_init+0x352/0x6d0 [ 119.291168][ T4072] __list_lru_init+0x352/0x6d0 [ 119.295936][ T4072] alloc_super+0x4bf/0x520 [ 119.300401][ T4072] ? mount_bdev+0x290/0x290 [ 119.304918][ T4072] sget+0x189/0x370 [ 119.308742][ T4072] ? test_bdev_super+0x30/0x30 [ 119.313491][ T4072] mount_bdev+0xd3/0x290 [ 119.317772][ T4072] ? msdos_mount+0x40/0x40 [ 119.322195][ T4072] ? tsan.module_ctor+0x10/0x10 [ 119.327108][ T4072] msdos_mount+0x2d/0x40 [ 119.331337][ T4072] legacy_get_tree+0x70/0xc0 [ 119.335933][ T4072] vfs_get_tree+0x4a/0x1a0 [ 119.340432][ T4072] path_mount+0x11cf/0x1c40 [ 119.346481][ T4072] ? kmem_cache_free+0x65/0x110 [ 119.351387][ T4072] __se_sys_mount+0x24b/0x2f0 [ 119.356066][ T4072] ? __this_cpu_preempt_check+0x18/0x20 [ 119.361603][ T4072] __x64_sys_mount+0x63/0x70 [ 119.366248][ T4072] do_syscall_64+0x44/0xd0 [ 119.370679][ T4072] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.376559][ T4072] RIP: 0033:0x7fbd63e3d3ca [ 119.380973][ T4072] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.400578][ T4072] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 119.408972][ T4072] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 119.417409][ T4072] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 119.425365][ T4072] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 119.433448][ T4072] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:06 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:06 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef0100010000", 0x3f, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012b00)) [ 119.441404][ T4072] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 119.449359][ T4072] [ 119.452367][ T4074] CPU: 0 PID: 4074 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 119.461047][ T4074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.471166][ T4074] Call Trace: [ 119.474440][ T4074] [ 119.477369][ T4074] dump_stack_lvl+0xd6/0x122 [ 119.481983][ T4074] dump_stack+0x11/0x1b [ 119.486203][ T4074] should_fail+0x23c/0x250 [ 119.490620][ T4074] ? __list_lru_init+0x70/0x6d0 [ 119.495476][ T4074] __should_failslab+0x81/0x90 [ 119.496726][ T4076] loop1: detected capacity change from 0 to 1024 [ 119.500269][ T4074] should_failslab+0x5/0x20 [ 119.500296][ T4074] __kmalloc+0x6f/0x370 [ 119.507933][ T4076] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 119.511135][ T4074] ? __list_lru_init+0x352/0x6d0 [ 119.511160][ T4074] __list_lru_init+0x70/0x6d0 [ 119.521938][ T4079] loop5: detected capacity change from 0 to 4 [ 119.522246][ T4074] alloc_super+0x4bf/0x520 [ 119.528022][ T4079] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 119.531810][ T4074] ? mount_bdev+0x290/0x290 [ 119.531861][ T4074] sget+0x189/0x370 [ 119.531885][ T4074] ? test_bdev_super+0x30/0x30 [ 119.539920][ T4080] loop0: detected capacity change from 0 to 4 [ 119.542327][ T4074] mount_bdev+0xd3/0x290 [ 119.542351][ T4074] ? msdos_mount+0x40/0x40 [ 119.542373][ T4074] ? tsan.module_ctor+0x10/0x10 [ 119.549798][ T4080] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 119.553353][ T4074] msdos_mount+0x2d/0x40 [ 119.553408][ T4074] legacy_get_tree+0x70/0xc0 [ 119.553426][ T4074] vfs_get_tree+0x4a/0x1a0 [ 119.602732][ T4074] path_mount+0x11cf/0x1c40 [ 119.607218][ T4074] ? kmem_cache_free+0x65/0x110 [ 119.612179][ T4074] __se_sys_mount+0x24b/0x2f0 [ 119.616928][ T4074] __x64_sys_mount+0x63/0x70 [ 119.621586][ T4074] do_syscall_64+0x44/0xd0 [ 119.626142][ T4074] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.632054][ T4074] RIP: 0033:0x7fbc8e8df3ca [ 119.636467][ T4074] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.656201][ T4074] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 119.664769][ T4074] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 119.672723][ T4074] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 119.680753][ T4074] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 119.688710][ T4074] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:06 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:06 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:06 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:07 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 77) [ 119.696664][ T4074] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 119.704654][ T4074] [ 119.736324][ T4082] loop2: detected capacity change from 0 to 264192 14:58:07 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 82) 14:58:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012b00)) [ 119.774996][ T4085] loop1: detected capacity change from 0 to 1024 [ 119.784259][ T4087] FAULT_INJECTION: forcing a failure. [ 119.784259][ T4087] name failslab, interval 1, probability 0, space 0, times 0 [ 119.785949][ T4088] loop0: detected capacity change from 0 to 4 [ 119.796920][ T4087] CPU: 0 PID: 4087 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 119.811641][ T4087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.821244][ T4091] loop5: detected capacity change from 0 to 4 [ 119.821693][ T4087] Call Trace: [ 119.821706][ T4087] [ 119.821713][ T4087] dump_stack_lvl+0xd6/0x122 [ 119.838563][ T4087] dump_stack+0x11/0x1b [ 119.842794][ T4087] should_fail+0x23c/0x250 [ 119.847223][ T4087] ? __list_lru_init+0x352/0x6d0 [ 119.852207][ T4087] __should_failslab+0x81/0x90 [ 119.856979][ T4087] should_failslab+0x5/0x20 [ 119.861490][ T4087] kmem_cache_alloc_trace+0x52/0x350 [ 119.866813][ T4087] ? __kmalloc_node+0x30/0x40 [ 119.871486][ T4087] __list_lru_init+0x352/0x6d0 [ 119.876407][ T4087] alloc_super+0x4bf/0x520 [ 119.880820][ T4087] ? mount_bdev+0x290/0x290 [ 119.885421][ T4087] sget+0x189/0x370 [ 119.889296][ T4087] ? test_bdev_super+0x30/0x30 [ 119.894049][ T4087] mount_bdev+0xd3/0x290 [ 119.898284][ T4087] ? msdos_mount+0x40/0x40 [ 119.902767][ T4087] ? tsan.module_ctor+0x10/0x10 [ 119.907609][ T4087] msdos_mount+0x2d/0x40 [ 119.911841][ T4087] legacy_get_tree+0x70/0xc0 [ 119.916421][ T4087] vfs_get_tree+0x4a/0x1a0 [ 119.920824][ T4087] path_mount+0x11cf/0x1c40 [ 119.925315][ T4087] ? kmem_cache_free+0x65/0x110 [ 119.930177][ T4087] __se_sys_mount+0x24b/0x2f0 [ 119.934883][ T4087] __x64_sys_mount+0x63/0x70 [ 119.939529][ T4087] do_syscall_64+0x44/0xd0 [ 119.943938][ T4087] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.949874][ T4087] RIP: 0033:0x7fbc8e8df3ca [ 119.954273][ T4087] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.973895][ T4087] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 119.982292][ T4087] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 119.990303][ T4087] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 119.998264][ T4087] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 120.006285][ T4087] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 120.014238][ T4087] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 120.022206][ T4087] 14:58:07 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 120.026633][ T4091] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 120.033308][ T4088] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 120.038493][ T4092] FAULT_INJECTION: forcing a failure. [ 120.038493][ T4092] name failslab, interval 1, probability 0, space 0, times 0 [ 120.050191][ T4085] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 120.054068][ T4092] CPU: 0 PID: 4092 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 120.066602][ T4094] loop2: detected capacity change from 0 to 264192 [ 120.069232][ T4092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.069245][ T4092] Call Trace: [ 120.069252][ T4092] [ 120.069259][ T4092] dump_stack_lvl+0xd6/0x122 [ 120.096575][ T4092] dump_stack+0x11/0x1b [ 120.100811][ T4092] should_fail+0x23c/0x250 [ 120.105219][ T4092] ? __list_lru_init+0x352/0x6d0 [ 120.110136][ T4092] __should_failslab+0x81/0x90 [ 120.114909][ T4092] should_failslab+0x5/0x20 [ 120.119455][ T4092] kmem_cache_alloc_trace+0x52/0x350 [ 120.124746][ T4092] ? __list_lru_init+0x352/0x6d0 [ 120.129661][ T4092] __list_lru_init+0x352/0x6d0 [ 120.134480][ T4092] alloc_super+0x4bf/0x520 [ 120.139062][ T4092] ? mount_bdev+0x290/0x290 [ 120.143564][ T4092] sget+0x189/0x370 [ 120.147350][ T4092] ? test_bdev_super+0x30/0x30 [ 120.152096][ T4092] mount_bdev+0xd3/0x290 [ 120.156333][ T4092] ? msdos_mount+0x40/0x40 [ 120.160794][ T4092] ? tsan.module_ctor+0x10/0x10 [ 120.165675][ T4092] msdos_mount+0x2d/0x40 [ 120.169902][ T4092] legacy_get_tree+0x70/0xc0 [ 120.174477][ T4092] vfs_get_tree+0x4a/0x1a0 [ 120.178957][ T4092] path_mount+0x11cf/0x1c40 [ 120.183436][ T4092] ? kmem_cache_free+0x65/0x110 [ 120.188350][ T4092] __se_sys_mount+0x24b/0x2f0 [ 120.193108][ T4092] __x64_sys_mount+0x63/0x70 [ 120.197691][ T4092] do_syscall_64+0x44/0xd0 [ 120.202104][ T4092] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 120.208062][ T4092] RIP: 0033:0x7fbd63e3d3ca [ 120.212465][ T4092] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.232092][ T4092] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 120.240484][ T4092] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 120.248501][ T4092] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 120.256587][ T4092] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 120.264543][ T4092] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:07 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f01", 0x35, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:07 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 78) [ 120.272599][ T4092] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 120.280584][ T4092] [ 120.284276][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:07 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x11000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:07 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, 0x0) 14:58:07 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 83) [ 120.318995][ T4097] loop0: detected capacity change from 0 to 4 [ 120.342967][ T4098] FAULT_INJECTION: forcing a failure. [ 120.342967][ T4098] name failslab, interval 1, probability 0, space 0, times 0 [ 120.347680][ T4102] loop5: detected capacity change from 0 to 4 [ 120.355616][ T4098] CPU: 1 PID: 4098 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 120.362627][ T4103] loop2: detected capacity change from 0 to 264192 [ 120.370306][ T4098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.387431][ T4098] Call Trace: [ 120.390718][ T4098] [ 120.393647][ T4098] dump_stack_lvl+0xd6/0x122 [ 120.398260][ T4098] dump_stack+0x11/0x1b [ 120.398886][ T4097] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 120.402412][ T4098] should_fail+0x23c/0x250 [ 120.402433][ T4098] ? __list_lru_init+0x352/0x6d0 [ 120.409075][ T4102] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 120.413319][ T4098] __should_failslab+0x81/0x90 [ 120.421880][ T4105] FAULT_INJECTION: forcing a failure. [ 120.421880][ T4105] name failslab, interval 1, probability 0, space 0, times 0 [ 120.424752][ T4098] should_failslab+0x5/0x20 [ 120.446524][ T4098] kmem_cache_alloc_trace+0x52/0x350 [ 120.451826][ T4098] ? __kmalloc_node+0x30/0x40 [ 120.456490][ T4098] __list_lru_init+0x352/0x6d0 [ 120.461249][ T4098] alloc_super+0x4bf/0x520 [ 120.465720][ T4098] ? mount_bdev+0x290/0x290 [ 120.470210][ T4098] sget+0x189/0x370 [ 120.474008][ T4098] ? test_bdev_super+0x30/0x30 [ 120.478754][ T4098] mount_bdev+0xd3/0x290 [ 120.483014][ T4098] ? msdos_mount+0x40/0x40 [ 120.487451][ T4098] ? tsan.module_ctor+0x10/0x10 [ 120.492405][ T4098] msdos_mount+0x2d/0x40 [ 120.496629][ T4098] legacy_get_tree+0x70/0xc0 [ 120.501203][ T4098] vfs_get_tree+0x4a/0x1a0 [ 120.505649][ T4098] path_mount+0x11cf/0x1c40 [ 120.510285][ T4098] ? kmem_cache_free+0x65/0x110 [ 120.515120][ T4098] __se_sys_mount+0x24b/0x2f0 [ 120.519909][ T4098] __x64_sys_mount+0x63/0x70 [ 120.524546][ T4098] do_syscall_64+0x44/0xd0 [ 120.529017][ T4098] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 120.534899][ T4098] RIP: 0033:0x7fbc8e8df3ca [ 120.539352][ T4098] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.559161][ T4098] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 120.567642][ T4098] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 120.575596][ T4098] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 120.583550][ T4098] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 120.591591][ T4098] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 120.599635][ T4098] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 120.607601][ T4098] [ 120.610663][ T4105] CPU: 0 PID: 4105 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 120.613118][ T4106] loop1: detected capacity change from 0 to 1024 [ 120.619377][ T4105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.619392][ T4105] Call Trace: [ 120.619398][ T4105] [ 120.619405][ T4105] dump_stack_lvl+0xd6/0x122 [ 120.646656][ T4105] dump_stack+0x11/0x1b [ 120.650868][ T4105] should_fail+0x23c/0x250 [ 120.655274][ T4105] ? __list_lru_init+0x352/0x6d0 [ 120.660195][ T4105] __should_failslab+0x81/0x90 [ 120.664946][ T4105] should_failslab+0x5/0x20 [ 120.669430][ T4105] kmem_cache_alloc_trace+0x52/0x350 [ 120.674775][ T4105] ? __list_lru_init+0x352/0x6d0 [ 120.679688][ T4105] __list_lru_init+0x352/0x6d0 [ 120.684486][ T4105] alloc_super+0x4bf/0x520 [ 120.688878][ T4105] ? mount_bdev+0x290/0x290 [ 120.693392][ T4105] sget+0x189/0x370 [ 120.697182][ T4105] ? test_bdev_super+0x30/0x30 [ 120.701933][ T4105] mount_bdev+0xd3/0x290 [ 120.706170][ T4105] ? msdos_mount+0x40/0x40 [ 120.710588][ T4105] ? tsan.module_ctor+0x10/0x10 [ 120.715429][ T4105] msdos_mount+0x2d/0x40 [ 120.719775][ T4105] legacy_get_tree+0x70/0xc0 [ 120.724344][ T4105] vfs_get_tree+0x4a/0x1a0 [ 120.728739][ T4105] path_mount+0x11cf/0x1c40 [ 120.733223][ T4105] ? kmem_cache_free+0x65/0x110 [ 120.738111][ T4105] __se_sys_mount+0x24b/0x2f0 [ 120.742773][ T4105] __x64_sys_mount+0x63/0x70 [ 120.747382][ T4105] do_syscall_64+0x44/0xd0 [ 120.751796][ T4105] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 120.757672][ T4105] RIP: 0033:0x7fbd63e3d3ca [ 120.762071][ T4105] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.781732][ T4105] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 120.790143][ T4105] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 120.798119][ T4105] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 120.806074][ T4105] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 14:58:08 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, 0x0) 14:58:08 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 79) 14:58:08 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 84) [ 120.814032][ T4105] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 120.822009][ T4105] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 120.830073][ T4105] [ 120.837097][ T2047] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:08 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x12000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 120.889344][ T4111] loop2: detected capacity change from 0 to 264192 [ 120.893601][ T4112] loop1: detected capacity change from 0 to 1024 [ 120.896719][ T4108] FAULT_INJECTION: forcing a failure. [ 120.896719][ T4108] name failslab, interval 1, probability 0, space 0, times 0 [ 120.914882][ T4108] CPU: 1 PID: 4108 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 120.923628][ T4108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.933683][ T4108] Call Trace: [ 120.937118][ T4108] [ 120.940044][ T4108] dump_stack_lvl+0xd6/0x122 [ 120.944681][ T4108] dump_stack+0x11/0x1b [ 120.946900][ T4115] FAULT_INJECTION: forcing a failure. [ 120.946900][ T4115] name failslab, interval 1, probability 0, space 0, times 0 [ 120.948835][ T4108] should_fail+0x23c/0x250 [ 120.948858][ T4108] ? __list_lru_init+0x352/0x6d0 [ 120.971488][ T4108] __should_failslab+0x81/0x90 [ 120.976246][ T4108] should_failslab+0x5/0x20 [ 120.980736][ T4108] kmem_cache_alloc_trace+0x52/0x350 [ 120.986031][ T4108] ? __list_lru_init+0x352/0x6d0 [ 120.990999][ T4108] __list_lru_init+0x352/0x6d0 [ 120.995788][ T4108] alloc_super+0x4bf/0x520 [ 121.000186][ T4108] ? mount_bdev+0x290/0x290 [ 121.004728][ T4108] sget+0x189/0x370 [ 121.008519][ T4108] ? test_bdev_super+0x30/0x30 [ 121.013338][ T4108] mount_bdev+0xd3/0x290 [ 121.017569][ T4108] ? msdos_mount+0x40/0x40 [ 121.021971][ T4108] ? tsan.module_ctor+0x10/0x10 [ 121.026850][ T4108] msdos_mount+0x2d/0x40 [ 121.031087][ T4108] legacy_get_tree+0x70/0xc0 [ 121.035660][ T4108] vfs_get_tree+0x4a/0x1a0 [ 121.040076][ T4108] path_mount+0x11cf/0x1c40 [ 121.044565][ T4108] ? kmem_cache_free+0x65/0x110 [ 121.049521][ T4108] __se_sys_mount+0x24b/0x2f0 [ 121.054198][ T4108] __x64_sys_mount+0x63/0x70 [ 121.058769][ T4108] do_syscall_64+0x44/0xd0 [ 121.063249][ T4108] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 121.069207][ T4108] RIP: 0033:0x7fbc8e8df3ca [ 121.073660][ T4108] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.093247][ T4108] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.101640][ T4108] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 121.109594][ T4108] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 121.117643][ T4108] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 121.125667][ T4108] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f01", 0x35, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012b00)) [ 121.133620][ T4108] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 121.141604][ T4108] [ 121.144630][ T4115] CPU: 0 PID: 4115 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 121.153355][ T4115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.155080][ T4116] loop0: detected capacity change from 0 to 4 [ 121.163585][ T4115] Call Trace: [ 121.173051][ T4115] [ 121.175124][ T4118] loop5: detected capacity change from 0 to 4 [ 121.176037][ T4115] dump_stack_lvl+0xd6/0x122 [ 121.182896][ T4116] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 121.186677][ T4115] dump_stack+0x11/0x1b [ 121.193625][ T4118] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 121.197314][ T4115] should_fail+0x23c/0x250 [ 121.197337][ T4115] ? __list_lru_init+0x352/0x6d0 [ 121.213225][ T4115] __should_failslab+0x81/0x90 [ 121.218207][ T4115] should_failslab+0x5/0x20 [ 121.222753][ T4115] kmem_cache_alloc_trace+0x52/0x350 [ 121.228088][ T4115] ? __list_lru_init+0x352/0x6d0 [ 121.233077][ T4115] __list_lru_init+0x352/0x6d0 [ 121.237819][ T4115] alloc_super+0x4bf/0x520 [ 121.242270][ T4115] ? mount_bdev+0x290/0x290 [ 121.246747][ T4115] sget+0x189/0x370 [ 121.250538][ T4115] ? test_bdev_super+0x30/0x30 [ 121.255482][ T4115] mount_bdev+0xd3/0x290 [ 121.259720][ T4115] ? msdos_mount+0x40/0x40 [ 121.264139][ T4115] ? tsan.module_ctor+0x10/0x10 [ 121.269028][ T4115] msdos_mount+0x2d/0x40 [ 121.273321][ T4115] legacy_get_tree+0x70/0xc0 [ 121.277891][ T4115] vfs_get_tree+0x4a/0x1a0 [ 121.282313][ T4115] path_mount+0x11cf/0x1c40 [ 121.286789][ T4115] ? kmem_cache_free+0x65/0x110 [ 121.291621][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 121.291618][ T4115] __se_sys_mount+0x24b/0x2f0 [ 121.291640][ T4115] ? __this_cpu_preempt_check+0x18/0x20 [ 121.309847][ T4115] __x64_sys_mount+0x63/0x70 [ 121.314421][ T4115] do_syscall_64+0x44/0xd0 [ 121.318900][ T4115] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 121.324774][ T4115] RIP: 0033:0x7fbd63e3d3ca [ 121.329210][ T4115] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.348894][ T4115] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.357329][ T4115] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 121.365284][ T4115] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 121.373386][ T4115] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 121.381378][ T4115] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 14:58:08 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 80) 14:58:08 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, 0x0) 14:58:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:08 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 85) 14:58:08 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x20000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:08 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f01", 0x35, 0x400}], 0x0, &(0x7f0000012b00)) [ 121.389367][ T4115] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 121.397325][ T4115] [ 121.402413][ T2047] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 121.447582][ T4120] FAULT_INJECTION: forcing a failure. [ 121.447582][ T4120] name failslab, interval 1, probability 0, space 0, times 0 [ 121.456362][ T4125] FAULT_INJECTION: forcing a failure. [ 121.456362][ T4125] name failslab, interval 1, probability 0, space 0, times 0 [ 121.460229][ T4120] CPU: 0 PID: 4120 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 121.481605][ T4120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.491758][ T4120] Call Trace: [ 121.495128][ T4120] [ 121.498041][ T4120] dump_stack_lvl+0xd6/0x122 [ 121.502795][ T4120] dump_stack+0x11/0x1b [ 121.507008][ T4120] should_fail+0x23c/0x250 [ 121.511405][ T4120] ? __list_lru_init+0x352/0x6d0 [ 121.516403][ T4120] __should_failslab+0x81/0x90 [ 121.521151][ T4120] should_failslab+0x5/0x20 [ 121.525671][ T4120] kmem_cache_alloc_trace+0x52/0x350 [ 121.530938][ T4120] ? __list_lru_init+0x352/0x6d0 [ 121.535861][ T4120] __list_lru_init+0x352/0x6d0 [ 121.540733][ T4120] alloc_super+0x4bf/0x520 [ 121.545160][ T4120] ? mount_bdev+0x290/0x290 [ 121.549646][ T4120] sget+0x189/0x370 [ 121.553668][ T4120] ? test_bdev_super+0x30/0x30 [ 121.558414][ T4120] mount_bdev+0xd3/0x290 [ 121.562670][ T4120] ? msdos_mount+0x40/0x40 [ 121.567069][ T4120] ? tsan.module_ctor+0x10/0x10 [ 121.572036][ T4120] msdos_mount+0x2d/0x40 [ 121.576275][ T4120] legacy_get_tree+0x70/0xc0 [ 121.580851][ T4120] vfs_get_tree+0x4a/0x1a0 [ 121.585329][ T4120] path_mount+0x11cf/0x1c40 [ 121.589820][ T4120] ? kmem_cache_free+0x65/0x110 [ 121.594666][ T4120] __se_sys_mount+0x24b/0x2f0 [ 121.599413][ T4120] __x64_sys_mount+0x63/0x70 [ 121.603999][ T4120] do_syscall_64+0x44/0xd0 [ 121.608410][ T4120] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 121.614295][ T4120] RIP: 0033:0x7fbc8e8df3ca [ 121.618696][ T4120] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.638313][ T4120] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.646720][ T4120] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 121.654677][ T4120] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 121.662708][ T4120] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 121.670749][ T4120] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 121.678704][ T4120] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 121.686660][ T4120] [ 121.689662][ T4125] CPU: 1 PID: 4125 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 121.698297][ T4122] loop0: detected capacity change from 0 to 4 [ 121.698334][ T4125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.714477][ T4125] Call Trace: [ 121.717753][ T4125] [ 121.720669][ T4125] dump_stack_lvl+0xd6/0x122 [ 121.725247][ T4125] dump_stack+0x11/0x1b [ 121.729463][ T4125] should_fail+0x23c/0x250 [ 121.733864][ T4125] ? __list_lru_init+0x352/0x6d0 [ 121.738850][ T4125] __should_failslab+0x81/0x90 [ 121.743634][ T4125] should_failslab+0x5/0x20 [ 121.748195][ T4125] kmem_cache_alloc_trace+0x52/0x350 [ 121.753559][ T4125] ? __list_lru_init+0x352/0x6d0 [ 121.758520][ T4125] __list_lru_init+0x352/0x6d0 [ 121.763274][ T4125] alloc_super+0x4bf/0x520 [ 121.767694][ T4125] ? mount_bdev+0x290/0x290 [ 121.772191][ T4125] sget+0x189/0x370 [ 121.776055][ T4125] ? test_bdev_super+0x30/0x30 [ 121.780814][ T4125] mount_bdev+0xd3/0x290 [ 121.785173][ T4125] ? msdos_mount+0x40/0x40 [ 121.790085][ T4125] ? tsan.module_ctor+0x10/0x10 [ 121.794927][ T4125] msdos_mount+0x2d/0x40 [ 121.799168][ T4125] legacy_get_tree+0x70/0xc0 [ 121.803799][ T4125] vfs_get_tree+0x4a/0x1a0 [ 121.808464][ T4125] path_mount+0x11cf/0x1c40 [ 121.812952][ T4125] ? kmem_cache_free+0x65/0x110 [ 121.817803][ T4125] __se_sys_mount+0x24b/0x2f0 [ 121.822461][ T4125] __x64_sys_mount+0x63/0x70 [ 121.827046][ T4125] do_syscall_64+0x44/0xd0 [ 121.831607][ T4125] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 121.837493][ T4125] RIP: 0033:0x7fbd63e3d3ca [ 121.841892][ T4125] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.861480][ T4125] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 121.869876][ T4125] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca [ 121.877830][ T4125] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 121.885821][ T4125] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 121.893776][ T4125] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 121.901733][ T4125] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 121.909849][ T4125] [ 121.918415][ T4122] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 121.918964][ T4126] loop5: detected capacity change from 0 to 4 [ 121.925501][ T4128] loop2: detected capacity change from 0 to 264192 [ 121.933335][ T4126] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 14:58:09 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x20100000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:09 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 81) 14:58:09 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff", 0x38, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}], 0x0, &(0x7f0000012b00)) [ 122.042264][ T4133] FAULT_INJECTION: forcing a failure. [ 122.042264][ T4133] name failslab, interval 1, probability 0, space 0, times 0 [ 122.051800][ T4136] loop5: detected capacity change from 0 to 4 [ 122.055030][ T4133] CPU: 1 PID: 4133 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 122.061455][ T4131] loop0: detected capacity change from 0 to 4 [ 122.069678][ T4133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.085821][ T4133] Call Trace: [ 122.089101][ T4133] [ 122.092032][ T4133] dump_stack_lvl+0xd6/0x122 [ 122.096630][ T4133] dump_stack+0x11/0x1b [ 122.100793][ T4133] should_fail+0x23c/0x250 [ 122.105285][ T4133] ? __list_lru_init+0x352/0x6d0 [ 122.110265][ T4133] __should_failslab+0x81/0x90 [ 122.115039][ T4133] should_failslab+0x5/0x20 [ 122.119609][ T4133] kmem_cache_alloc_trace+0x52/0x350 [ 122.124924][ T4133] ? __list_lru_init+0x352/0x6d0 [ 122.129942][ T4133] __list_lru_init+0x352/0x6d0 [ 122.134718][ T4133] alloc_super+0x4bf/0x520 [ 122.139205][ T4133] ? mount_bdev+0x290/0x290 [ 122.143778][ T4133] sget+0x189/0x370 [ 122.147727][ T4133] ? test_bdev_super+0x30/0x30 [ 122.152496][ T4133] mount_bdev+0xd3/0x290 [ 122.156750][ T4133] ? msdos_mount+0x40/0x40 [ 122.161253][ T4133] ? tsan.module_ctor+0x10/0x10 [ 122.166113][ T4133] msdos_mount+0x2d/0x40 [ 122.170370][ T4133] legacy_get_tree+0x70/0xc0 [ 122.175048][ T4133] vfs_get_tree+0x4a/0x1a0 [ 122.179478][ T4133] path_mount+0x11cf/0x1c40 [ 122.183986][ T4133] ? kmem_cache_free+0x65/0x110 [ 122.188931][ T4133] __se_sys_mount+0x24b/0x2f0 [ 122.193620][ T4133] __x64_sys_mount+0x63/0x70 [ 122.198284][ T4133] do_syscall_64+0x44/0xd0 [ 122.202805][ T4133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.208707][ T4133] RIP: 0033:0x7fbc8e8df3ca [ 122.213126][ T4133] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.232740][ T4133] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:58:09 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 86) [ 122.241233][ T4133] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 122.249240][ T4133] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 122.257317][ T4133] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 122.265294][ T4133] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 122.273264][ T4133] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 122.281342][ T4133] [ 122.284680][ T4134] loop2: detected capacity change from 0 to 264192 [ 122.298512][ T4131] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 122.304723][ T4138] loop1: detected capacity change from 0 to 1024 [ 122.305161][ T4136] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 122.329483][ T4140] FAULT_INJECTION: forcing a failure. [ 122.329483][ T4140] name failslab, interval 1, probability 0, space 0, times 0 [ 122.342356][ T4140] CPU: 1 PID: 4140 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 122.351059][ T4140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.351601][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.361126][ T4140] Call Trace: [ 122.361148][ T4140] [ 122.377288][ T4140] dump_stack_lvl+0xd6/0x122 [ 122.381944][ T4140] dump_stack+0x11/0x1b [ 122.386109][ T4140] should_fail+0x23c/0x250 [ 122.390532][ T4140] ? __list_lru_init+0x352/0x6d0 [ 122.395500][ T4140] __should_failslab+0x81/0x90 [ 122.400326][ T4140] should_failslab+0x5/0x20 [ 122.404889][ T4140] kmem_cache_alloc_trace+0x52/0x350 [ 122.410205][ T4140] ? __list_lru_init+0x352/0x6d0 [ 122.415189][ T4140] __list_lru_init+0x352/0x6d0 [ 122.419964][ T4140] alloc_super+0x4bf/0x520 [ 122.424576][ T4140] ? mount_bdev+0x290/0x290 [ 122.429085][ T4140] sget+0x189/0x370 [ 122.432905][ T4140] ? test_bdev_super+0x30/0x30 [ 122.437733][ T4140] mount_bdev+0xd3/0x290 [ 122.442059][ T4140] ? msdos_mount+0x40/0x40 [ 122.446484][ T4140] ? tsan.module_ctor+0x10/0x10 [ 122.451426][ T4140] msdos_mount+0x2d/0x40 [ 122.455709][ T4140] legacy_get_tree+0x70/0xc0 [ 122.460404][ T4140] vfs_get_tree+0x4a/0x1a0 [ 122.464834][ T4140] path_mount+0x11cf/0x1c40 [ 122.469393][ T4140] ? kmem_cache_free+0x65/0x110 [ 122.474263][ T4140] __se_sys_mount+0x24b/0x2f0 [ 122.478945][ T4140] ? __this_cpu_preempt_check+0x18/0x20 [ 122.484500][ T4140] __x64_sys_mount+0x63/0x70 [ 122.489136][ T4140] do_syscall_64+0x44/0xd0 [ 122.493567][ T4140] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.499469][ T4140] RIP: 0033:0x7fbd63e3d3ca [ 122.503884][ T4140] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.505730][ T4143] loop2: detected capacity change from 0 to 264192 [ 122.524337][ T4140] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 122.524361][ T4140] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca 14:58:09 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x22000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:09 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 82) 14:58:09 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3f000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:09 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}], 0x0, &(0x7f0000012b00)) [ 122.524373][ T4140] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 122.524385][ T4140] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 122.563813][ T4140] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 122.571788][ T4140] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 122.579771][ T4140] [ 122.584606][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.625673][ T4144] FAULT_INJECTION: forcing a failure. [ 122.625673][ T4144] name failslab, interval 1, probability 0, space 0, times 0 [ 122.638385][ T4144] CPU: 1 PID: 4144 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 122.647062][ T4144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.657274][ T4144] Call Trace: [ 122.660625][ T4144] [ 122.663555][ T4144] dump_stack_lvl+0xd6/0x122 [ 122.668151][ T4144] dump_stack+0x11/0x1b [ 122.668183][ T4150] loop0: detected capacity change from 0 to 4 [ 122.672304][ T4144] should_fail+0x23c/0x250 [ 122.672328][ T4144] ? __list_lru_init+0x352/0x6d0 [ 122.672346][ T4144] __should_failslab+0x81/0x90 [ 122.692465][ T4144] should_failslab+0x5/0x20 [ 122.692743][ T4152] loop5: detected capacity change from 0 to 4 [ 122.697063][ T4144] kmem_cache_alloc_trace+0x52/0x350 [ 122.697090][ T4144] ? __list_lru_init+0x352/0x6d0 [ 122.713309][ T4144] __list_lru_init+0x352/0x6d0 [ 122.718076][ T4144] alloc_super+0x4bf/0x520 [ 122.722493][ T4144] ? mount_bdev+0x290/0x290 [ 122.726999][ T4144] sget+0x189/0x370 [ 122.730809][ T4144] ? test_bdev_super+0x30/0x30 [ 122.735638][ T4144] mount_bdev+0xd3/0x290 [ 122.737693][ T4154] FAULT_INJECTION: forcing a failure. [ 122.737693][ T4154] name failslab, interval 1, probability 0, space 0, times 0 [ 122.739882][ T4144] ? msdos_mount+0x40/0x40 [ 122.756887][ T4144] ? tsan.module_ctor+0x10/0x10 [ 122.761729][ T4144] msdos_mount+0x2d/0x40 [ 122.765961][ T4144] legacy_get_tree+0x70/0xc0 [ 122.770536][ T4144] vfs_get_tree+0x4a/0x1a0 [ 122.774982][ T4144] path_mount+0x11cf/0x1c40 [ 122.779467][ T4144] ? kmem_cache_free+0x65/0x110 [ 122.784302][ T4144] __se_sys_mount+0x24b/0x2f0 [ 122.789047][ T4144] __x64_sys_mount+0x63/0x70 [ 122.793628][ T4144] do_syscall_64+0x44/0xd0 [ 122.798047][ T4144] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.803932][ T4144] RIP: 0033:0x7fbc8e8df3ca [ 122.808418][ T4144] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.828084][ T4144] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 122.836482][ T4144] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 122.844441][ T4144] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 122.852393][ T4144] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 122.860347][ T4144] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 122.868321][ T4144] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 14:58:09 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff", 0x38, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:09 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 1) [ 122.876312][ T4144] [ 122.879314][ T4154] CPU: 0 PID: 4154 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 122.888075][ T4154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.898126][ T4154] Call Trace: [ 122.901404][ T4154] [ 122.904345][ T4154] dump_stack_lvl+0xd6/0x122 [ 122.908938][ T4154] dump_stack+0x11/0x1b [ 122.913114][ T4154] should_fail+0x23c/0x250 [ 122.917597][ T4154] ? __se_sys_memfd_create+0xe9/0x350 [ 122.923038][ T4154] __should_failslab+0x81/0x90 [ 122.927789][ T4154] should_failslab+0x5/0x20 [ 122.932340][ T4154] __kmalloc+0x6f/0x370 [ 122.936481][ T4154] ? strnlen_user+0x137/0x1c0 [ 122.941172][ T4154] __se_sys_memfd_create+0xe9/0x350 [ 122.946429][ T4154] __x64_sys_memfd_create+0x2d/0x40 [ 122.951679][ T4154] do_syscall_64+0x44/0xd0 [ 122.956081][ T4154] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.962092][ T4154] RIP: 0033:0x7f76012cbe99 [ 122.966551][ T4154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.986276][ T4154] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 122.994675][ T4154] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 [ 123.002645][ T4154] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 [ 123.010602][ T4154] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 123.018554][ T4154] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 14:58:10 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 87) 14:58:10 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x40000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 123.026511][ T4154] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 123.034481][ T4154] [ 123.037681][ T4150] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 123.063457][ T4158] FAULT_INJECTION: forcing a failure. [ 123.063457][ T4158] name failslab, interval 1, probability 0, space 0, times 0 [ 123.068501][ T4152] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 123.076122][ T4158] CPU: 0 PID: 4158 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 123.076145][ T4158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 123.076156][ T4158] Call Trace: [ 123.076162][ T4158] [ 123.076169][ T4158] dump_stack_lvl+0xd6/0x122 [ 123.112148][ T4158] dump_stack+0x11/0x1b [ 123.116313][ T4158] should_fail+0x23c/0x250 [ 123.120738][ T4158] ? fat_fill_super+0x88/0x2af0 [ 123.125628][ T4158] __should_failslab+0x81/0x90 [ 123.130392][ T4158] should_failslab+0x5/0x20 [ 123.134949][ T4158] kmem_cache_alloc_trace+0x52/0x350 [ 123.140237][ T4158] ? string+0x1f9/0x210 [ 123.144411][ T4158] ? msdos_fill_super+0x30/0x30 [ 123.149274][ T4158] fat_fill_super+0x88/0x2af0 [ 123.154110][ T4158] ? pointer+0x5aa/0x830 [ 123.158393][ T4158] ? format_decode+0x60b/0x8a0 [ 123.163210][ T4158] ? vsnprintf+0xe8f/0xed0 [ 123.167635][ T4158] ? snprintf+0x83/0xb0 [ 123.171791][ T4158] ? set_blocksize+0x197/0x270 [ 123.176655][ T4158] msdos_fill_super+0x29/0x30 [ 123.181342][ T4158] mount_bdev+0x1e8/0x290 [ 123.185678][ T4158] ? msdos_mount+0x40/0x40 [ 123.190116][ T4158] ? tsan.module_ctor+0x10/0x10 [ 123.195050][ T4158] msdos_mount+0x2d/0x40 [ 123.199370][ T4158] legacy_get_tree+0x70/0xc0 [ 123.204066][ T4158] vfs_get_tree+0x4a/0x1a0 [ 123.208487][ T4158] path_mount+0x11cf/0x1c40 [ 123.213067][ T4158] ? kmem_cache_free+0x65/0x110 [ 123.217978][ T4158] __se_sys_mount+0x24b/0x2f0 [ 123.222704][ T4158] __x64_sys_mount+0x63/0x70 [ 123.227294][ T4158] do_syscall_64+0x44/0xd0 [ 123.231713][ T4158] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.237636][ T4158] RIP: 0033:0x7fbd63e3d3ca [ 123.242049][ T4158] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.261683][ T4158] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 123.270098][ T4158] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3d3ca 14:58:10 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 83) 14:58:10 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 2) [ 123.278077][ T4158] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbd62fb1fe0 [ 123.286053][ T4158] RBP: 00007fbd62fb2020 R08: 00007fbd62fb2020 R09: 0000000020000000 [ 123.294026][ T4158] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 123.301993][ T4158] R13: 0000000020000040 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 123.310050][ T4158] [ 123.316185][ T4157] loop2: detected capacity change from 0 to 264192 [ 123.320929][ T4161] FAULT_INJECTION: forcing a failure. [ 123.320929][ T4161] name failslab, interval 1, probability 0, space 0, times 0 [ 123.327934][ T4162] FAULT_INJECTION: forcing a failure. [ 123.327934][ T4162] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.335708][ T4161] CPU: 1 PID: 4161 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 123.357355][ T4161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 123.367396][ T4161] Call Trace: [ 123.370658][ T4161] [ 123.373618][ T4161] dump_stack_lvl+0xd6/0x122 [ 123.378330][ T4161] dump_stack+0x11/0x1b [ 123.382471][ T4161] should_fail+0x23c/0x250 [ 123.386875][ T4161] ? __list_lru_init+0x352/0x6d0 [ 123.391817][ T4161] __should_failslab+0x81/0x90 [ 123.396593][ T4161] should_failslab+0x5/0x20 [ 123.401204][ T4161] kmem_cache_alloc_trace+0x52/0x350 [ 123.406481][ T4161] ? __list_lru_init+0x352/0x6d0 [ 123.411508][ T4161] __list_lru_init+0x352/0x6d0 [ 123.416259][ T4161] alloc_super+0x4bf/0x520 [ 123.420660][ T4161] ? mount_bdev+0x290/0x290 [ 123.425147][ T4161] sget+0x189/0x370 [ 123.428979][ T4161] ? test_bdev_super+0x30/0x30 [ 123.433731][ T4161] mount_bdev+0xd3/0x290 [ 123.438040][ T4161] ? msdos_mount+0x40/0x40 [ 123.442509][ T4161] ? tsan.module_ctor+0x10/0x10 [ 123.447450][ T4161] msdos_mount+0x2d/0x40 [ 123.451741][ T4161] legacy_get_tree+0x70/0xc0 [ 123.456318][ T4161] vfs_get_tree+0x4a/0x1a0 [ 123.460759][ T4161] path_mount+0x11cf/0x1c40 [ 123.465248][ T4161] ? kmem_cache_free+0x65/0x110 [ 123.470156][ T4161] __se_sys_mount+0x24b/0x2f0 [ 123.474867][ T4161] __x64_sys_mount+0x63/0x70 [ 123.479487][ T4161] do_syscall_64+0x44/0xd0 [ 123.483892][ T4161] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.489829][ T4161] RIP: 0033:0x7fbc8e8df3ca [ 123.494228][ T4161] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.513819][ T4161] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 123.522300][ T4161] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 123.530448][ T4161] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 123.538422][ T4161] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 123.546416][ T4161] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 123.554452][ T4161] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 123.562451][ T4161] [ 123.565457][ T4162] CPU: 0 PID: 4162 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 123.574134][ T4162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 123.584330][ T4162] Call Trace: [ 123.587612][ T4162] [ 123.590588][ T4162] dump_stack_lvl+0xd6/0x122 [ 123.595240][ T4162] dump_stack+0x11/0x1b [ 123.599380][ T4162] should_fail+0x23c/0x250 [ 123.603840][ T4162] should_fail_usercopy+0x16/0x20 [ 123.608851][ T4162] _copy_from_user+0x1c/0xd0 [ 123.613433][ T4162] __se_sys_memfd_create+0x125/0x350 [ 123.618715][ T4162] __x64_sys_memfd_create+0x2d/0x40 [ 123.623908][ T4162] do_syscall_64+0x44/0xd0 [ 123.628320][ T4162] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.634211][ T4162] RIP: 0033:0x7f76012cbe99 [ 123.638617][ T4162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.658212][ T4162] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 123.666636][ T4162] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 14:58:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:10 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 84) 14:58:10 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff", 0x38, 0x400}], 0x0, &(0x7f0000012b00)) [ 123.674593][ T4162] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 [ 123.682877][ T4162] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 123.690923][ T4162] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 123.698877][ T4162] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 123.706853][ T4162] [ 123.713655][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:10 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x40000800, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 123.748073][ T4164] loop5: detected capacity change from 0 to 4 [ 123.762216][ T4164] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 123.780778][ T4169] loop2: detected capacity change from 0 to 264192 [ 123.782937][ T4167] FAULT_INJECTION: forcing a failure. 14:58:11 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 88) 14:58:11 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 3) [ 123.782937][ T4167] name failslab, interval 1, probability 0, space 0, times 0 [ 123.790765][ T4170] loop0: detected capacity change from 0 to 4 [ 123.799937][ T4167] CPU: 0 PID: 4167 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 123.814624][ T4167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 123.824676][ T4167] Call Trace: [ 123.827972][ T4167] [ 123.829687][ T4170] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 123.830898][ T4167] dump_stack_lvl+0xd6/0x122 [ 123.830925][ T4167] dump_stack+0x11/0x1b [ 123.843758][ T4174] FAULT_INJECTION: forcing a failure. [ 123.843758][ T4174] name failslab, interval 1, probability 0, space 0, times 0 [ 123.846110][ T4167] should_fail+0x23c/0x250 [ 123.846134][ T4167] ? __list_lru_init+0x352/0x6d0 [ 123.868006][ T4167] __should_failslab+0x81/0x90 [ 123.872879][ T4167] should_failslab+0x5/0x20 [ 123.877453][ T4167] kmem_cache_alloc_trace+0x52/0x350 [ 123.882725][ T4167] ? __list_lru_init+0x352/0x6d0 [ 123.887658][ T4167] __list_lru_init+0x352/0x6d0 [ 123.892406][ T4167] alloc_super+0x4bf/0x520 [ 123.896885][ T4167] ? mount_bdev+0x290/0x290 [ 123.901376][ T4167] sget+0x189/0x370 [ 123.905171][ T4167] ? test_bdev_super+0x30/0x30 [ 123.909924][ T4167] mount_bdev+0xd3/0x290 [ 123.914228][ T4167] ? msdos_mount+0x40/0x40 [ 123.918690][ T4167] ? tsan.module_ctor+0x10/0x10 [ 123.923527][ T4167] msdos_mount+0x2d/0x40 [ 123.927826][ T4167] legacy_get_tree+0x70/0xc0 [ 123.932445][ T4167] vfs_get_tree+0x4a/0x1a0 [ 123.936850][ T4167] path_mount+0x11cf/0x1c40 [ 123.941424][ T4167] ? kmem_cache_free+0x65/0x110 [ 123.946262][ T4167] __se_sys_mount+0x24b/0x2f0 [ 123.950925][ T4167] __x64_sys_mount+0x63/0x70 [ 123.955504][ T4167] do_syscall_64+0x44/0xd0 [ 123.959907][ T4167] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.965794][ T4167] RIP: 0033:0x7fbc8e8df3ca [ 123.970203][ T4167] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.989795][ T4167] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 123.998258][ T4167] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 124.006367][ T4167] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 124.014394][ T4167] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 124.022352][ T4167] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 124.030406][ T4167] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 124.038369][ T4167] [ 124.041373][ T4174] CPU: 1 PID: 4174 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 124.050138][ T4174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.060326][ T4174] Call Trace: [ 124.063585][ T4174] [ 124.066647][ T4174] dump_stack_lvl+0xd6/0x122 [ 124.071307][ T4174] dump_stack+0x11/0x1b [ 124.075457][ T4174] should_fail+0x23c/0x250 [ 124.079855][ T4174] ? shmem_alloc_inode+0x22/0x30 [ 124.084772][ T4174] __should_failslab+0x81/0x90 [ 124.089526][ T4174] ? shmem_match+0xa0/0xa0 [ 124.093940][ T4174] should_failslab+0x5/0x20 [ 124.098423][ T4174] kmem_cache_alloc+0x4f/0x320 [ 124.103239][ T4174] ? shmem_match+0xa0/0xa0 [ 124.107663][ T4174] shmem_alloc_inode+0x22/0x30 [ 124.112421][ T4174] new_inode_pseudo+0x38/0x190 [ 124.117188][ T4174] new_inode+0x21/0x100 [ 124.121368][ T4174] shmem_get_inode+0xb7/0x490 [ 124.126046][ T4174] __shmem_file_setup+0xf1/0x1d0 [ 124.131105][ T4174] shmem_file_setup+0x37/0x40 [ 124.135775][ T4174] __se_sys_memfd_create+0x1c1/0x350 [ 124.141054][ T4174] __x64_sys_memfd_create+0x2d/0x40 [ 124.146307][ T4174] do_syscall_64+0x44/0xd0 [ 124.150800][ T4174] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 124.156695][ T4174] RIP: 0033:0x7f76012cbe99 [ 124.161093][ T4174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.180684][ T4174] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 124.189163][ T4174] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 14:58:11 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 4) [ 124.197120][ T4174] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 [ 124.205090][ T4174] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 124.213041][ T4174] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 124.220999][ T4174] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 124.229045][ T4174] [ 124.248785][ T4176] FAULT_INJECTION: forcing a failure. [ 124.248785][ T4176] name failslab, interval 1, probability 0, space 0, times 0 [ 124.261717][ T4176] CPU: 0 PID: 4176 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 124.261782][ T4172] FAULT_INJECTION: forcing a failure. [ 124.261782][ T4172] name failslab, interval 1, probability 0, space 0, times 0 [ 124.270397][ T4176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.270412][ T4176] Call Trace: [ 124.270418][ T4176] [ 124.270425][ T4176] dump_stack_lvl+0xd6/0x122 [ 124.303870][ T4176] dump_stack+0x11/0x1b [ 124.308086][ T4176] should_fail+0x23c/0x250 [ 124.312486][ T4176] ? security_inode_alloc+0x30/0x180 [ 124.317758][ T4176] __should_failslab+0x81/0x90 [ 124.322513][ T4176] should_failslab+0x5/0x20 [ 124.327005][ T4176] kmem_cache_alloc+0x4f/0x320 [ 124.331756][ T4176] security_inode_alloc+0x30/0x180 [ 124.336855][ T4176] inode_init_always+0x214/0x3e0 [ 124.341839][ T4176] ? shmem_match+0xa0/0xa0 [ 124.346241][ T4176] new_inode_pseudo+0x6f/0x190 [ 124.350989][ T4176] new_inode+0x21/0x100 [ 124.355177][ T4176] shmem_get_inode+0xb7/0x490 [ 124.359844][ T4176] __shmem_file_setup+0xf1/0x1d0 [ 124.364768][ T4176] shmem_file_setup+0x37/0x40 [ 124.369457][ T4176] __se_sys_memfd_create+0x1c1/0x350 [ 124.374736][ T4176] __x64_sys_memfd_create+0x2d/0x40 [ 124.379925][ T4176] do_syscall_64+0x44/0xd0 [ 124.384329][ T4176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 124.390218][ T4176] RIP: 0033:0x7f76012cbe99 [ 124.394617][ T4176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.414222][ T4176] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 124.422621][ T4176] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 [ 124.430712][ T4176] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 [ 124.438754][ T4176] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 124.446709][ T4176] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 124.454667][ T4176] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 124.462630][ T4176] [ 124.465640][ T4172] CPU: 1 PID: 4172 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 [ 124.474348][ T4172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.484391][ T4172] Call Trace: [ 124.487661][ T4172] [ 124.490634][ T4172] dump_stack_lvl+0xd6/0x122 [ 124.495254][ T4172] dump_stack+0x11/0x1b [ 124.499394][ T4172] should_fail+0x23c/0x250 [ 124.503811][ T4172] ? kobject_uevent_env+0x1a7/0xc40 [ 124.509009][ T4172] __should_failslab+0x81/0x90 [ 124.513869][ T4172] should_failslab+0x5/0x20 [ 124.518359][ T4172] kmem_cache_alloc_trace+0x52/0x350 [ 124.523715][ T4172] ? dev_uevent_filter+0x70/0x70 [ 124.528640][ T4172] kobject_uevent_env+0x1a7/0xc40 [ 124.533655][ T4172] ? kmem_cache_free+0x65/0x110 [ 124.538493][ T4172] ? kernfs_put+0x2f1/0x300 [ 124.542986][ T4172] kobject_uevent+0x18/0x20 [ 124.547477][ T4172] __loop_clr_fd+0x4a3/0x6c0 [ 124.552054][ T4172] lo_ioctl+0x985/0x1270 [ 124.556279][ T4172] ? __rcu_read_unlock+0x5c/0x290 [ 124.561298][ T4172] ? avc_has_extended_perms+0x686/0x8a0 [ 124.566857][ T4172] ? blkdev_common_ioctl+0x438/0x1180 [ 124.572212][ T4172] ? selinux_file_ioctl+0x522/0x590 [ 124.577433][ T4172] ? do_vfs_ioctl+0x819/0x14a0 [ 124.582232][ T4172] ? lo_release+0x120/0x120 [ 124.586725][ T4172] blkdev_ioctl+0x20e/0x440 [ 124.591216][ T4172] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 124.596681][ T4172] __se_sys_ioctl+0xcb/0x140 [ 124.601516][ T4172] __x64_sys_ioctl+0x3f/0x50 [ 124.606158][ T4172] do_syscall_64+0x44/0xd0 [ 124.610570][ T4172] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 124.616535][ T4172] RIP: 0033:0x7fbd63e3bc57 [ 124.620942][ T4172] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.640540][ T4172] RSP: 002b:00007fbd62fb1f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:58:11 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 85) 14:58:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) [ 124.648944][ T4172] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbd63e3bc57 [ 124.656916][ T4172] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 124.664895][ T4172] RBP: 00007fbd62fb26bc R08: 00007fbd62fb2020 R09: 0000000020000000 [ 124.672853][ T4172] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 124.680809][ T4172] R13: 0000000000000016 R14: 00007fbd62fb1fe0 R15: 0000000020000240 [ 124.688920][ T4172] [ 124.693076][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:11 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:11 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x48000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:11 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) [ 124.731599][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 124.751122][ T4180] loop5: detected capacity change from 0 to 4 [ 124.771124][ T4179] FAULT_INJECTION: forcing a failure. [ 124.771124][ T4179] name failslab, interval 1, probability 0, space 0, times 0 [ 124.772855][ T4185] loop0: detected capacity change from 0 to 4 [ 124.783810][ T4179] CPU: 1 PID: 4179 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 124.783833][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.783844][ T4179] Call Trace: [ 124.783851][ T4179] [ 124.783858][ T4179] dump_stack_lvl+0xd6/0x122 [ 124.792588][ T4185] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 124.798678][ T4179] dump_stack+0x11/0x1b [ 124.811256][ T4186] loop2: detected capacity change from 0 to 264192 [ 124.812014][ T4179] should_fail+0x23c/0x250 [ 124.841017][ T4179] ? __list_lru_init+0x352/0x6d0 [ 124.845965][ T4179] __should_failslab+0x81/0x90 [ 124.850748][ T4179] should_failslab+0x5/0x20 [ 124.855266][ T4179] kmem_cache_alloc_trace+0x52/0x350 [ 124.860653][ T4179] ? __list_lru_init+0x352/0x6d0 [ 124.865629][ T4179] __list_lru_init+0x352/0x6d0 [ 124.870400][ T4179] alloc_super+0x4bf/0x520 [ 124.874859][ T4179] ? mount_bdev+0x290/0x290 [ 124.879369][ T4179] sget+0x189/0x370 [ 124.883259][ T4179] ? test_bdev_super+0x30/0x30 [ 124.888111][ T4179] mount_bdev+0xd3/0x290 [ 124.892401][ T4179] ? msdos_mount+0x40/0x40 [ 124.897002][ T4179] ? tsan.module_ctor+0x10/0x10 [ 124.901868][ T4179] msdos_mount+0x2d/0x40 [ 124.906187][ T4179] legacy_get_tree+0x70/0xc0 [ 124.910795][ T4179] vfs_get_tree+0x4a/0x1a0 [ 124.915227][ T4179] path_mount+0x11cf/0x1c40 [ 124.919812][ T4179] ? kmem_cache_free+0x65/0x110 [ 124.924681][ T4179] __se_sys_mount+0x24b/0x2f0 [ 124.929363][ T4179] __x64_sys_mount+0x63/0x70 [ 124.934009][ T4179] do_syscall_64+0x44/0xd0 [ 124.938537][ T4179] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 124.944812][ T4179] RIP: 0033:0x7fbc8e8df3ca [ 124.949302][ T4179] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.969022][ T4179] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:58:12 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 5) [ 124.977453][ T4179] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 124.985431][ T4179] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 124.993405][ T4179] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 125.001386][ T4179] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 125.009493][ T4179] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 125.017477][ T4179] [ 125.030969][ T4188] FAULT_INJECTION: forcing a failure. [ 125.030969][ T4188] name failslab, interval 1, probability 0, space 0, times 0 [ 125.041945][ T4180] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 125.043656][ T4188] CPU: 1 PID: 4188 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 125.058751][ T4188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.068813][ T4188] Call Trace: [ 125.072087][ T4188] [ 125.075016][ T4188] dump_stack_lvl+0xd6/0x122 [ 125.079610][ T4188] dump_stack+0x11/0x1b [ 125.083766][ T4188] should_fail+0x23c/0x250 [ 125.088182][ T4188] ? __d_alloc+0x36/0x370 [ 125.088905][ T4190] loop0: detected capacity change from 0 to 4 [ 125.092517][ T4188] __should_failslab+0x81/0x90 [ 125.103340][ T4188] should_failslab+0x5/0x20 [ 125.107862][ T4188] kmem_cache_alloc+0x4f/0x320 [ 125.112686][ T4188] ? security_inode_alloc+0x138/0x180 [ 125.118062][ T4188] ? __init_rwsem+0x59/0x70 [ 125.120802][ T4190] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 125.122606][ T4188] __d_alloc+0x36/0x370 [ 125.122626][ T4188] ? debug_smp_processor_id+0x18/0x20 [ 125.138786][ T4188] d_alloc_pseudo+0x1a/0x50 [ 125.143290][ T4188] alloc_file_pseudo+0x77/0x150 [ 125.148151][ T4188] __shmem_file_setup+0x14c/0x1d0 [ 125.153228][ T4188] shmem_file_setup+0x37/0x40 [ 125.157918][ T4188] __se_sys_memfd_create+0x1c1/0x350 [ 125.163237][ T4188] __x64_sys_memfd_create+0x2d/0x40 [ 125.168445][ T4188] do_syscall_64+0x44/0xd0 [ 125.172868][ T4188] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.178846][ T4188] RIP: 0033:0x7f76012cbe99 [ 125.183267][ T4188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.202997][ T4188] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 125.211436][ T4188] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 [ 125.219575][ T4188] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 14:58:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:12 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4c000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:12 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:12 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f00000000", 0x48, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:12 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x68000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 125.227572][ T4188] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 125.235624][ T4188] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 125.243612][ T4188] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 125.251589][ T4188] [ 125.269765][ T4192] loop2: detected capacity change from 0 to 264192 14:58:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:12 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 86) 14:58:12 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6c000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:12 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 6) [ 125.350909][ T4199] loop0: detected capacity change from 0 to 4 [ 125.353707][ T4201] loop5: detected capacity change from 0 to 4 [ 125.371262][ T4205] FAULT_INJECTION: forcing a failure. [ 125.371262][ T4205] name failslab, interval 1, probability 0, space 0, times 0 [ 125.374272][ T4199] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 125.383941][ T4205] CPU: 0 PID: 4205 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 125.399034][ T4205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.409716][ T4205] Call Trace: [ 125.413051][ T4205] [ 125.415981][ T4205] dump_stack_lvl+0xd6/0x122 [ 125.420615][ T4205] dump_stack+0x11/0x1b [ 125.424781][ T4205] should_fail+0x23c/0x250 [ 125.429200][ T4205] ? __alloc_file+0x2e/0x1a0 [ 125.433796][ T4205] __should_failslab+0x81/0x90 [ 125.438565][ T4205] should_failslab+0x5/0x20 [ 125.443079][ T4205] kmem_cache_alloc+0x4f/0x320 [ 125.447846][ T4205] __alloc_file+0x2e/0x1a0 [ 125.452384][ T4205] alloc_empty_file+0xcd/0x1c0 [ 125.457134][ T4205] alloc_file+0x3a/0x280 [ 125.461363][ T4205] alloc_file_pseudo+0xfa/0x150 [ 125.466205][ T4205] __shmem_file_setup+0x14c/0x1d0 [ 125.471270][ T4205] shmem_file_setup+0x37/0x40 [ 125.475944][ T4205] __se_sys_memfd_create+0x1c1/0x350 [ 125.481272][ T4205] __x64_sys_memfd_create+0x2d/0x40 [ 125.486565][ T4205] do_syscall_64+0x44/0xd0 [ 125.491044][ T4205] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.496929][ T4205] RIP: 0033:0x7f76012cbe99 [ 125.501332][ T4205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.520972][ T4205] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 125.529369][ T4205] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 [ 125.537324][ T4205] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 14:58:12 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:12 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012b00)) [ 125.545281][ T4205] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 125.553237][ T4205] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 125.561190][ T4205] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 125.569146][ T4205] [ 125.583301][ T4202] loop2: detected capacity change from 0 to 264192 [ 125.598894][ T4206] FAULT_INJECTION: forcing a failure. [ 125.598894][ T4206] name failslab, interval 1, probability 0, space 0, times 0 [ 125.604745][ T4201] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 125.611897][ T4206] CPU: 0 PID: 4206 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 125.628612][ T4206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.638672][ T4206] Call Trace: [ 125.641952][ T4206] [ 125.645432][ T4206] dump_stack_lvl+0xd6/0x122 [ 125.650035][ T4206] dump_stack+0x11/0x1b [ 125.654203][ T4206] should_fail+0x23c/0x250 [ 125.658672][ T4206] ? __list_lru_init+0x352/0x6d0 [ 125.663610][ T4206] __should_failslab+0x81/0x90 [ 125.668379][ T4206] should_failslab+0x5/0x20 [ 125.672931][ T4206] kmem_cache_alloc_trace+0x52/0x350 [ 125.678221][ T4206] ? __list_lru_init+0x352/0x6d0 [ 125.683162][ T4206] __list_lru_init+0x352/0x6d0 [ 125.687930][ T4206] alloc_super+0x4bf/0x520 [ 125.692349][ T4206] ? mount_bdev+0x290/0x290 [ 125.696858][ T4206] sget+0x189/0x370 14:58:12 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 7) [ 125.700674][ T4206] ? test_bdev_super+0x30/0x30 [ 125.705438][ T4206] mount_bdev+0xd3/0x290 [ 125.709809][ T4206] ? msdos_mount+0x40/0x40 [ 125.714264][ T4206] ? tsan.module_ctor+0x10/0x10 [ 125.714990][ T4210] FAULT_INJECTION: forcing a failure. [ 125.714990][ T4210] name failslab, interval 1, probability 0, space 0, times 0 [ 125.719118][ T4206] msdos_mount+0x2d/0x40 [ 125.719144][ T4206] legacy_get_tree+0x70/0xc0 [ 125.740491][ T4206] vfs_get_tree+0x4a/0x1a0 [ 125.744897][ T4206] path_mount+0x11cf/0x1c40 [ 125.749385][ T4206] ? kmem_cache_free+0x65/0x110 [ 125.754329][ T4206] __se_sys_mount+0x24b/0x2f0 [ 125.758991][ T4206] __x64_sys_mount+0x63/0x70 [ 125.763568][ T4206] do_syscall_64+0x44/0xd0 [ 125.767973][ T4206] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.773921][ T4206] RIP: 0033:0x7fbc8e8df3ca [ 125.778382][ T4206] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.798247][ T4206] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 125.806718][ T4206] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca [ 125.814766][ T4206] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 125.822809][ T4206] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 125.830768][ T4206] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 125.838828][ T4206] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 125.846875][ T4206] [ 125.849906][ T4210] CPU: 1 PID: 4210 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 125.858580][ T4210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.868674][ T4210] Call Trace: [ 125.871949][ T4210] [ 125.874877][ T4210] dump_stack_lvl+0xd6/0x122 [ 125.879524][ T4210] dump_stack+0x11/0x1b [ 125.883683][ T4210] should_fail+0x23c/0x250 [ 125.888091][ T4210] ? security_file_alloc+0x30/0x190 [ 125.893366][ T4210] __should_failslab+0x81/0x90 [ 125.898119][ T4210] should_failslab+0x5/0x20 [ 125.902612][ T4210] kmem_cache_alloc+0x4f/0x320 [ 125.907368][ T4210] security_file_alloc+0x30/0x190 [ 125.912378][ T4210] __alloc_file+0x83/0x1a0 [ 125.916884][ T4210] alloc_empty_file+0xcd/0x1c0 [ 125.921634][ T4210] alloc_file+0x3a/0x280 [ 125.925874][ T4210] alloc_file_pseudo+0xfa/0x150 [ 125.930767][ T4210] __shmem_file_setup+0x14c/0x1d0 [ 125.935781][ T4210] shmem_file_setup+0x37/0x40 [ 125.940610][ T4210] __se_sys_memfd_create+0x1c1/0x350 [ 125.945891][ T4210] __x64_sys_memfd_create+0x2d/0x40 [ 125.951084][ T4210] do_syscall_64+0x44/0xd0 [ 125.955492][ T4210] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.961375][ T4210] RIP: 0033:0x7f76012cbe99 [ 125.965775][ T4210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.985369][ T4210] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 125.993766][ T4210] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f76012cbe99 14:58:13 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x74000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:13 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 8) 14:58:13 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) [ 126.001723][ T4210] RDX: 0000000000000ac0 RSI: 0000000000000000 RDI: 00007f7601325168 [ 126.009766][ T4210] RBP: 0000000000000003 R08: 0000000000000560 R09: 00007f76004421d0 [ 126.017724][ T4210] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 126.025744][ T4210] R13: 0000000020000100 R14: 0000000000080000 R15: 0000000020012b00 [ 126.033719][ T4210] [ 126.038022][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:13 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:13 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 87) [ 126.081620][ T4212] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 126.096126][ T4216] loop2: detected capacity change from 0 to 264192 [ 126.102023][ T4218] loop5: detected capacity change from 0 to 4 [ 126.118856][ T4221] FAULT_INJECTION: forcing a failure. [ 126.118856][ T4221] name failslab, interval 1, probability 0, space 0, times 0 [ 126.131581][ T4221] CPU: 0 PID: 4221 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 126.140257][ T4221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.150300][ T4221] Call Trace: [ 126.153564][ T4221] [ 126.156483][ T4221] dump_stack_lvl+0xd6/0x122 [ 126.161137][ T4221] dump_stack+0x11/0x1b [ 126.165280][ T4221] should_fail+0x23c/0x250 [ 126.169692][ T4221] ? fat_fill_super+0x88/0x2af0 [ 126.174591][ T4221] __should_failslab+0x81/0x90 [ 126.179348][ T4221] should_failslab+0x5/0x20 [ 126.183873][ T4221] kmem_cache_alloc_trace+0x52/0x350 [ 126.189158][ T4221] ? string+0x1f9/0x210 [ 126.193317][ T4221] ? msdos_fill_super+0x30/0x30 [ 126.198239][ T4221] fat_fill_super+0x88/0x2af0 [ 126.202913][ T4221] ? pointer+0x5aa/0x830 [ 126.207197][ T4221] ? format_decode+0x60b/0x8a0 [ 126.211951][ T4221] ? vsnprintf+0xe8f/0xed0 [ 126.216375][ T4221] ? snprintf+0x83/0xb0 [ 126.220570][ T4221] ? set_blocksize+0x197/0x270 [ 126.225359][ T4221] msdos_fill_super+0x29/0x30 [ 126.230028][ T4221] mount_bdev+0x1e8/0x290 [ 126.234423][ T4221] ? msdos_mount+0x40/0x40 [ 126.238830][ T4221] ? tsan.module_ctor+0x10/0x10 [ 126.243676][ T4221] msdos_mount+0x2d/0x40 [ 126.247972][ T4221] legacy_get_tree+0x70/0xc0 [ 126.252630][ T4221] vfs_get_tree+0x4a/0x1a0 [ 126.257109][ T4221] path_mount+0x11cf/0x1c40 [ 126.261640][ T4221] ? kmem_cache_free+0x65/0x110 [ 126.266530][ T4221] __se_sys_mount+0x24b/0x2f0 [ 126.271195][ T4221] __x64_sys_mount+0x63/0x70 [ 126.275769][ T4221] do_syscall_64+0x44/0xd0 [ 126.280175][ T4221] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.286059][ T4221] RIP: 0033:0x7fbc8e8df3ca [ 126.290549][ T4221] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.310181][ T4221] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 126.318585][ T4221] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8df3ca 14:58:13 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7a000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 126.326556][ T4221] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fbc8da53fe0 [ 126.334513][ T4221] RBP: 00007fbc8da54020 R08: 00007fbc8da54020 R09: 0000000020000000 [ 126.342470][ T4221] R10: 0000000000008000 R11: 0000000000000206 R12: 0000000020000000 [ 126.350426][ T4221] R13: 0000000020000040 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 126.358385][ T4221] [ 126.374665][ T4222] FAULT_INJECTION: forcing a failure. 14:58:13 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 126.374665][ T4222] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 126.378117][ T4218] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 126.387943][ T4222] CPU: 1 PID: 4222 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 126.403098][ T4222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.413153][ T4222] Call Trace: [ 126.416551][ T4222] [ 126.419478][ T4222] dump_stack_lvl+0xd6/0x122 [ 126.424190][ T4222] dump_stack+0x11/0x1b [ 126.428353][ T4222] should_fail+0x23c/0x250 [ 126.432833][ T4222] __alloc_pages+0x102/0x330 [ 126.437461][ T4222] alloc_pages_vma+0x5ee/0x770 [ 126.442224][ T4222] shmem_getpage_gfp+0x8bc/0x12c0 [ 126.447397][ T4222] shmem_write_begin+0x7e/0x100 [ 126.452257][ T4222] generic_perform_write+0x1c8/0x400 [ 126.457575][ T4222] ? current_time+0xed/0x1a0 [ 126.462248][ T4222] __generic_file_write_iter+0xf7/0x2b0 [ 126.467804][ T4222] ? generic_write_checks+0x250/0x290 [ 126.473228][ T4222] generic_file_write_iter+0x75/0x130 [ 126.478615][ T4222] vfs_write+0x7f5/0x950 14:58:13 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) [ 126.482872][ T4222] __x64_sys_pwrite64+0xf5/0x150 [ 126.487820][ T4222] do_syscall_64+0x44/0xd0 [ 126.492358][ T4222] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.498363][ T4222] RIP: 0033:0x7f760127ee67 [ 126.502777][ T4222] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 126.522406][ T4222] RSP: 002b:00007f7600441f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 14:58:13 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012b00)) 14:58:13 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 126.530984][ T4222] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127ee67 [ 126.539088][ T4222] RDX: 0000000000000066 RSI: 0000000020010000 RDI: 0000000000000004 [ 126.547165][ T4222] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007f76004421d0 [ 126.555140][ T4222] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 126.563111][ T4222] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 126.571091][ T4222] 14:58:13 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:13 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:13 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012b00)) [ 126.596188][ T4222] loop1: detected capacity change from 0 to 1024 [ 126.604233][ T4228] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 126.618747][ T4222] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 126.637868][ T4232] loop5: detected capacity change from 0 to 4 14:58:13 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 9) 14:58:13 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x85ffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 126.654023][ T4234] loop2: detected capacity change from 0 to 264192 [ 126.682340][ T4238] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 14:58:13 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 88) [ 126.702233][ T4232] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 126.709673][ T4241] FAULT_INJECTION: forcing a failure. [ 126.709673][ T4241] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 126.722829][ T4241] CPU: 0 PID: 4241 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 126.731500][ T4241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.741543][ T4241] Call Trace: [ 126.744813][ T4241] [ 126.747737][ T4241] dump_stack_lvl+0xd6/0x122 [ 126.752354][ T4241] dump_stack+0x11/0x1b [ 126.756494][ T4241] should_fail+0x23c/0x250 [ 126.760901][ T4241] should_fail_usercopy+0x16/0x20 [ 126.765924][ T4241] copy_page_from_iter_atomic+0x2f1/0xc60 [ 126.771732][ T4241] ? shmem_write_begin+0x7e/0x100 [ 126.776791][ T4241] generic_perform_write+0x211/0x400 [ 126.782175][ T4241] ? current_time+0xed/0x1a0 [ 126.786754][ T4241] __generic_file_write_iter+0xf7/0x2b0 [ 126.792289][ T4241] ? generic_write_checks+0x250/0x290 [ 126.797647][ T4241] generic_file_write_iter+0x75/0x130 [ 126.803008][ T4241] vfs_write+0x7f5/0x950 [ 126.807243][ T4241] __x64_sys_pwrite64+0xf5/0x150 [ 126.812291][ T4241] do_syscall_64+0x44/0xd0 [ 126.816701][ T4241] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.822592][ T4241] RIP: 0033:0x7f760127ee67 [ 126.827009][ T4241] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 126.846605][ T4241] RSP: 002b:00007f7600441f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 14:58:14 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8cffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 126.855029][ T4241] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127ee67 [ 126.863076][ T4241] RDX: 0000000000000066 RSI: 0000000020010000 RDI: 0000000000000004 [ 126.871035][ T4241] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007f76004421d0 [ 126.878992][ T4241] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 126.886946][ T4241] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 126.894908][ T4241] 14:58:14 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0) [ 126.907036][ T4241] loop1: detected capacity change from 0 to 1024 [ 126.915514][ T4241] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 126.931614][ T4244] FAULT_INJECTION: forcing a failure. [ 126.931614][ T4244] name failslab, interval 1, probability 0, space 0, times 0 [ 126.940939][ T4250] loop0: detected capacity change from 0 to 4 14:58:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef0100", 0x3c, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:14 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 126.944252][ T4244] CPU: 0 PID: 4244 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 126.959063][ T4244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.964241][ T4246] loop2: detected capacity change from 0 to 264192 [ 126.969159][ T4244] Call Trace: [ 126.969167][ T4244] [ 126.969174][ T4244] dump_stack_lvl+0xd6/0x122 [ 126.986538][ T4244] dump_stack+0x11/0x1b [ 126.990792][ T4244] should_fail+0x23c/0x250 [ 126.995298][ T4244] ? kobject_uevent_env+0x1a7/0xc40 [ 126.996163][ T4252] loop5: detected capacity change from 0 to 4 [ 127.000499][ T4244] __should_failslab+0x81/0x90 [ 127.000525][ T4244] should_failslab+0x5/0x20 [ 127.008390][ T4252] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 127.011331][ T4244] kmem_cache_alloc_trace+0x52/0x350 [ 127.011365][ T4244] ? dev_uevent_filter+0x70/0x70 [ 127.011383][ T4244] kobject_uevent_env+0x1a7/0xc40 [ 127.011451][ T4244] ? kmem_cache_free+0x65/0x110 [ 127.011470][ T4244] ? kernfs_put+0x2f1/0x300 [ 127.048805][ T4244] kobject_uevent+0x18/0x20 [ 127.053377][ T4244] __loop_clr_fd+0x4a3/0x6c0 [ 127.058014][ T4244] lo_ioctl+0x985/0x1270 [ 127.062238][ T4244] ? __rcu_read_unlock+0x5c/0x290 [ 127.067248][ T4244] ? avc_has_extended_perms+0x686/0x8a0 [ 127.072820][ T4244] ? blkdev_common_ioctl+0x438/0x1180 [ 127.078171][ T4244] ? selinux_file_ioctl+0x522/0x590 [ 127.083358][ T4244] ? do_vfs_ioctl+0x819/0x14a0 [ 127.088124][ T4244] ? lo_release+0x120/0x120 [ 127.092608][ T4244] blkdev_ioctl+0x20e/0x440 [ 127.097139][ T4244] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 127.102601][ T4244] __se_sys_ioctl+0xcb/0x140 [ 127.107172][ T4244] __x64_sys_ioctl+0x3f/0x50 [ 127.111789][ T4244] do_syscall_64+0x44/0xd0 [ 127.116290][ T4244] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.122171][ T4244] RIP: 0033:0x7fbc8e8ddc57 [ 127.126569][ T4244] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.146154][ T4244] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:58:14 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 10) 14:58:14 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 89) 14:58:14 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0) [ 127.154549][ T4244] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 127.162500][ T4244] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 127.170514][ T4244] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 127.178477][ T4244] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 127.186517][ T4244] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 127.194478][ T4244] [ 127.197950][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:14 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x97ffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:14 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 127.247983][ T4258] FAULT_INJECTION: forcing a failure. [ 127.247983][ T4258] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.261169][ T4258] CPU: 1 PID: 4258 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 127.269844][ T4258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.270426][ T4261] loop2: detected capacity change from 0 to 264192 [ 127.279899][ T4258] Call Trace: [ 127.279927][ T4258] [ 127.279934][ T4258] dump_stack_lvl+0xd6/0x122 [ 127.279958][ T4258] dump_stack+0x11/0x1b [ 127.292987][ T4256] FAULT_INJECTION: forcing a failure. [ 127.292987][ T4256] name failslab, interval 1, probability 0, space 0, times 0 [ 127.297201][ T4258] should_fail+0x23c/0x250 [ 127.318384][ T4258] should_fail_usercopy+0x16/0x20 [ 127.323399][ T4258] copy_page_from_iter_atomic+0x2f1/0xc60 [ 127.329231][ T4258] ? shmem_write_begin+0x7e/0x100 [ 127.334341][ T4258] generic_perform_write+0x211/0x400 [ 127.339631][ T4258] ? current_time+0xed/0x1a0 [ 127.344266][ T4258] __generic_file_write_iter+0xf7/0x2b0 [ 127.349873][ T4258] ? generic_write_checks+0x250/0x290 [ 127.355229][ T4258] generic_file_write_iter+0x75/0x130 [ 127.360656][ T4258] vfs_write+0x7f5/0x950 [ 127.365030][ T4258] __x64_sys_pwrite64+0xf5/0x150 [ 127.369960][ T4258] do_syscall_64+0x44/0xd0 [ 127.374434][ T4258] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.380314][ T4258] RIP: 0033:0x7f760127ee67 [ 127.384757][ T4258] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 127.404440][ T4258] RSP: 002b:00007f7600441f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 127.412835][ T4258] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127ee67 [ 127.420808][ T4258] RDX: 000000000000001f RSI: 0000000020010100 RDI: 0000000000000004 [ 127.428764][ T4258] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007f76004421d0 [ 127.436720][ T4258] R10: 00000000000004e0 R11: 0000000000000293 R12: 0000000000000004 14:58:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) [ 127.444686][ T4258] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 127.452644][ T4258] [ 127.455650][ T4256] CPU: 0 PID: 4256 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 127.462004][ T4258] loop1: detected capacity change from 0 to 1024 [ 127.464327][ T4256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.471633][ T4258] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 127.480671][ T4256] Call Trace: [ 127.480681][ T4256] [ 127.495748][ T4264] loop5: detected capacity change from 0 to 4 [ 127.497240][ T4256] dump_stack_lvl+0xd6/0x122 [ 127.497268][ T4256] dump_stack+0x11/0x1b [ 127.504601][ T4264] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 127.508092][ T4256] should_fail+0x23c/0x250 [ 127.523119][ T4256] ? kzalloc+0x1d/0x30 [ 127.527171][ T4256] __should_failslab+0x81/0x90 [ 127.531915][ T4256] should_failslab+0x5/0x20 [ 127.536460][ T4256] __kmalloc+0x6f/0x370 [ 127.540625][ T4256] kzalloc+0x1d/0x30 [ 127.544539][ T4256] kobject_get_path+0x7c/0x110 [ 127.549350][ T4256] kobject_uevent_env+0x1be/0xc40 [ 127.554386][ T4256] ? kmem_cache_free+0x65/0x110 [ 127.559265][ T4256] ? kernfs_put+0x2f1/0x300 [ 127.563841][ T4256] kobject_uevent+0x18/0x20 [ 127.568372][ T4256] __loop_clr_fd+0x4a3/0x6c0 [ 127.573032][ T4256] lo_ioctl+0x985/0x1270 [ 127.577257][ T4256] ? __rcu_read_unlock+0x5c/0x290 [ 127.582266][ T4256] ? avc_has_extended_perms+0x686/0x8a0 [ 127.587809][ T4256] ? blkdev_common_ioctl+0x438/0x1180 [ 127.593217][ T4256] ? selinux_file_ioctl+0x522/0x590 [ 127.598397][ T4256] ? do_vfs_ioctl+0x819/0x14a0 [ 127.603196][ T4256] ? lo_release+0x120/0x120 [ 127.607725][ T4256] blkdev_ioctl+0x20e/0x440 [ 127.612217][ T4256] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 127.617700][ T4256] __se_sys_ioctl+0xcb/0x140 [ 127.622276][ T4256] __x64_sys_ioctl+0x3f/0x50 [ 127.626861][ T4256] do_syscall_64+0x44/0xd0 [ 127.631340][ T4256] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.637214][ T4256] RIP: 0033:0x7fbc8e8ddc57 [ 127.641610][ T4256] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.661306][ T4256] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 127.669832][ T4256] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 127.677803][ T4256] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 127.685816][ T4256] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 14:58:14 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9c050000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:14 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 127.693773][ T4256] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 127.701845][ T4256] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 127.709799][ T4256] [ 127.732867][ T4266] loop0: detected capacity change from 0 to 4 14:58:15 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 11) 14:58:15 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 90) 14:58:15 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:15 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0) [ 127.771581][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 127.799743][ T4270] loop2: detected capacity change from 0 to 264192 [ 127.816194][ T4273] FAULT_INJECTION: forcing a failure. 14:58:15 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 127.816194][ T4273] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.817712][ T4274] loop5: detected capacity change from 0 to 4 [ 127.829319][ T4273] CPU: 0 PID: 4273 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 127.841071][ T4274] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 127.844038][ T4273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.860602][ T4273] Call Trace: [ 127.864070][ T4273] [ 127.866987][ T4273] dump_stack_lvl+0xd6/0x122 [ 127.871569][ T4273] dump_stack+0x11/0x1b [ 127.875754][ T4273] should_fail+0x23c/0x250 [ 127.880193][ T4273] should_fail_usercopy+0x16/0x20 [ 127.885374][ T4273] copy_page_from_iter_atomic+0x2f1/0xc60 [ 127.891217][ T4273] ? shmem_write_begin+0x7e/0x100 [ 127.896325][ T4273] generic_perform_write+0x211/0x400 [ 127.901663][ T4273] ? current_time+0xed/0x1a0 [ 127.906318][ T4273] __generic_file_write_iter+0xf7/0x2b0 [ 127.911871][ T4273] ? generic_write_checks+0x250/0x290 [ 127.917256][ T4273] generic_file_write_iter+0x75/0x130 [ 127.922642][ T4273] vfs_write+0x7f5/0x950 [ 127.926866][ T4273] __x64_sys_pwrite64+0xf5/0x150 [ 127.931787][ T4273] do_syscall_64+0x44/0xd0 [ 127.936279][ T4273] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.942188][ T4273] RIP: 0033:0x7f760127ee67 [ 127.946614][ T4273] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 127.966200][ T4273] RSP: 002b:00007f7600441f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 127.974643][ T4273] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127ee67 [ 127.982610][ T4273] RDX: 0000000000000013 RSI: 00000000200002c0 RDI: 0000000000000004 [ 127.990731][ T4273] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007f76004421d0 [ 127.998701][ T4273] R10: 0000000000000560 R11: 0000000000000293 R12: 0000000000000004 [ 128.006653][ T4273] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 128.014603][ T4273] 14:58:15 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc0ed0000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 128.019173][ T4273] loop1: detected capacity change from 0 to 1024 [ 128.036089][ T4273] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 128.040193][ T4280] loop2: detected capacity change from 0 to 264192 [ 128.057062][ T4276] FAULT_INJECTION: forcing a failure. [ 128.057062][ T4276] name failslab, interval 1, probability 0, space 0, times 0 14:58:15 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655f", 0x30, 0x400}], 0x0, &(0x7f0000012b00)) [ 128.069729][ T4276] CPU: 1 PID: 4276 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 128.078539][ T4276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.088578][ T4276] Call Trace: [ 128.091840][ T4276] [ 128.094748][ T4276] dump_stack_lvl+0xd6/0x122 [ 128.099347][ T4276] dump_stack+0x11/0x1b [ 128.103576][ T4276] should_fail+0x23c/0x250 [ 128.108028][ T4276] __should_failslab+0x81/0x90 [ 128.112794][ T4276] should_failslab+0x5/0x20 [ 128.117374][ T4276] kmem_cache_alloc_node+0x61/0x2d0 [ 128.122561][ T4276] ? __alloc_skb+0xf0/0x450 [ 128.127134][ T4276] __alloc_skb+0xf0/0x450 [ 128.131448][ T4276] alloc_uevent_skb+0x5b/0x120 [ 128.136199][ T4276] kobject_uevent_env+0x863/0xc40 [ 128.141211][ T4276] ? kmem_cache_free+0x65/0x110 [ 128.146077][ T4276] ? kernfs_put+0x2f1/0x300 [ 128.150644][ T4276] kobject_uevent+0x18/0x20 [ 128.155133][ T4276] __loop_clr_fd+0x4a3/0x6c0 [ 128.159759][ T4276] lo_ioctl+0x985/0x1270 [ 128.163993][ T4276] ? __rcu_read_unlock+0x5c/0x290 [ 128.168997][ T4276] ? avc_has_extended_perms+0x686/0x8a0 [ 128.174556][ T4276] ? blkdev_common_ioctl+0x438/0x1180 [ 128.179966][ T4276] ? selinux_file_ioctl+0x522/0x590 [ 128.185150][ T4276] ? do_vfs_ioctl+0x819/0x14a0 [ 128.189918][ T4276] ? lo_release+0x120/0x120 [ 128.194415][ T4276] blkdev_ioctl+0x20e/0x440 [ 128.198966][ T4276] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 128.204418][ T4276] __se_sys_ioctl+0xcb/0x140 [ 128.209059][ T4276] __x64_sys_ioctl+0x3f/0x50 [ 128.213694][ T4276] do_syscall_64+0x44/0xd0 [ 128.218102][ T4276] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.224056][ T4276] RIP: 0033:0x7fbc8e8ddc57 [ 128.228453][ T4276] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.248143][ T4276] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 128.256537][ T4276] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 128.264565][ T4276] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 14:58:15 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 12) [ 128.272582][ T4276] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 128.280540][ T4276] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 128.288496][ T4276] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 128.296531][ T4276] [ 128.302032][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.307483][ T4282] loop0: detected capacity change from 0 to 4 [ 128.317941][ T4284] loop5: detected capacity change from 0 to 4 14:58:15 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:15 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc2050000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 128.340147][ T4284] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 128.355249][ T4289] FAULT_INJECTION: forcing a failure. [ 128.355249][ T4289] name failslab, interval 1, probability 0, space 0, times 0 [ 128.367928][ T4289] CPU: 1 PID: 4289 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 128.376630][ T4289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:58:15 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 91) 14:58:15 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xdaffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 128.382622][ T4288] loop2: detected capacity change from 0 to 264192 [ 128.386683][ T4289] Call Trace: [ 128.386691][ T4289] [ 128.386698][ T4289] dump_stack_lvl+0xd6/0x122 [ 128.386723][ T4289] dump_stack+0x11/0x1b [ 128.408103][ T4289] should_fail+0x23c/0x250 [ 128.412524][ T4289] ? getname_flags+0x84/0x3f0 [ 128.417209][ T4289] __should_failslab+0x81/0x90 [ 128.421976][ T4289] should_failslab+0x5/0x20 [ 128.426461][ T4289] kmem_cache_alloc+0x4f/0x320 [ 128.431210][ T4289] getname_flags+0x84/0x3f0 [ 128.435706][ T4289] ? vfs_write+0x667/0x950 [ 128.440122][ T4289] getname+0x15/0x20 [ 128.443993][ T4289] do_sys_openat2+0x6d/0x2b0 [ 128.448676][ T4289] __x64_sys_openat+0xef/0x110 [ 128.453426][ T4289] do_syscall_64+0x44/0xd0 [ 128.457878][ T4289] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.463821][ T4289] RIP: 0033:0x7f760127edb4 [ 128.468218][ T4289] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 14:58:15 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 13) [ 128.487859][ T4289] RSP: 002b:00007f7600441eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 128.496261][ T4289] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127edb4 [ 128.504215][ T4289] RDX: 0000000000000002 RSI: 00007f7600441fe0 RDI: 00000000ffffff9c [ 128.512227][ T4289] RBP: 00007f7600441fe0 R08: 0000000000000000 R09: 00007f76004421d0 [ 128.520230][ T4289] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 128.528184][ T4289] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 128.536148][ T4289] [ 128.553336][ T4294] FAULT_INJECTION: forcing a failure. [ 128.553336][ T4294] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 128.566421][ T4294] CPU: 1 PID: 4294 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 128.575236][ T4294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.585347][ T4294] Call Trace: [ 128.588614][ T4294] [ 128.591601][ T4294] dump_stack_lvl+0xd6/0x122 [ 128.596182][ T4294] dump_stack+0x11/0x1b [ 128.600395][ T4294] should_fail+0x23c/0x250 [ 128.604805][ T4294] should_fail_usercopy+0x16/0x20 [ 128.609870][ T4294] strncpy_from_user+0x21/0x250 [ 128.614780][ T4294] getname_flags+0xb8/0x3f0 [ 128.619296][ T4294] ? vfs_write+0x667/0x950 [ 128.623737][ T4294] getname+0x15/0x20 [ 128.627622][ T4294] do_sys_openat2+0x6d/0x2b0 [ 128.632207][ T4294] __x64_sys_openat+0xef/0x110 [ 128.636979][ T4294] do_syscall_64+0x44/0xd0 [ 128.641394][ T4294] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.647277][ T4294] RIP: 0033:0x7f760127edb4 [ 128.651802][ T4294] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 128.671419][ T4294] RSP: 002b:00007f7600441eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 128.679827][ T4294] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127edb4 [ 128.687785][ T4294] RDX: 0000000000000002 RSI: 00007f7600441fe0 RDI: 00000000ffffff9c [ 128.695765][ T4294] RBP: 00007f7600441fe0 R08: 0000000000000000 R09: 00007f76004421d0 14:58:15 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:15 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 14) [ 128.703723][ T4294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 128.711764][ T4294] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 128.719722][ T4294] [ 128.728742][ T4292] FAULT_INJECTION: forcing a failure. [ 128.728742][ T4292] name failslab, interval 1, probability 0, space 0, times 0 [ 128.741984][ T4292] CPU: 1 PID: 4292 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 128.750708][ T4292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.758637][ T4296] FAULT_INJECTION: forcing a failure. [ 128.758637][ T4296] name failslab, interval 1, probability 0, space 0, times 0 [ 128.760764][ T4292] Call Trace: [ 128.760772][ T4292] [ 128.760779][ T4292] dump_stack_lvl+0xd6/0x122 [ 128.784116][ T4292] dump_stack+0x11/0x1b [ 128.788260][ T4292] should_fail+0x23c/0x250 [ 128.792668][ T4292] __should_failslab+0x81/0x90 [ 128.797592][ T4292] should_failslab+0x5/0x20 [ 128.802087][ T4292] kmem_cache_alloc_node_trace+0x61/0x310 [ 128.807850][ T4292] ? __kmalloc_node_track_caller+0x30/0x40 [ 128.813656][ T4292] __kmalloc_node_track_caller+0x30/0x40 [ 128.819328][ T4292] ? alloc_uevent_skb+0x5b/0x120 [ 128.824287][ T4292] __alloc_skb+0x19d/0x450 [ 128.828698][ T4292] alloc_uevent_skb+0x5b/0x120 [ 128.833707][ T4292] kobject_uevent_env+0x863/0xc40 [ 128.838722][ T4292] ? kmem_cache_free+0x65/0x110 [ 128.843619][ T4292] ? kernfs_put+0x2f1/0x300 [ 128.848175][ T4292] kobject_uevent+0x18/0x20 [ 128.852669][ T4292] __loop_clr_fd+0x4a3/0x6c0 [ 128.857283][ T4292] lo_ioctl+0x985/0x1270 [ 128.861514][ T4292] ? __rcu_read_unlock+0x5c/0x290 [ 128.866524][ T4292] ? avc_has_extended_perms+0x686/0x8a0 [ 128.872167][ T4292] ? blkdev_common_ioctl+0x438/0x1180 [ 128.877544][ T4292] ? selinux_file_ioctl+0x522/0x590 [ 128.882728][ T4292] ? do_vfs_ioctl+0x819/0x14a0 [ 128.887565][ T4292] ? lo_release+0x120/0x120 [ 128.892051][ T4292] blkdev_ioctl+0x20e/0x440 [ 128.896609][ T4292] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 128.902123][ T4292] __se_sys_ioctl+0xcb/0x140 [ 128.906700][ T4292] __x64_sys_ioctl+0x3f/0x50 [ 128.911295][ T4292] do_syscall_64+0x44/0xd0 [ 128.915707][ T4292] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.921589][ T4292] RIP: 0033:0x7fbc8e8ddc57 [ 128.925990][ T4292] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.945627][ T4292] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 128.954076][ T4292] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 128.962048][ T4292] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 128.970092][ T4292] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 128.978100][ T4292] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 128.986120][ T4292] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 128.994080][ T4292] [ 128.997101][ T4296] CPU: 0 PID: 4296 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 129.005840][ T4296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.015897][ T4296] Call Trace: [ 129.019170][ T4296] [ 129.022099][ T4296] dump_stack_lvl+0xd6/0x122 [ 129.026697][ T4296] dump_stack+0x11/0x1b [ 129.030853][ T4296] should_fail+0x23c/0x250 [ 129.035270][ T4296] ? __alloc_file+0x2e/0x1a0 [ 129.039901][ T4296] __should_failslab+0x81/0x90 [ 129.044676][ T4296] should_failslab+0x5/0x20 [ 129.049259][ T4296] kmem_cache_alloc+0x4f/0x320 [ 129.054024][ T4296] __alloc_file+0x2e/0x1a0 [ 129.058444][ T4296] alloc_empty_file+0xcd/0x1c0 [ 129.063226][ T4296] path_openat+0x6a/0x1eb0 [ 129.067649][ T4296] ? __set_page_dirty_no_writeback+0x96/0xc0 [ 129.073714][ T4296] ? folio_mark_dirty+0x84/0xe0 [ 129.078573][ T4296] ? unlock_page+0x37/0x50 [ 129.083074][ T4296] ? inode_to_bdi+0x43/0xa0 [ 129.087640][ T4296] ? balance_dirty_pages_ratelimited+0x47/0x280 [ 129.093935][ T4296] ? generic_perform_write+0x397/0x400 [ 129.099497][ T4296] do_filp_open+0x105/0x220 [ 129.104012][ T4296] do_sys_openat2+0xb5/0x2b0 [ 129.108607][ T4296] __x64_sys_openat+0xef/0x110 [ 129.113382][ T4296] do_syscall_64+0x44/0xd0 [ 129.117815][ T4296] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.123722][ T4296] RIP: 0033:0x7f760127edb4 [ 129.128139][ T4296] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 129.147809][ T4296] RSP: 002b:00007f7600441eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 129.156226][ T4296] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127edb4 [ 129.164197][ T4296] RDX: 0000000000000002 RSI: 00007f7600441fe0 RDI: 00000000ffffff9c [ 129.172277][ T4296] RBP: 00007f7600441fe0 R08: 0000000000000000 R09: 00007f76004421d0 [ 129.180518][ T4296] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 129.188496][ T4296] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 129.196492][ T4296] 14:58:16 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 92) 14:58:16 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100", 0x36, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:16 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:16 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xf6ffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:16 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 15) [ 129.202750][ T4298] loop2: detected capacity change from 0 to 264192 [ 129.222932][ T4304] loop5: detected capacity change from 0 to 4 [ 129.250973][ T4304] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 129.262781][ T4303] FAULT_INJECTION: forcing a failure. [ 129.262781][ T4303] name failslab, interval 1, probability 0, space 0, times 0 [ 129.275624][ T4303] CPU: 1 PID: 4303 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 129.282440][ T4310] FAULT_INJECTION: forcing a failure. [ 129.282440][ T4310] name failslab, interval 1, probability 0, space 0, times 0 [ 129.284366][ T4303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.284380][ T4303] Call Trace: [ 129.284386][ T4303] [ 129.313251][ T4303] dump_stack_lvl+0xd6/0x122 [ 129.317972][ T4303] dump_stack+0x11/0x1b [ 129.322163][ T4303] should_fail+0x23c/0x250 [ 129.326568][ T4303] ? skb_clone+0x12c/0x1f0 [ 129.331035][ T4303] __should_failslab+0x81/0x90 [ 129.335807][ T4303] should_failslab+0x5/0x20 [ 129.340399][ T4303] kmem_cache_alloc+0x4f/0x320 [ 129.345253][ T4303] skb_clone+0x12c/0x1f0 [ 129.349521][ T4303] netlink_broadcast+0x4e9/0xad0 [ 129.354450][ T4303] kobject_uevent_env+0x8c9/0xc40 [ 129.359464][ T4303] ? kmem_cache_free+0x65/0x110 [ 129.364323][ T4303] ? kernfs_put+0x2f1/0x300 [ 129.368852][ T4303] kobject_uevent+0x18/0x20 [ 129.373399][ T4303] __loop_clr_fd+0x4a3/0x6c0 [ 129.377976][ T4303] lo_ioctl+0x985/0x1270 [ 129.382213][ T4303] ? __rcu_read_unlock+0x5c/0x290 [ 129.387264][ T4303] ? avc_has_extended_perms+0x686/0x8a0 [ 129.392878][ T4303] ? blkdev_common_ioctl+0x438/0x1180 [ 129.398277][ T4303] ? selinux_file_ioctl+0x522/0x590 [ 129.403495][ T4303] ? do_vfs_ioctl+0x819/0x14a0 [ 129.408306][ T4303] ? lo_release+0x120/0x120 [ 129.412800][ T4303] blkdev_ioctl+0x20e/0x440 [ 129.417334][ T4303] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 129.422777][ T4303] __se_sys_ioctl+0xcb/0x140 [ 129.427353][ T4303] __x64_sys_ioctl+0x3f/0x50 [ 129.431994][ T4303] do_syscall_64+0x44/0xd0 [ 129.436410][ T4303] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.442379][ T4303] RIP: 0033:0x7fbc8e8ddc57 [ 129.446778][ T4303] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.466549][ T4303] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 129.474952][ T4303] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 129.483397][ T4303] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 129.491357][ T4303] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 129.499366][ T4303] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 129.507355][ T4303] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 129.515384][ T4303] [ 129.518395][ T4310] CPU: 0 PID: 4310 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 129.522803][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 129.527428][ T4310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.527441][ T4310] Call Trace: [ 129.527447][ T4310] 14:58:16 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 93) 14:58:16 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef0100", 0x3c, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:16 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 129.527454][ T4310] dump_stack_lvl+0xd6/0x122 [ 129.539183][ T4308] loop2: detected capacity change from 0 to 264192 [ 129.545632][ T4310] dump_stack+0x11/0x1b [ 129.545658][ T4310] should_fail+0x23c/0x250 [ 129.545675][ T4310] ? security_file_alloc+0x30/0x190 [ 129.576899][ T4310] __should_failslab+0x81/0x90 [ 129.581673][ T4310] should_failslab+0x5/0x20 [ 129.586191][ T4310] kmem_cache_alloc+0x4f/0x320 [ 129.590962][ T4310] security_file_alloc+0x30/0x190 [ 129.596047][ T4310] __alloc_file+0x83/0x1a0 [ 129.600548][ T4310] alloc_empty_file+0xcd/0x1c0 [ 129.605407][ T4310] path_openat+0x6a/0x1eb0 [ 129.609828][ T4310] ? __set_page_dirty_no_writeback+0x96/0xc0 [ 129.611350][ T4315] loop0: detected capacity change from 0 to 4 [ 129.615816][ T4310] ? folio_mark_dirty+0x84/0xe0 [ 129.615840][ T4310] ? unlock_page+0x37/0x50 [ 129.615859][ T4310] ? inode_to_bdi+0x43/0xa0 [ 129.615874][ T4310] ? balance_dirty_pages_ratelimited+0x47/0x280 [ 129.624809][ T4315] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 129.626799][ T4310] ? generic_perform_write+0x397/0x400 [ 129.626829][ T4310] do_filp_open+0x105/0x220 [ 129.659948][ T4310] do_sys_openat2+0xb5/0x2b0 [ 129.664527][ T4310] __x64_sys_openat+0xef/0x110 [ 129.669313][ T4310] do_syscall_64+0x44/0xd0 [ 129.673719][ T4310] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.679707][ T4310] RIP: 0033:0x7f760127edb4 [ 129.684119][ T4310] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 129.703710][ T4310] RSP: 002b:00007f7600441eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 129.712122][ T4310] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f760127edb4 [ 129.720079][ T4310] RDX: 0000000000000002 RSI: 00007f7600441fe0 RDI: 00000000ffffff9c [ 129.728043][ T4310] RBP: 00007f7600441fe0 R08: 0000000000000000 R09: 00007f76004421d0 [ 129.736061][ T4310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 129.744013][ T4310] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 129.752054][ T4310] [ 129.762108][ T4314] FAULT_INJECTION: forcing a failure. [ 129.762108][ T4314] name failslab, interval 1, probability 0, space 0, times 0 [ 129.774745][ T4314] CPU: 1 PID: 4314 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 129.783424][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.793602][ T4314] Call Trace: [ 129.796886][ T4314] [ 129.799865][ T4314] dump_stack_lvl+0xd6/0x122 [ 129.804460][ T4314] dump_stack+0x11/0x1b [ 129.808728][ T4314] should_fail+0x23c/0x250 [ 129.813143][ T4314] ? kobject_uevent_env+0x1a7/0xc40 [ 129.818343][ T4314] __should_failslab+0x81/0x90 [ 129.823114][ T4314] should_failslab+0x5/0x20 [ 129.827664][ T4314] kmem_cache_alloc_trace+0x52/0x350 [ 129.832956][ T4314] ? ___cache_free+0x46/0x300 [ 129.837638][ T4314] ? dev_uevent_filter+0x70/0x70 [ 129.842604][ T4314] kobject_uevent_env+0x1a7/0xc40 [ 129.847681][ T4314] ? kfree+0xf8/0x1f0 [ 129.851669][ T4314] ? preempt_count_add+0x4e/0x90 [ 129.856683][ T4314] ? __wake_up+0x8d/0xc0 [ 129.860946][ T4314] disk_force_media_change+0xe3/0x170 [ 129.866361][ T4314] __loop_clr_fd+0x527/0x6c0 [ 129.871132][ T4314] lo_ioctl+0x985/0x1270 [ 129.875456][ T4314] ? __rcu_read_unlock+0x5c/0x290 [ 129.880483][ T4314] ? avc_has_extended_perms+0x686/0x8a0 [ 129.886055][ T4314] ? blkdev_common_ioctl+0x438/0x1180 [ 129.891674][ T4314] ? selinux_file_ioctl+0x522/0x590 [ 129.896879][ T4314] ? do_vfs_ioctl+0x819/0x14a0 [ 129.901650][ T4314] ? lo_release+0x120/0x120 [ 129.906167][ T4314] blkdev_ioctl+0x20e/0x440 [ 129.910676][ T4314] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 129.916148][ T4314] __se_sys_ioctl+0xcb/0x140 [ 129.920747][ T4314] __x64_sys_ioctl+0x3f/0x50 [ 129.925412][ T4314] do_syscall_64+0x44/0xd0 [ 129.929848][ T4314] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.935792][ T4314] RIP: 0033:0x7fbc8e8ddc57 [ 129.940207][ T4314] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.959899][ T4314] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 129.968355][ T4314] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 129.976331][ T4314] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 129.984308][ T4314] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 129.992286][ T4314] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff 14:58:17 executing program 0: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:17 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x11, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100", 0x36, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:17 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 16) 14:58:17 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xf9030000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 130.000304][ T4314] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 130.008375][ T4314] [ 130.029929][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.045748][ T4321] FAULT_INJECTION: forcing a failure. [ 130.045748][ T4321] name failslab, interval 1, probability 0, space 0, times 0 [ 130.058504][ T4321] CPU: 0 PID: 4321 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 130.060973][ T4323] loop2: detected capacity change from 0 to 264192 [ 130.067181][ T4321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.083778][ T4321] Call Trace: [ 130.087058][ T4321] [ 130.089991][ T4321] dump_stack_lvl+0xd6/0x122 [ 130.094690][ T4321] dump_stack+0x11/0x1b [ 130.098901][ T4321] should_fail+0x23c/0x250 14:58:17 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xf9fdffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 130.103324][ T4321] ? kzalloc+0x16/0x20 [ 130.107599][ T4321] __should_failslab+0x81/0x90 [ 130.112367][ T4321] should_failslab+0x5/0x20 [ 130.116918][ T4321] __kmalloc+0x6f/0x370 [ 130.121157][ T4321] ? iput+0x1cd/0x580 [ 130.125163][ T4321] kzalloc+0x16/0x20 [ 130.129068][ T4321] alloc_workqueue+0x12f/0xad0 [ 130.133881][ T4321] ? __rcu_read_unlock+0x5c/0x290 [ 130.138986][ T4321] ? preempt_count_add+0x4e/0x90 [ 130.143933][ T4321] ? _raw_spin_unlock+0x2e/0x50 [ 130.148789][ T4321] ? bd_prepare_to_claim+0x1ac/0x200 14:58:17 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfa030000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 130.154186][ T4321] loop_configure+0x70e/0xf30 [ 130.158881][ T4321] lo_ioctl+0x583/0x1270 [ 130.163136][ T4321] ? folio_mark_dirty+0x84/0xe0 [ 130.168006][ T4321] ? unlock_page+0x37/0x50 [ 130.172423][ T4321] ? __rcu_read_unlock+0x5c/0x290 [ 130.177545][ T4321] ? blkdev_common_ioctl+0x438/0x1180 [ 130.183014][ T4321] ? selinux_file_ioctl+0x522/0x590 [ 130.188318][ T4321] ? do_vfs_ioctl+0x819/0x14a0 [ 130.193128][ T4321] ? lo_release+0x120/0x120 [ 130.197717][ T4321] blkdev_ioctl+0x20e/0x440 14:58:17 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfb030000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 130.202229][ T4321] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 130.207737][ T4321] __se_sys_ioctl+0xcb/0x140 [ 130.212344][ T4321] __x64_sys_ioctl+0x3f/0x50 [ 130.216953][ T4321] do_syscall_64+0x44/0xd0 [ 130.221467][ T4321] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.227476][ T4321] RIP: 0033:0x7f76012cbc57 [ 130.231900][ T4321] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:58:17 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfdfdffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 130.251594][ T4321] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.253171][ T4332] loop5: detected capacity change from 0 to 4 [ 130.260021][ T4321] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f76012cbc57 [ 130.260036][ T4321] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 130.282004][ T4321] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f76004421d0 [ 130.290010][ T4321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:17 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 94) 14:58:17 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfdffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:17 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 17) [ 130.297987][ T4321] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 130.305959][ T4321] [ 130.319862][ T4332] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 14:58:17 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 1) 14:58:17 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x12, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 130.372947][ T4337] FAULT_INJECTION: forcing a failure. [ 130.372947][ T4337] name failslab, interval 1, probability 0, space 0, times 0 [ 130.385589][ T4337] CPU: 0 PID: 4337 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 130.387434][ T4342] FAULT_INJECTION: forcing a failure. [ 130.387434][ T4342] name failslab, interval 1, probability 0, space 0, times 0 [ 130.394266][ T4337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.416921][ T4337] Call Trace: [ 130.420286][ T4337] [ 130.423261][ T4337] dump_stack_lvl+0xd6/0x122 [ 130.427847][ T4337] dump_stack+0x11/0x1b [ 130.431994][ T4337] should_fail+0x23c/0x250 [ 130.436469][ T4337] ? alloc_workqueue+0x15d/0xad0 [ 130.441398][ T4337] __should_failslab+0x81/0x90 [ 130.446151][ T4337] should_failslab+0x5/0x20 [ 130.450783][ T4337] kmem_cache_alloc_trace+0x52/0x350 [ 130.456055][ T4337] ? kzalloc+0x16/0x20 [ 130.460159][ T4337] alloc_workqueue+0x15d/0xad0 [ 130.464910][ T4337] ? __rcu_read_unlock+0x5c/0x290 [ 130.469920][ T4337] ? preempt_count_add+0x4e/0x90 [ 130.474845][ T4337] ? _raw_spin_unlock+0x2e/0x50 [ 130.479819][ T4337] ? bd_prepare_to_claim+0x1ac/0x200 [ 130.485162][ T4337] loop_configure+0x70e/0xf30 [ 130.489834][ T4337] lo_ioctl+0x583/0x1270 [ 130.494059][ T4337] ? folio_mark_dirty+0x84/0xe0 [ 130.498914][ T4337] ? unlock_page+0x37/0x50 [ 130.503361][ T4337] ? __rcu_read_unlock+0x5c/0x290 [ 130.508405][ T4337] ? blkdev_common_ioctl+0x438/0x1180 [ 130.513818][ T4337] ? selinux_file_ioctl+0x522/0x590 [ 130.519023][ T4337] ? do_vfs_ioctl+0x819/0x14a0 [ 130.523772][ T4337] ? lo_release+0x120/0x120 [ 130.528259][ T4337] blkdev_ioctl+0x20e/0x440 [ 130.532803][ T4337] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 130.538262][ T4337] __se_sys_ioctl+0xcb/0x140 [ 130.542920][ T4337] __x64_sys_ioctl+0x3f/0x50 [ 130.547498][ T4337] do_syscall_64+0x44/0xd0 [ 130.551930][ T4337] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.557814][ T4337] RIP: 0033:0x7f76012cbc57 [ 130.562212][ T4337] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.581924][ T4337] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.590321][ T4337] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f76012cbc57 [ 130.598298][ T4337] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 130.606265][ T4337] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f76004421d0 [ 130.614233][ T4337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 130.622254][ T4337] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 130.630214][ T4337] [ 130.633241][ T4342] CPU: 1 PID: 4342 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 130.642004][ T4342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.652057][ T4342] Call Trace: [ 130.655334][ T4342] [ 130.658274][ T4342] dump_stack_lvl+0xd6/0x122 [ 130.662896][ T4342] dump_stack+0x11/0x1b [ 130.667180][ T4342] should_fail+0x23c/0x250 [ 130.671599][ T4342] ? __se_sys_memfd_create+0xe9/0x350 [ 130.676977][ T4342] __should_failslab+0x81/0x90 [ 130.681789][ T4342] should_failslab+0x5/0x20 [ 130.686297][ T4342] __kmalloc+0x6f/0x370 [ 130.690494][ T4342] ? strnlen_user+0x137/0x1c0 [ 130.695192][ T4342] __se_sys_memfd_create+0xe9/0x350 [ 130.700401][ T4342] __x64_sys_memfd_create+0x2d/0x40 [ 130.705604][ T4342] do_syscall_64+0x44/0xd0 [ 130.710024][ T4342] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.715989][ T4342] RIP: 0033:0x7fd726699e99 [ 130.720406][ T4342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.740020][ T4342] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 130.748503][ T4342] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 130.756484][ T4342] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 [ 130.764458][ T4342] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 [ 130.772521][ T4342] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 130.780516][ T4342] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 130.788494][ T4342] [ 130.794910][ T1905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.804918][ T1912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.820210][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.835450][ T4343] loop2: detected capacity change from 0 to 264192 [ 130.847250][ T4344] FAULT_INJECTION: forcing a failure. [ 130.847250][ T4344] name failslab, interval 1, probability 0, space 0, times 0 [ 130.859923][ T4344] CPU: 0 PID: 4344 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 14:58:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100", 0x36, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:18 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 18) [ 130.868605][ T4344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.878656][ T4344] Call Trace: [ 130.881927][ T4344] [ 130.884890][ T4344] dump_stack_lvl+0xd6/0x122 [ 130.889487][ T4344] dump_stack+0x11/0x1b [ 130.891241][ T4346] FAULT_INJECTION: forcing a failure. [ 130.891241][ T4346] name failslab, interval 1, probability 0, space 0, times 0 [ 130.893682][ T4344] should_fail+0x23c/0x250 [ 130.893704][ T4344] ? kzalloc+0x1d/0x30 [ 130.914744][ T4344] __should_failslab+0x81/0x90 [ 130.919505][ T4344] should_failslab+0x5/0x20 [ 130.924077][ T4344] __kmalloc+0x6f/0x370 [ 130.928260][ T4344] kzalloc+0x1d/0x30 [ 130.932143][ T4344] kobject_get_path+0x7c/0x110 [ 130.936998][ T4344] kobject_uevent_env+0x1be/0xc40 [ 130.942011][ T4344] ? kfree+0xf8/0x1f0 [ 130.946019][ T4344] ? preempt_count_add+0x4e/0x90 [ 130.951039][ T4344] ? __wake_up+0x8d/0xc0 [ 130.955300][ T4344] disk_force_media_change+0xe3/0x170 [ 130.960925][ T4344] __loop_clr_fd+0x527/0x6c0 [ 130.965526][ T4344] lo_ioctl+0x985/0x1270 [ 130.969759][ T4344] ? __rcu_read_unlock+0x5c/0x290 [ 130.974770][ T4344] ? avc_has_extended_perms+0x686/0x8a0 [ 130.980311][ T4344] ? blkdev_common_ioctl+0x438/0x1180 [ 130.985727][ T4344] ? selinux_file_ioctl+0x522/0x590 [ 130.990919][ T4344] ? do_vfs_ioctl+0x819/0x14a0 [ 130.995674][ T4344] ? lo_release+0x120/0x120 [ 131.000244][ T4344] blkdev_ioctl+0x20e/0x440 [ 131.004739][ T4344] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 131.010185][ T4344] __se_sys_ioctl+0xcb/0x140 [ 131.014767][ T4344] __x64_sys_ioctl+0x3f/0x50 [ 131.019397][ T4344] do_syscall_64+0x44/0xd0 [ 131.023804][ T4344] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.029689][ T4344] RIP: 0033:0x7fbc8e8ddc57 [ 131.034134][ T4344] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.053726][ T4344] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 131.062160][ T4344] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 131.070189][ T4344] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 131.078144][ T4344] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 131.086118][ T4344] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 131.094078][ T4344] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 131.102038][ T4344] [ 131.105046][ T4346] CPU: 1 PID: 4346 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 131.113723][ T4346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.123774][ T4346] Call Trace: [ 131.127056][ T4346] [ 131.129985][ T4346] dump_stack_lvl+0xd6/0x122 [ 131.134583][ T4346] dump_stack+0x11/0x1b [ 131.138740][ T4346] should_fail+0x23c/0x250 [ 131.143159][ T4346] ? kzalloc+0x16/0x20 [ 131.147288][ T4346] __should_failslab+0x81/0x90 [ 131.152127][ T4346] should_failslab+0x5/0x20 [ 131.156672][ T4346] __kmalloc+0x6f/0x370 [ 131.160910][ T4346] ? number+0xa13/0xb60 [ 131.165135][ T4346] kzalloc+0x16/0x20 [ 131.169082][ T4346] apply_wqattrs_prepare+0x3a/0x630 [ 131.174297][ T4346] ? vsnprintf+0xe8f/0xed0 [ 131.178718][ T4346] apply_workqueue_attrs+0x9e/0x100 [ 131.183943][ T4346] alloc_workqueue+0x777/0xad0 [ 131.188715][ T4346] ? preempt_count_add+0x4e/0x90 [ 131.193688][ T4346] ? _raw_spin_unlock+0x2e/0x50 [ 131.198553][ T4346] ? bd_prepare_to_claim+0x1ac/0x200 [ 131.203841][ T4346] loop_configure+0x70e/0xf30 [ 131.208531][ T4346] lo_ioctl+0x583/0x1270 [ 131.212785][ T4346] ? folio_mark_dirty+0x84/0xe0 [ 131.217656][ T4346] ? unlock_page+0x37/0x50 [ 131.222147][ T4346] ? __rcu_read_unlock+0x5c/0x290 [ 131.227180][ T4346] ? blkdev_common_ioctl+0x438/0x1180 [ 131.232557][ T4346] ? selinux_file_ioctl+0x522/0x590 [ 131.237880][ T4346] ? do_vfs_ioctl+0x819/0x14a0 [ 131.242650][ T4346] ? lo_release+0x120/0x120 [ 131.247230][ T4346] blkdev_ioctl+0x20e/0x440 [ 131.251740][ T4346] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 131.257201][ T4346] __se_sys_ioctl+0xcb/0x140 [ 131.261799][ T4346] __x64_sys_ioctl+0x3f/0x50 [ 131.266397][ T4346] do_syscall_64+0x44/0xd0 [ 131.270900][ T4346] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.276803][ T4346] RIP: 0033:0x7f76012cbc57 [ 131.281223][ T4346] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.300898][ T4346] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 131.309348][ T4346] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f76012cbc57 [ 131.317327][ T4346] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:58:18 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfeffffff, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 2) 14:58:18 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffffdf9, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 131.325304][ T4346] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f76004421d0 [ 131.333296][ T4346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 131.341377][ T4346] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 131.349425][ T4346] [ 131.352791][ T5] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.397661][ T4354] FAULT_INJECTION: forcing a failure. [ 131.397661][ T4354] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.410866][ T4354] CPU: 1 PID: 4354 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 131.419555][ T4354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.429679][ T4354] Call Trace: [ 131.432955][ T4354] [ 131.435881][ T4354] dump_stack_lvl+0xd6/0x122 [ 131.440510][ T4354] dump_stack+0x11/0x1b [ 131.444805][ T4354] should_fail+0x23c/0x250 [ 131.449250][ T4354] should_fail_usercopy+0x16/0x20 [ 131.454280][ T4354] _copy_from_user+0x1c/0xd0 [ 131.458883][ T4354] __se_sys_memfd_create+0x125/0x350 [ 131.464387][ T4354] __x64_sys_memfd_create+0x2d/0x40 [ 131.469665][ T4354] do_syscall_64+0x44/0xd0 [ 131.474089][ T4354] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.480049][ T4354] RIP: 0033:0x7fd726699e99 [ 131.484459][ T4354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.504067][ T4354] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 131.512496][ T4354] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 131.520467][ T4354] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 [ 131.528447][ T4354] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 [ 131.536452][ T4354] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 14:58:18 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 95) 14:58:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 3) 14:58:18 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x22, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 131.544502][ T4354] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 131.552572][ T4354] [ 131.584459][ T4349] loop5: detected capacity change from 0 to 4 [ 131.590963][ T4352] loop2: detected capacity change from 0 to 264192 14:58:18 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) (fail_nth: 19) [ 131.605188][ T4349] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 131.613311][ T4357] FAULT_INJECTION: forcing a failure. [ 131.613311][ T4357] name failslab, interval 1, probability 0, space 0, times 0 [ 131.613551][ T4360] FAULT_INJECTION: forcing a failure. [ 131.613551][ T4360] name failslab, interval 1, probability 0, space 0, times 0 [ 131.626415][ T4357] CPU: 0 PID: 4357 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 131.626440][ T4357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.626451][ T4357] Call Trace: [ 131.626458][ T4357] [ 131.664072][ T4357] dump_stack_lvl+0xd6/0x122 [ 131.668662][ T4357] dump_stack+0x11/0x1b [ 131.672820][ T4357] should_fail+0x23c/0x250 [ 131.677220][ T4357] ? shmem_alloc_inode+0x22/0x30 [ 131.682237][ T4357] __should_failslab+0x81/0x90 [ 131.687032][ T4357] ? shmem_match+0xa0/0xa0 [ 131.691430][ T4357] should_failslab+0x5/0x20 [ 131.696043][ T4357] kmem_cache_alloc+0x4f/0x320 [ 131.700846][ T4357] ? shmem_match+0xa0/0xa0 [ 131.705246][ T4357] shmem_alloc_inode+0x22/0x30 [ 131.710064][ T4357] new_inode_pseudo+0x38/0x190 [ 131.714816][ T4357] new_inode+0x21/0x100 [ 131.718956][ T4357] shmem_get_inode+0xb7/0x490 [ 131.723617][ T4357] __shmem_file_setup+0xf1/0x1d0 [ 131.728539][ T4357] shmem_file_setup+0x37/0x40 [ 131.733197][ T4357] __se_sys_memfd_create+0x1c1/0x350 [ 131.738517][ T4357] __x64_sys_memfd_create+0x2d/0x40 [ 131.743708][ T4357] do_syscall_64+0x44/0xd0 [ 131.748179][ T4357] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.754141][ T4357] RIP: 0033:0x7fd726699e99 [ 131.758540][ T4357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.778226][ T4357] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 131.786645][ T4357] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 131.794602][ T4357] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 [ 131.802555][ T4357] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 [ 131.810538][ T4357] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 131.818501][ T4357] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 131.826469][ T4357] [ 131.829478][ T4360] CPU: 1 PID: 4360 Comm: syz-executor.1 Not tainted 5.16.0-rc5-syzkaller #0 [ 131.838165][ T4360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.848253][ T4360] Call Trace: [ 131.851538][ T4360] [ 131.854466][ T4360] dump_stack_lvl+0xd6/0x122 [ 131.859065][ T4360] dump_stack+0x11/0x1b [ 131.863226][ T4360] should_fail+0x23c/0x250 [ 131.864585][ T4364] FAULT_INJECTION: forcing a failure. [ 131.864585][ T4364] name failslab, interval 1, probability 0, space 0, times 0 [ 131.867647][ T4360] ? apply_wqattrs_prepare+0x5f/0x630 [ 131.867676][ T4360] __should_failslab+0x81/0x90 [ 131.890372][ T4360] should_failslab+0x5/0x20 [ 131.894988][ T4360] kmem_cache_alloc_trace+0x52/0x350 [ 131.900280][ T4360] ? kzalloc+0x16/0x20 [ 131.904423][ T4360] apply_wqattrs_prepare+0x5f/0x630 [ 131.909609][ T4360] ? vsnprintf+0xe8f/0xed0 [ 131.914014][ T4360] apply_workqueue_attrs+0x9e/0x100 [ 131.919199][ T4360] alloc_workqueue+0x777/0xad0 [ 131.923957][ T4360] ? preempt_count_add+0x4e/0x90 [ 131.928887][ T4360] ? _raw_spin_unlock+0x2e/0x50 [ 131.933725][ T4360] ? bd_prepare_to_claim+0x1ac/0x200 [ 131.938996][ T4360] loop_configure+0x70e/0xf30 [ 131.943669][ T4360] lo_ioctl+0x583/0x1270 [ 131.947985][ T4360] ? folio_mark_dirty+0x84/0xe0 [ 131.952823][ T4360] ? unlock_page+0x37/0x50 [ 131.957224][ T4360] ? __rcu_read_unlock+0x5c/0x290 [ 131.962256][ T4360] ? blkdev_common_ioctl+0x438/0x1180 [ 131.967613][ T4360] ? selinux_file_ioctl+0x522/0x590 [ 131.972843][ T4360] ? do_vfs_ioctl+0x819/0x14a0 [ 131.977599][ T4360] ? lo_release+0x120/0x120 [ 131.982097][ T4360] blkdev_ioctl+0x20e/0x440 [ 131.986606][ T4360] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 131.992048][ T4360] __se_sys_ioctl+0xcb/0x140 [ 131.996625][ T4360] __x64_sys_ioctl+0x3f/0x50 [ 132.001239][ T4360] do_syscall_64+0x44/0xd0 [ 132.005644][ T4360] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.011583][ T4360] RIP: 0033:0x7f76012cbc57 [ 132.015982][ T4360] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.035596][ T4360] RSP: 002b:00007f7600441f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.044126][ T4360] RAX: ffffffffffffffda RBX: 00007f76013159c8 RCX: 00007f76012cbc57 14:58:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 4) [ 132.052082][ T4360] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 132.060087][ T4360] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f76004421d0 [ 132.068065][ T4360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 132.076023][ T4360] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 132.083980][ T4360] [ 132.086984][ T4364] CPU: 0 PID: 4364 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 132.089422][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 132.095761][ T4364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.095773][ T4364] Call Trace: [ 132.095779][ T4364] [ 132.095785][ T4364] dump_stack_lvl+0xd6/0x122 [ 132.095809][ T4364] dump_stack+0x11/0x1b [ 132.110310][ T4358] FAULT_INJECTION: forcing a failure. [ 132.110310][ T4358] name failslab, interval 1, probability 0, space 0, times 0 [ 132.113974][ T4364] should_fail+0x23c/0x250 [ 132.113998][ T4364] ? security_inode_alloc+0x30/0x180 [ 132.114018][ T4364] __should_failslab+0x81/0x90 [ 132.114038][ T4364] should_failslab+0x5/0x20 [ 132.114081][ T4364] kmem_cache_alloc+0x4f/0x320 [ 132.114101][ T4364] security_inode_alloc+0x30/0x180 [ 132.170162][ T4364] inode_init_always+0x214/0x3e0 [ 132.175139][ T4364] ? shmem_match+0xa0/0xa0 [ 132.179548][ T4364] new_inode_pseudo+0x6f/0x190 [ 132.184298][ T4364] new_inode+0x21/0x100 [ 132.188541][ T4364] shmem_get_inode+0xb7/0x490 [ 132.193225][ T4364] __shmem_file_setup+0xf1/0x1d0 [ 132.198230][ T4364] shmem_file_setup+0x37/0x40 [ 132.202960][ T4364] __se_sys_memfd_create+0x1c1/0x350 [ 132.208231][ T4364] __x64_sys_memfd_create+0x2d/0x40 [ 132.213461][ T4364] do_syscall_64+0x44/0xd0 [ 132.217866][ T4364] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.223749][ T4364] RIP: 0033:0x7fd726699e99 [ 132.228220][ T4364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.247812][ T4364] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 132.256207][ T4364] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 132.264219][ T4364] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 [ 132.272174][ T4364] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 [ 132.280127][ T4364] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 132.288083][ T4364] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 132.296048][ T4364] [ 132.299058][ T4358] CPU: 1 PID: 4358 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 132.307806][ T4358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.317867][ T4358] Call Trace: [ 132.321134][ T4358] [ 132.324152][ T4358] dump_stack_lvl+0xd6/0x122 [ 132.328737][ T4358] dump_stack+0x11/0x1b [ 132.332879][ T4358] should_fail+0x23c/0x250 [ 132.337317][ T4358] ? kzalloc+0x1d/0x30 [ 132.341372][ T4358] __should_failslab+0x81/0x90 [ 132.346161][ T4358] should_failslab+0x5/0x20 [ 132.350651][ T4358] __kmalloc+0x6f/0x370 [ 132.354852][ T4358] kzalloc+0x1d/0x30 [ 132.358732][ T4358] kobject_get_path+0x7c/0x110 [ 132.363484][ T4358] kobject_uevent_env+0x1be/0xc40 [ 132.368494][ T4358] ? kfree+0xf8/0x1f0 [ 132.372464][ T4358] ? preempt_count_add+0x4e/0x90 [ 132.377393][ T4358] ? __wake_up+0x8d/0xc0 [ 132.381621][ T4358] disk_force_media_change+0xe3/0x170 [ 132.386990][ T4358] __loop_clr_fd+0x527/0x6c0 [ 132.391587][ T4358] lo_ioctl+0x985/0x1270 [ 132.395814][ T4358] ? __rcu_read_unlock+0x5c/0x290 [ 132.400823][ T4358] ? avc_has_extended_perms+0x686/0x8a0 [ 132.406363][ T4358] ? blkdev_common_ioctl+0x438/0x1180 [ 132.411722][ T4358] ? selinux_file_ioctl+0x522/0x590 [ 132.416908][ T4358] ? do_vfs_ioctl+0x819/0x14a0 [ 132.421684][ T4358] ? lo_release+0x120/0x120 [ 132.426206][ T4358] blkdev_ioctl+0x20e/0x440 [ 132.430758][ T4358] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 132.436203][ T4358] __se_sys_ioctl+0xcb/0x140 [ 132.440810][ T4358] __x64_sys_ioctl+0x3f/0x50 [ 132.445386][ T4358] do_syscall_64+0x44/0xd0 [ 132.449790][ T4358] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.455673][ T4358] RIP: 0033:0x7fbc8e8ddc57 [ 132.460139][ T4358] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.479777][ T4358] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.488175][ T4358] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 132.496153][ T4358] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 14:58:19 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 132.504106][ T4358] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 132.512062][ T4358] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 132.520117][ T4358] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 132.528074][ T4358] 14:58:19 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffffdfd, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 132.553480][ T4366] loop1: detected capacity change from 0 to 1024 [ 132.572342][ T4366] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock 14:58:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:19 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 5) 14:58:19 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x48, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:19 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 96) [ 132.598432][ T4368] loop2: detected capacity change from 0 to 264192 14:58:19 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xffffff7f, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 132.650422][ T4375] loop5: detected capacity change from 0 to 4 [ 132.662762][ T4376] FAULT_INJECTION: forcing a failure. [ 132.662762][ T4376] name failslab, interval 1, probability 0, space 0, times 0 [ 132.675426][ T4376] CPU: 1 PID: 4376 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 132.684159][ T4376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.694244][ T4376] Call Trace: [ 132.697524][ T4376] [ 132.700462][ T4376] dump_stack_lvl+0xd6/0x122 [ 132.705210][ T4376] dump_stack+0x11/0x1b [ 132.709548][ T4376] should_fail+0x23c/0x250 [ 132.714032][ T4376] ? __d_alloc+0x36/0x370 [ 132.718362][ T4376] __should_failslab+0x81/0x90 [ 132.723200][ T4376] should_failslab+0x5/0x20 [ 132.727706][ T4376] kmem_cache_alloc+0x4f/0x320 [ 132.732534][ T4376] ? security_inode_alloc+0x138/0x180 [ 132.737964][ T4376] ? __init_rwsem+0x59/0x70 [ 132.742527][ T4376] __d_alloc+0x36/0x370 [ 132.746857][ T4376] ? debug_smp_processor_id+0x18/0x20 [ 132.752271][ T4376] d_alloc_pseudo+0x1a/0x50 [ 132.756785][ T4376] alloc_file_pseudo+0x77/0x150 [ 132.761665][ T4376] __shmem_file_setup+0x14c/0x1d0 [ 132.766702][ T4376] shmem_file_setup+0x37/0x40 [ 132.771391][ T4376] __se_sys_memfd_create+0x1c1/0x350 [ 132.776689][ T4376] __x64_sys_memfd_create+0x2d/0x40 [ 132.781902][ T4376] do_syscall_64+0x44/0xd0 [ 132.786326][ T4376] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.792237][ T4376] RIP: 0033:0x7fd726699e99 [ 132.796651][ T4376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.816259][ T4376] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 132.824673][ T4376] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 132.829488][ T4375] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 132.832645][ T4376] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 14:58:20 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 6) [ 132.832662][ T4376] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 [ 132.832673][ T4376] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 132.863005][ T4376] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 132.870997][ T4376] [ 132.875459][ T4374] FAULT_INJECTION: forcing a failure. [ 132.875459][ T4374] name failslab, interval 1, probability 0, space 0, times 0 [ 132.888111][ T4374] CPU: 1 PID: 4374 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 132.896787][ T4374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.906841][ T4374] Call Trace: [ 132.910117][ T4374] [ 132.912279][ T4380] FAULT_INJECTION: forcing a failure. [ 132.912279][ T4380] name failslab, interval 1, probability 0, space 0, times 0 [ 132.913035][ T4374] dump_stack_lvl+0xd6/0x122 [ 132.930303][ T4374] dump_stack+0x11/0x1b [ 132.934521][ T4374] should_fail+0x23c/0x250 [ 132.938928][ T4374] __should_failslab+0x81/0x90 [ 132.943681][ T4374] should_failslab+0x5/0x20 [ 132.948174][ T4374] kmem_cache_alloc_node_trace+0x61/0x310 [ 132.953879][ T4374] ? __kmalloc_node_track_caller+0x30/0x40 [ 132.959691][ T4374] __kmalloc_node_track_caller+0x30/0x40 [ 132.965411][ T4374] ? alloc_uevent_skb+0x5b/0x120 [ 132.970336][ T4374] __alloc_skb+0x19d/0x450 [ 132.974738][ T4374] alloc_uevent_skb+0x5b/0x120 [ 132.979548][ T4374] kobject_uevent_env+0x863/0xc40 [ 132.984561][ T4374] ? __wake_up+0x8d/0xc0 [ 132.988836][ T4374] disk_force_media_change+0xe3/0x170 [ 132.994291][ T4374] __loop_clr_fd+0x527/0x6c0 [ 132.998954][ T4374] lo_ioctl+0x985/0x1270 [ 133.003188][ T4374] ? __rcu_read_unlock+0x5c/0x290 [ 133.008257][ T4374] ? avc_has_extended_perms+0x686/0x8a0 [ 133.013801][ T4374] ? blkdev_common_ioctl+0x438/0x1180 [ 133.019179][ T4374] ? selinux_file_ioctl+0x522/0x590 [ 133.024505][ T4374] ? do_vfs_ioctl+0x819/0x14a0 [ 133.029343][ T4374] ? lo_release+0x120/0x120 [ 133.033861][ T4374] blkdev_ioctl+0x20e/0x440 [ 133.038347][ T4374] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 133.043797][ T4374] __se_sys_ioctl+0xcb/0x140 [ 133.048444][ T4374] __x64_sys_ioctl+0x3f/0x50 [ 133.053024][ T4374] do_syscall_64+0x44/0xd0 [ 133.057480][ T4374] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.063723][ T4374] RIP: 0033:0x7fbc8e8ddc57 [ 133.068163][ T4374] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.087790][ T4374] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 133.096187][ T4374] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 133.104140][ T4374] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 133.112093][ T4374] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 133.120077][ T4374] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 133.128031][ T4374] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 133.135989][ T4374] [ 133.138993][ T4380] CPU: 0 PID: 4380 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 14:58:20 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80002, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:20 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 97) [ 133.147724][ T4380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.157776][ T4380] Call Trace: [ 133.161055][ T4380] [ 133.164049][ T4380] dump_stack_lvl+0xd6/0x122 [ 133.168662][ T4380] dump_stack+0x11/0x1b [ 133.172820][ T4380] should_fail+0x23c/0x250 [ 133.177236][ T4380] ? __alloc_file+0x2e/0x1a0 [ 133.181830][ T4380] __should_failslab+0x81/0x90 [ 133.186699][ T4380] should_failslab+0x5/0x20 [ 133.191211][ T4380] kmem_cache_alloc+0x4f/0x320 [ 133.196055][ T4380] __alloc_file+0x2e/0x1a0 [ 133.200472][ T4380] alloc_empty_file+0xcd/0x1c0 [ 133.203469][ T4385] loop2: detected capacity change from 0 to 264192 [ 133.205316][ T4380] alloc_file+0x3a/0x280 [ 133.214020][ T4386] loop1: detected capacity change from 0 to 1024 [ 133.216051][ T4380] alloc_file_pseudo+0xfa/0x150 [ 133.224518][ T4386] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 133.227200][ T4380] __shmem_file_setup+0x14c/0x1d0 [ 133.242662][ T4380] shmem_file_setup+0x37/0x40 [ 133.247440][ T4380] __se_sys_memfd_create+0x1c1/0x350 [ 133.253169][ T4380] __x64_sys_memfd_create+0x2d/0x40 [ 133.258373][ T4380] do_syscall_64+0x44/0xd0 [ 133.263191][ T4380] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.269192][ T4380] RIP: 0033:0x7fd726699e99 [ 133.273602][ T4380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.293672][ T4380] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 133.302148][ T4380] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 133.310123][ T4380] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 [ 133.318154][ T4380] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 [ 133.326177][ T4380] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 133.334135][ T4380] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 133.342094][ T4380] [ 133.345712][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 7) 14:58:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) [ 133.371810][ T4388] FAULT_INJECTION: forcing a failure. [ 133.371810][ T4388] name failslab, interval 1, probability 0, space 0, times 0 [ 133.376632][ T4390] loop5: detected capacity change from 0 to 4 [ 133.384548][ T4388] CPU: 1 PID: 4388 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 133.384573][ T4388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.384584][ T4388] Call Trace: [ 133.384594][ T4388] [ 133.393317][ T4390] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 133.400289][ T4388] dump_stack_lvl+0xd6/0x122 [ 133.400317][ T4388] dump_stack+0x11/0x1b [ 133.431937][ T4388] should_fail+0x23c/0x250 [ 133.436337][ T4388] ? security_file_alloc+0x30/0x190 [ 133.441539][ T4388] __should_failslab+0x81/0x90 [ 133.446304][ T4388] should_failslab+0x5/0x20 [ 133.450807][ T4388] kmem_cache_alloc+0x4f/0x320 [ 133.455617][ T4388] security_file_alloc+0x30/0x190 [ 133.460626][ T4388] __alloc_file+0x83/0x1a0 [ 133.465110][ T4388] alloc_empty_file+0xcd/0x1c0 [ 133.469859][ T4388] alloc_file+0x3a/0x280 [ 133.474091][ T4388] alloc_file_pseudo+0xfa/0x150 [ 133.478940][ T4388] __shmem_file_setup+0x14c/0x1d0 [ 133.483954][ T4388] shmem_file_setup+0x37/0x40 [ 133.488690][ T4388] __se_sys_memfd_create+0x1c1/0x350 [ 133.493995][ T4388] __x64_sys_memfd_create+0x2d/0x40 [ 133.499173][ T4388] do_syscall_64+0x44/0xd0 [ 133.503581][ T4388] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.509510][ T4388] RIP: 0033:0x7fd726699e99 [ 133.513921][ T4388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.534219][ T4388] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 133.542627][ T4388] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd726699e99 [ 133.550578][ T4388] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007fd7266f3168 [ 133.558603][ T4388] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007fd7258101d0 14:58:20 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 8) [ 133.566556][ T4388] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 133.574515][ T4388] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 133.582472][ T4388] [ 133.586932][ T4384] FAULT_INJECTION: forcing a failure. [ 133.586932][ T4384] name failslab, interval 1, probability 0, space 0, times 0 [ 133.599605][ T4384] CPU: 1 PID: 4384 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 133.608356][ T4384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.611596][ T4392] FAULT_INJECTION: forcing a failure. [ 133.611596][ T4392] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 133.618462][ T4384] Call Trace: [ 133.618471][ T4384] [ 133.618478][ T4384] dump_stack_lvl+0xd6/0x122 [ 133.618504][ T4384] dump_stack+0x11/0x1b [ 133.618522][ T4384] should_fail+0x23c/0x250 [ 133.651298][ T4384] ? skb_clone+0x12c/0x1f0 [ 133.655720][ T4384] __should_failslab+0x81/0x90 [ 133.660556][ T4384] should_failslab+0x5/0x20 [ 133.665077][ T4384] kmem_cache_alloc+0x4f/0x320 [ 133.669826][ T4384] skb_clone+0x12c/0x1f0 [ 133.674118][ T4384] netlink_broadcast+0x4e9/0xad0 [ 133.679145][ T4384] kobject_uevent_env+0x8c9/0xc40 [ 133.684157][ T4384] ? __wake_up+0x8d/0xc0 [ 133.688390][ T4384] disk_force_media_change+0xe3/0x170 [ 133.693879][ T4384] __loop_clr_fd+0x527/0x6c0 [ 133.698454][ T4384] lo_ioctl+0x985/0x1270 [ 133.702686][ T4384] ? __rcu_read_unlock+0x5c/0x290 [ 133.707711][ T4384] ? avc_has_extended_perms+0x686/0x8a0 [ 133.713280][ T4384] ? blkdev_common_ioctl+0x438/0x1180 [ 133.718646][ T4384] ? selinux_file_ioctl+0x522/0x590 [ 133.723896][ T4384] ? do_vfs_ioctl+0x819/0x14a0 [ 133.728669][ T4384] ? lo_release+0x120/0x120 [ 133.733158][ T4384] blkdev_ioctl+0x20e/0x440 [ 133.737726][ T4384] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 133.743263][ T4384] __se_sys_ioctl+0xcb/0x140 [ 133.747871][ T4384] __x64_sys_ioctl+0x3f/0x50 [ 133.752476][ T4384] do_syscall_64+0x44/0xd0 [ 133.756879][ T4384] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.762798][ T4384] RIP: 0033:0x7fbc8e8ddc57 [ 133.767203][ T4384] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.786885][ T4384] RSP: 002b:00007fbc8da53f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 133.795416][ T4384] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fbc8e8ddc57 [ 133.803491][ T4384] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 133.811453][ T4384] RBP: 00007fbc8da546bc R08: 00007fbc8da54020 R09: 0000000020000000 [ 133.819415][ T4384] R10: 0000000000008000 R11: 0000000000000246 R12: ffffffffffffffff [ 133.827375][ T4384] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 133.835337][ T4384] [ 133.838342][ T4392] CPU: 0 PID: 4392 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 133.847019][ T4392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.857141][ T4392] Call Trace: [ 133.860417][ T4392] [ 133.863347][ T4392] dump_stack_lvl+0xd6/0x122 [ 133.867942][ T4392] dump_stack+0x11/0x1b [ 133.872160][ T4392] should_fail+0x23c/0x250 [ 133.876581][ T4392] __alloc_pages+0x102/0x330 [ 133.881339][ T4392] alloc_pages_vma+0x5ee/0x770 [ 133.886111][ T4392] shmem_getpage_gfp+0x8bc/0x12c0 [ 133.891175][ T4392] shmem_write_begin+0x7e/0x100 [ 133.896084][ T4392] generic_perform_write+0x1c8/0x400 [ 133.901470][ T4392] ? current_time+0xed/0x1a0 [ 133.906092][ T4392] __generic_file_write_iter+0xf7/0x2b0 [ 133.911649][ T4392] ? generic_write_checks+0x250/0x290 [ 133.917026][ T4392] generic_file_write_iter+0x75/0x130 [ 133.922410][ T4392] vfs_write+0x7f5/0x950 [ 133.926691][ T4392] __x64_sys_pwrite64+0xf5/0x150 [ 133.931731][ T4392] do_syscall_64+0x44/0xd0 [ 133.936154][ T4392] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.942187][ T4392] RIP: 0033:0x7fd72664ce67 [ 133.946679][ T4392] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b 14:58:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:21 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x68, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 98) [ 133.966356][ T4392] RSP: 002b:00007fd72580ff00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 133.974776][ T4392] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd72664ce67 [ 133.982752][ T4392] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004 [ 133.990723][ T4392] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007fd7258101d0 [ 133.998791][ T4392] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 134.006833][ T4392] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 134.014817][ T4392] 14:58:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 134.026542][ T4392] loop0: detected capacity change from 0 to 4 [ 134.047931][ T4397] loop5: detected capacity change from 0 to 4 [ 134.054531][ T4392] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 14:58:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xffffff85, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:21 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 134.070836][ T4397] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 134.083229][ T4398] FAULT_INJECTION: forcing a failure. [ 134.083229][ T4398] name failslab, interval 1, probability 0, space 0, times 0 [ 134.095895][ T4398] CPU: 1 PID: 4398 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 134.104572][ T4398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.114632][ T4398] Call Trace: [ 134.117967][ T4398] [ 134.120897][ T4398] dump_stack_lvl+0xd6/0x122 [ 134.125494][ T4398] dump_stack+0x11/0x1b [ 134.129702][ T4398] should_fail+0x23c/0x250 [ 134.134128][ T4398] ? inotify_handle_inode_event+0x10b/0x2e0 [ 134.140056][ T4398] __should_failslab+0x81/0x90 [ 134.144879][ T4398] should_failslab+0x5/0x20 [ 134.149387][ T4398] __kmalloc+0x6f/0x370 [ 134.153551][ T4398] inotify_handle_inode_event+0x10b/0x2e0 [ 134.159309][ T4398] ? tsan.module_ctor+0x10/0x10 [ 134.164165][ T4398] fsnotify_handle_inode_event+0x185/0x1e0 [ 134.169981][ T4398] fsnotify+0xc59/0xf00 [ 134.174209][ T4398] __fsnotify_parent+0x33a/0x490 [ 134.179158][ T4398] __fput+0x1d7/0x520 [ 134.183146][ T4398] ____fput+0x11/0x20 [ 134.187135][ T4398] task_work_run+0x8e/0x110 [ 134.191649][ T4398] exit_to_user_mode_prepare+0x160/0x190 [ 134.197293][ T4398] syscall_exit_to_user_mode+0x20/0x40 [ 134.202758][ T4398] do_syscall_64+0x50/0xd0 [ 134.207243][ T4398] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.213612][ T4398] RIP: 0033:0x7fbc8e890adb [ 134.218024][ T4398] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 134.237748][ T4398] RSP: 002b:00007fbc8da53f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 134.247190][ T4398] RAX: 0000000000000000 RBX: 0000000020000200 RCX: 00007fbc8e890adb [ 134.255155][ T4398] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 134.263181][ T4398] RBP: 00007fbc8da546bc R08: 0000000000000000 R09: 0000000020000000 14:58:21 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 99) 14:58:21 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x74, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef01", 0x3b, 0x400}], 0x0, &(0x7f0000012b00)) [ 134.271141][ T4398] R10: 0000000000008000 R11: 0000000000000293 R12: ffffffffffffffff [ 134.279190][ T4398] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 134.287154][ T4398] [ 134.293952][ T4402] loop1: detected capacity change from 0 to 1024 [ 134.301271][ T4404] loop2: detected capacity change from 0 to 264192 14:58:21 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 9) [ 134.331343][ T4402] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 134.351336][ T4410] loop5: detected capacity change from 0 to 4 [ 134.369221][ T4412] FAULT_INJECTION: forcing a failure. 14:58:21 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xffffff8c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:21 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 134.369221][ T4412] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.375301][ T4410] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 134.382332][ T4412] CPU: 0 PID: 4412 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 134.399229][ T4412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.409285][ T4412] Call Trace: [ 134.409976][ T4414] loop2: detected capacity change from 0 to 264192 [ 134.412627][ T4412] [ 134.412636][ T4412] dump_stack_lvl+0xd6/0x122 [ 134.412696][ T4412] dump_stack+0x11/0x1b [ 134.419323][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.422178][ T4412] should_fail+0x23c/0x250 [ 134.422199][ T4412] should_fail_usercopy+0x16/0x20 [ 134.448320][ T4412] copy_page_from_iter_atomic+0x2f1/0xc60 [ 134.454034][ T4412] ? shmem_write_begin+0x7e/0x100 [ 134.459049][ T4412] generic_perform_write+0x211/0x400 [ 134.464392][ T4412] ? current_time+0xed/0x1a0 [ 134.469007][ T4412] __generic_file_write_iter+0xf7/0x2b0 [ 134.474540][ T4412] ? generic_write_checks+0x250/0x290 [ 134.479901][ T4412] generic_file_write_iter+0x75/0x130 [ 134.485285][ T4412] vfs_write+0x7f5/0x950 [ 134.489618][ T4412] __x64_sys_pwrite64+0xf5/0x150 [ 134.494542][ T4412] do_syscall_64+0x44/0xd0 [ 134.498969][ T4412] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.504861][ T4412] RIP: 0033:0x7fd72664ce67 [ 134.509256][ T4412] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 134.528841][ T4412] RSP: 002b:00007fd72580ff00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 134.537258][ T4412] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd72664ce67 [ 134.545214][ T4412] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004 [ 134.553170][ T4412] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007fd7258101d0 [ 134.561215][ T4412] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 134.569241][ T4412] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 134.577215][ T4412] [ 134.583200][ T4412] loop0: detected capacity change from 0 to 4 [ 134.584108][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.590337][ T4412] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 134.606058][ T4406] FAULT_INJECTION: forcing a failure. [ 134.606058][ T4406] name failslab, interval 1, probability 0, space 0, times 0 [ 134.618677][ T4406] CPU: 1 PID: 4406 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 134.627458][ T4406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.637507][ T4406] Call Trace: [ 134.640779][ T4406] [ 134.643700][ T4406] dump_stack_lvl+0xd6/0x122 [ 134.648415][ T4406] dump_stack+0x11/0x1b [ 134.652598][ T4406] should_fail+0x23c/0x250 [ 134.657079][ T4406] ? inotify_handle_inode_event+0x10b/0x2e0 [ 134.663004][ T4406] __should_failslab+0x81/0x90 [ 134.667767][ T4406] should_failslab+0x5/0x20 [ 134.672264][ T4406] __kmalloc+0x6f/0x370 [ 134.676428][ T4406] inotify_handle_inode_event+0x10b/0x2e0 [ 134.682198][ T4406] ? tsan.module_ctor+0x10/0x10 [ 134.687050][ T4406] fsnotify_handle_inode_event+0x185/0x1e0 [ 134.692860][ T4406] fsnotify+0xc59/0xf00 [ 134.697028][ T4406] __fsnotify_parent+0x33a/0x490 [ 134.702036][ T4406] __fput+0x1d7/0x520 [ 134.706012][ T4406] ____fput+0x11/0x20 [ 134.709996][ T4406] task_work_run+0x8e/0x110 [ 134.714654][ T4406] exit_to_user_mode_prepare+0x160/0x190 [ 134.720337][ T4406] syscall_exit_to_user_mode+0x20/0x40 [ 134.725848][ T4406] do_syscall_64+0x50/0xd0 [ 134.730256][ T4406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.736214][ T4406] RIP: 0033:0x7fbc8e890adb [ 134.740647][ T4406] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 134.760252][ T4406] RSP: 002b:00007fbc8da53f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 134.768671][ T4406] RAX: 0000000000000000 RBX: 0000000020000200 RCX: 00007fbc8e890adb 14:58:22 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7a, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:22 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) (fail_nth: 100) [ 134.776737][ T4406] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 134.785136][ T4406] RBP: 00007fbc8da546bc R08: 0000000000000000 R09: 0000000020000000 [ 134.793107][ T4406] R10: 0000000000008000 R11: 0000000000000293 R12: ffffffffffffffff [ 134.801071][ T4406] R13: 0000000000000016 R14: 00007fbc8da53fe0 R15: 0000000020000240 [ 134.809052][ T4406] [ 134.827882][ T4418] loop1: detected capacity change from 0 to 1024 14:58:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:22 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xffffff97, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 134.837736][ T4418] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock 14:58:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 10) [ 134.881856][ T4420] FAULT_INJECTION: forcing a failure. [ 134.881856][ T4420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.894986][ T4420] CPU: 0 PID: 4420 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0 [ 134.896319][ T4426] FAULT_INJECTION: forcing a failure. [ 134.896319][ T4426] name failslab, interval 1, probability 0, space 0, times 0 [ 134.903742][ T4420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.903757][ T4420] Call Trace: [ 134.903763][ T4420] [ 134.903769][ T4420] dump_stack_lvl+0xd6/0x122 [ 134.903794][ T4420] dump_stack+0x11/0x1b [ 134.903812][ T4420] should_fail+0x23c/0x250 [ 134.945807][ T4420] should_fail_usercopy+0x16/0x20 [ 134.950822][ T4420] _copy_from_user+0x1c/0xd0 [ 134.955626][ T4420] kstrtouint_from_user+0x7e/0x170 [ 134.960727][ T4420] proc_fail_nth_write+0x4b/0x150 [ 134.965760][ T4420] ? proc_fail_nth_read+0x150/0x150 [ 134.970952][ T4420] vfs_write+0x2af/0x950 [ 134.975234][ T4420] ? __fget_files+0x1d2/0x210 [ 134.979938][ T4420] ksys_write+0xd9/0x190 [ 134.984171][ T4420] __x64_sys_write+0x3e/0x50 [ 134.988865][ T4420] do_syscall_64+0x44/0xd0 [ 134.993269][ T4420] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.999269][ T4420] RIP: 0033:0x7fbc8e8909af [ 135.003667][ T4420] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 135.023283][ T4420] RSP: 002b:00007fbc8da54160 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 135.031765][ T4420] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbc8e8909af [ 135.039720][ T4420] RDX: 0000000000000001 RSI: 00007fbc8da541e0 RDI: 0000000000000003 [ 135.047678][ T4420] RBP: 00007fbc8da541d0 R08: 0000000000000000 R09: 0000000020000000 [ 135.055658][ T4420] R10: 0000000000008000 R11: 0000000000000293 R12: 0000000000000003 [ 135.063663][ T4420] R13: 00007fff5770253f R14: 00007fbc8da54300 R15: 0000000000022000 [ 135.071629][ T4420] [ 135.074654][ T4426] CPU: 1 PID: 4426 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 135.083368][ T4426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.083925][ T4427] loop5: detected capacity change from 0 to 4 [ 135.093419][ T4426] Call Trace: [ 135.093429][ T4426] [ 135.105117][ T4428] loop2: detected capacity change from 0 to 264192 [ 135.105691][ T4426] dump_stack_lvl+0xd6/0x122 [ 135.116748][ T4426] dump_stack+0x11/0x1b [ 135.120912][ T4426] should_fail+0x23c/0x250 [ 135.125405][ T4426] ? getname_flags+0x84/0x3f0 [ 135.130083][ T4426] __should_failslab+0x81/0x90 [ 135.134853][ T4426] should_failslab+0x5/0x20 [ 135.139555][ T4426] kmem_cache_alloc+0x4f/0x320 [ 135.144329][ T4426] getname_flags+0x84/0x3f0 [ 135.148823][ T4426] getname+0x15/0x20 [ 135.152704][ T4426] do_sys_openat2+0x6d/0x2b0 [ 135.157283][ T4426] __x64_sys_openat+0xef/0x110 [ 135.162036][ T4426] do_syscall_64+0x44/0xd0 [ 135.166442][ T4426] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.172365][ T4426] RIP: 0033:0x7fd72664cdb4 [ 135.176863][ T4426] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 135.196648][ T4426] RSP: 002b:00007fd72580feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 135.205071][ T4426] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd72664cdb4 [ 135.213031][ T4426] RDX: 0000000000000002 RSI: 00007fd72580ffe0 RDI: 00000000ffffff9c [ 135.221100][ T4426] RBP: 00007fd72580ffe0 R08: 0000000000000000 R09: 00007fd7258101d0 14:58:22 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80005, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:22 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 135.229056][ T4426] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 135.237011][ T4426] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 135.245042][ T4426] [ 135.256144][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 11) 14:58:22 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x204, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 135.290330][ T4427] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 135.308187][ T4432] loop1: detected capacity change from 0 to 1024 [ 135.319215][ T4436] loop3: detected capacity change from 0 to 1 [ 135.325526][ T4434] FAULT_INJECTION: forcing a failure. [ 135.325526][ T4434] name fail_usercopy, interval 1, probability 0, space 0, times 0 14:58:22 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xffffffda, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:22 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 135.338774][ T4434] CPU: 0 PID: 4434 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 135.342239][ T4438] loop2: detected capacity change from 0 to 264192 [ 135.347454][ T4434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.347469][ T4434] Call Trace: [ 135.347475][ T4434] [ 135.357613][ T4432] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 135.363997][ T4434] dump_stack_lvl+0xd6/0x122 [ 135.364023][ T4434] dump_stack+0x11/0x1b [ 135.389505][ T4434] should_fail+0x23c/0x250 [ 135.393908][ T4434] should_fail_usercopy+0x16/0x20 [ 135.398914][ T4434] strncpy_from_user+0x21/0x250 [ 135.403923][ T4434] getname_flags+0xb8/0x3f0 [ 135.408405][ T4434] ? vfs_write+0x667/0x950 [ 135.412816][ T4434] getname+0x15/0x20 [ 135.416717][ T4434] do_sys_openat2+0x6d/0x2b0 [ 135.421378][ T4434] __x64_sys_openat+0xef/0x110 [ 135.426161][ T4434] do_syscall_64+0x44/0xd0 [ 135.430559][ T4434] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.436436][ T4434] RIP: 0033:0x7fd72664cdb4 [ 135.440845][ T4434] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 135.451559][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.460600][ T4434] RSP: 002b:00007fd72580feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 135.477031][ T4434] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd72664cdb4 14:58:22 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 12) 14:58:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) [ 135.484986][ T4434] RDX: 0000000000000002 RSI: 00007fd72580ffe0 RDI: 00000000ffffff9c [ 135.492946][ T4434] RBP: 00007fd72580ffe0 R08: 0000000000000000 R09: 00007fd7258101d0 [ 135.500966][ T4434] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 135.508917][ T4434] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 135.516882][ T4434] [ 135.537567][ T4442] FAULT_INJECTION: forcing a failure. [ 135.537567][ T4442] name failslab, interval 1, probability 0, space 0, times 0 [ 135.541354][ T4444] loop5: detected capacity change from 0 to 4 [ 135.550262][ T4442] CPU: 0 PID: 4442 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 135.558480][ T4444] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 135.564964][ T4442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.564979][ T4442] Call Trace: [ 135.564986][ T4442] [ 135.564993][ T4442] dump_stack_lvl+0xd6/0x122 [ 135.565019][ T4442] dump_stack+0x11/0x1b [ 135.565035][ T4442] should_fail+0x23c/0x250 [ 135.565052][ T4442] ? __alloc_file+0x2e/0x1a0 [ 135.607321][ T4442] __should_failslab+0x81/0x90 [ 135.612080][ T4442] should_failslab+0x5/0x20 [ 135.616620][ T4442] kmem_cache_alloc+0x4f/0x320 [ 135.621450][ T4442] __alloc_file+0x2e/0x1a0 [ 135.626025][ T4442] alloc_empty_file+0xcd/0x1c0 [ 135.630834][ T4442] path_openat+0x6a/0x1eb0 [ 135.635237][ T4442] ? __set_page_dirty_no_writeback+0x7d/0xc0 [ 135.641268][ T4442] ? folio_mark_dirty+0x84/0xe0 [ 135.646104][ T4442] ? unlock_page+0x37/0x50 [ 135.650619][ T4442] ? inode_to_bdi+0x43/0xa0 [ 135.655105][ T4442] ? balance_dirty_pages_ratelimited+0x47/0x280 [ 135.661372][ T4442] ? generic_perform_write+0x397/0x400 [ 135.666862][ T4442] do_filp_open+0x105/0x220 [ 135.671384][ T4442] do_sys_openat2+0xb5/0x2b0 [ 135.676039][ T4442] __x64_sys_openat+0xef/0x110 [ 135.680855][ T4442] do_syscall_64+0x44/0xd0 [ 135.685323][ T4442] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.691205][ T4442] RIP: 0033:0x7fd72664cdb4 [ 135.695723][ T4442] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 135.715535][ T4442] RSP: 002b:00007fd72580feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 135.724017][ T4442] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd72664cdb4 [ 135.731973][ T4442] RDX: 0000000000000002 RSI: 00007fd72580ffe0 RDI: 00000000ffffff9c 14:58:23 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80006, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 135.739944][ T4442] RBP: 00007fd72580ffe0 R08: 0000000000000000 R09: 00007fd7258101d0 [ 135.747901][ T4442] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 135.755857][ T4442] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 135.763819][ T4442] 14:58:23 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffffff6, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 13) 14:58:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) [ 135.815194][ T4447] loop3: detected capacity change from 0 to 1 [ 135.828373][ T4451] loop2: detected capacity change from 0 to 264192 [ 135.839665][ T4453] FAULT_INJECTION: forcing a failure. [ 135.839665][ T4453] name failslab, interval 1, probability 0, space 0, times 0 [ 135.845774][ T4455] loop1: detected capacity change from 0 to 1024 [ 135.852422][ T4453] CPU: 1 PID: 4453 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 135.862514][ T4456] loop5: detected capacity change from 0 to 4 [ 135.867268][ T4453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.867281][ T4453] Call Trace: [ 135.867288][ T4453] [ 135.867294][ T4453] dump_stack_lvl+0xd6/0x122 [ 135.892096][ T4456] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 135.894387][ T4453] dump_stack+0x11/0x1b [ 135.902607][ T4455] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 135.905018][ T4453] should_fail+0x23c/0x250 [ 135.905048][ T4453] ? security_file_alloc+0x30/0x190 [ 135.924998][ T4453] __should_failslab+0x81/0x90 [ 135.929801][ T4453] should_failslab+0x5/0x20 [ 135.934315][ T4453] kmem_cache_alloc+0x4f/0x320 [ 135.939071][ T4453] security_file_alloc+0x30/0x190 [ 135.944144][ T4453] __alloc_file+0x83/0x1a0 [ 135.948638][ T4453] alloc_empty_file+0xcd/0x1c0 [ 135.953388][ T4453] path_openat+0x6a/0x1eb0 [ 135.957790][ T4453] ? __set_page_dirty_no_writeback+0x7d/0xc0 [ 135.963812][ T4453] ? folio_mark_dirty+0x84/0xe0 [ 135.968719][ T4453] ? unlock_page+0x37/0x50 [ 135.973190][ T4453] ? inode_to_bdi+0x43/0xa0 [ 135.977706][ T4453] ? balance_dirty_pages_ratelimited+0x47/0x280 [ 135.984083][ T4453] ? generic_perform_write+0x397/0x400 [ 135.989542][ T4453] do_filp_open+0x105/0x220 [ 135.994103][ T4453] do_sys_openat2+0xb5/0x2b0 [ 135.998685][ T4453] __x64_sys_openat+0xef/0x110 [ 136.003455][ T4453] do_syscall_64+0x44/0xd0 [ 136.008381][ T4453] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.014312][ T4453] RIP: 0033:0x7fd72664cdb4 [ 136.018716][ T4453] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 136.038315][ T4453] RSP: 002b:00007fd72580feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 136.046816][ T4453] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd72664cdb4 [ 136.054787][ T4453] RDX: 0000000000000002 RSI: 00007fd72580ffe0 RDI: 00000000ffffff9c 14:58:23 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x402, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffffffd, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 136.062836][ T4453] RBP: 00007fd72580ffe0 R08: 0000000000000000 R09: 00007fd7258101d0 [ 136.070809][ T4453] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 136.078851][ T4453] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 136.086865][ T4453] 14:58:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 14) [ 136.140629][ T4461] loop3: detected capacity change from 0 to 2 [ 136.163505][ T4462] loop2: detected capacity change from 0 to 264192 [ 136.176723][ T4465] loop5: detected capacity change from 0 to 4 [ 136.177851][ T4466] FAULT_INJECTION: forcing a failure. 14:58:23 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80007, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 136.177851][ T4466] name failslab, interval 1, probability 0, space 0, times 0 [ 136.195445][ T4466] CPU: 0 PID: 4466 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 136.204126][ T4466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.214189][ T4466] Call Trace: [ 136.217471][ T4466] [ 136.220451][ T4466] dump_stack_lvl+0xd6/0x122 [ 136.225109][ T4466] dump_stack+0x11/0x1b [ 136.229272][ T4466] should_fail+0x23c/0x250 [ 136.233699][ T4466] ? kzalloc+0x16/0x20 [ 136.237777][ T4466] __should_failslab+0x81/0x90 [ 136.242613][ T4466] should_failslab+0x5/0x20 [ 136.247185][ T4466] __kmalloc+0x6f/0x370 [ 136.251423][ T4466] ? iput+0x1cd/0x580 [ 136.255408][ T4466] kzalloc+0x16/0x20 [ 136.259349][ T4466] alloc_workqueue+0x12f/0xad0 [ 136.262088][ T4465] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 136.264147][ T4466] ? __rcu_read_unlock+0x5c/0x290 [ 136.264171][ T4466] ? preempt_count_add+0x4e/0x90 [ 136.281019][ T4466] ? _raw_spin_unlock+0x2e/0x50 [ 136.285901][ T4466] ? bd_prepare_to_claim+0x1ac/0x200 [ 136.291371][ T4466] loop_configure+0x70e/0xf30 [ 136.296068][ T4466] lo_ioctl+0x583/0x1270 [ 136.300316][ T4466] ? folio_mark_dirty+0x84/0xe0 [ 136.305173][ T4466] ? unlock_page+0x37/0x50 [ 136.309741][ T4466] ? __rcu_read_unlock+0x5c/0x290 [ 136.314913][ T4466] ? blkdev_common_ioctl+0x438/0x1180 [ 136.320385][ T4466] ? selinux_file_ioctl+0x522/0x590 [ 136.325675][ T4466] ? do_vfs_ioctl+0x819/0x14a0 [ 136.330450][ T4466] ? lo_release+0x120/0x120 [ 136.334972][ T4466] blkdev_ioctl+0x20e/0x440 14:58:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53", 0x39, 0x400}], 0x0, &(0x7f0000012b00)) [ 136.339478][ T4466] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 136.344944][ T4466] __se_sys_ioctl+0xcb/0x140 [ 136.349544][ T4466] __x64_sys_ioctl+0x3f/0x50 [ 136.354158][ T4466] do_syscall_64+0x44/0xd0 [ 136.358665][ T4466] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.364564][ T4466] RIP: 0033:0x7fd726699c57 [ 136.369106][ T4466] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.381361][ T4468] loop1: detected capacity change from 0 to 1024 [ 136.388716][ T4466] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 136.388740][ T4466] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 136.388752][ T4466] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 136.388763][ T4466] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 136.388775][ T4466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:23 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 15) [ 136.404049][ T4468] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 136.411447][ T4466] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 136.411468][ T4466] [ 136.448324][ T4470] FAULT_INJECTION: forcing a failure. [ 136.448324][ T4470] name failslab, interval 1, probability 0, space 0, times 0 [ 136.469758][ T4470] CPU: 0 PID: 4470 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 136.478453][ T4470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.488488][ T4470] Call Trace: [ 136.491756][ T4470] [ 136.494677][ T4470] dump_stack_lvl+0xd6/0x122 [ 136.499252][ T4470] dump_stack+0x11/0x1b [ 136.503400][ T4470] should_fail+0x23c/0x250 [ 136.507794][ T4470] ? alloc_workqueue+0x15d/0xad0 [ 136.512712][ T4470] __should_failslab+0x81/0x90 [ 136.517466][ T4470] should_failslab+0x5/0x20 [ 136.521949][ T4470] kmem_cache_alloc_trace+0x52/0x350 [ 136.527227][ T4470] ? kzalloc+0x16/0x20 [ 136.531335][ T4470] alloc_workqueue+0x15d/0xad0 [ 136.536165][ T4470] ? __rcu_read_unlock+0x5c/0x290 [ 136.541190][ T4470] ? preempt_count_add+0x4e/0x90 [ 136.546110][ T4470] ? _raw_spin_unlock+0x2e/0x50 [ 136.551187][ T4470] ? bd_prepare_to_claim+0x1ac/0x200 [ 136.556458][ T4470] loop_configure+0x70e/0xf30 [ 136.561174][ T4470] lo_ioctl+0x583/0x1270 [ 136.565395][ T4470] ? folio_mark_dirty+0x84/0xe0 [ 136.570257][ T4470] ? unlock_page+0x37/0x50 [ 136.574762][ T4470] ? __rcu_read_unlock+0x5c/0x290 [ 136.579835][ T4470] ? blkdev_common_ioctl+0x438/0x1180 [ 136.585190][ T4470] ? selinux_file_ioctl+0x522/0x590 [ 136.590363][ T4470] ? do_vfs_ioctl+0x819/0x14a0 [ 136.595189][ T4470] ? lo_release+0x120/0x120 [ 136.599674][ T4470] blkdev_ioctl+0x20e/0x440 [ 136.604384][ T4470] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 136.609851][ T4470] __se_sys_ioctl+0xcb/0x140 [ 136.614514][ T4470] __x64_sys_ioctl+0x3f/0x50 [ 136.619156][ T4470] do_syscall_64+0x44/0xd0 [ 136.623552][ T4470] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.629501][ T4470] RIP: 0033:0x7fd726699c57 [ 136.633895][ T4470] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.653501][ T4470] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 136.661896][ T4470] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 136.669845][ T4470] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 136.677822][ T4470] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 14:58:23 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfffffffe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:23 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x406, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 136.685790][ T4470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 136.693743][ T4470] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 136.701694][ T4470] [ 136.705168][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:24 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80008, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:24 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 16) 14:58:24 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 136.740391][ T4473] loop5: detected capacity change from 0 to 4 [ 136.753451][ T4475] loop2: detected capacity change from 0 to 264192 [ 136.762038][ T4473] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 136.764666][ T4478] loop3: detected capacity change from 0 to 2 14:58:24 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012b00)) 14:58:24 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x80000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 136.808012][ T4482] loop1: detected capacity change from 0 to 1024 [ 136.832908][ T4482] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 136.835033][ T4484] FAULT_INJECTION: forcing a failure. [ 136.835033][ T4484] name failslab, interval 1, probability 0, space 0, times 0 [ 136.855991][ T4484] CPU: 1 PID: 4484 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 136.864829][ T4484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.874894][ T4484] Call Trace: [ 136.878172][ T4484] [ 136.881205][ T4484] dump_stack_lvl+0xd6/0x122 [ 136.885800][ T4484] dump_stack+0x11/0x1b [ 136.889986][ T4484] should_fail+0x23c/0x250 [ 136.894390][ T4484] ? kzalloc+0x16/0x20 [ 136.898503][ T4484] __should_failslab+0x81/0x90 [ 136.903287][ T4484] should_failslab+0x5/0x20 [ 136.907857][ T4484] __kmalloc+0x6f/0x370 [ 136.911997][ T4484] ? number+0xa13/0xb60 [ 136.916262][ T4484] kzalloc+0x16/0x20 [ 136.920188][ T4484] apply_wqattrs_prepare+0x3a/0x630 [ 136.925448][ T4484] ? vsnprintf+0xe8f/0xed0 [ 136.929855][ T4484] apply_workqueue_attrs+0x9e/0x100 [ 136.935113][ T4484] alloc_workqueue+0x777/0xad0 [ 136.939914][ T4484] ? preempt_count_add+0x4e/0x90 [ 136.944980][ T4484] ? _raw_spin_unlock+0x2e/0x50 [ 136.949856][ T4484] ? bd_prepare_to_claim+0x1ac/0x200 [ 136.955129][ T4484] loop_configure+0x70e/0xf30 [ 136.959854][ T4484] lo_ioctl+0x583/0x1270 [ 136.964086][ T4484] ? folio_mark_dirty+0x84/0xe0 [ 136.968923][ T4484] ? unlock_page+0x37/0x50 [ 136.973508][ T4484] ? __rcu_read_unlock+0x5c/0x290 [ 136.978560][ T4484] ? blkdev_common_ioctl+0x438/0x1180 [ 136.984003][ T4484] ? selinux_file_ioctl+0x522/0x590 [ 136.989260][ T4484] ? do_vfs_ioctl+0x819/0x14a0 [ 136.994052][ T4484] ? lo_release+0x120/0x120 [ 136.998539][ T4484] blkdev_ioctl+0x20e/0x440 [ 137.003029][ T4484] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 137.008516][ T4484] __se_sys_ioctl+0xcb/0x140 [ 137.013149][ T4484] __x64_sys_ioctl+0x3f/0x50 [ 137.017770][ T4484] do_syscall_64+0x44/0xd0 [ 137.022212][ T4484] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.028097][ T4484] RIP: 0033:0x7fd726699c57 [ 137.032564][ T4484] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:58:24 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80009, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 137.052156][ T4484] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 137.060607][ T4484] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 137.068665][ T4484] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 137.076624][ T4484] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 137.084671][ T4484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 137.092627][ T4484] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 137.100587][ T4484] 14:58:24 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:24 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 17) 14:58:24 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:24 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x500, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 137.118220][ T4486] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 137.122455][ T4490] loop2: detected capacity change from 0 to 264192 [ 137.185810][ T4495] loop1: detected capacity change from 0 to 1024 [ 137.187338][ T4492] FAULT_INJECTION: forcing a failure. [ 137.187338][ T4492] name failslab, interval 1, probability 0, space 0, times 0 [ 137.204815][ T4492] CPU: 0 PID: 4492 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 137.213495][ T4492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.223553][ T4492] Call Trace: [ 137.226821][ T4492] [ 137.229742][ T4492] dump_stack_lvl+0xd6/0x122 [ 137.234330][ T4492] dump_stack+0x11/0x1b [ 137.238513][ T4492] should_fail+0x23c/0x250 [ 137.243002][ T4492] ? apply_wqattrs_prepare+0x5f/0x630 [ 137.248365][ T4492] __should_failslab+0x81/0x90 [ 137.253114][ T4492] should_failslab+0x5/0x20 [ 137.257687][ T4492] kmem_cache_alloc_trace+0x52/0x350 [ 137.262955][ T4492] ? kzalloc+0x16/0x20 [ 137.267065][ T4492] apply_wqattrs_prepare+0x5f/0x630 [ 137.272279][ T4492] ? vsnprintf+0xe8f/0xed0 [ 137.276726][ T4492] apply_workqueue_attrs+0x9e/0x100 [ 137.281933][ T4492] alloc_workqueue+0x777/0xad0 [ 137.286749][ T4492] ? preempt_count_add+0x4e/0x90 [ 137.291699][ T4492] ? _raw_spin_unlock+0x2e/0x50 [ 137.296534][ T4492] ? bd_prepare_to_claim+0x1ac/0x200 [ 137.301804][ T4492] loop_configure+0x70e/0xf30 [ 137.306545][ T4492] lo_ioctl+0x583/0x1270 [ 137.310824][ T4492] ? folio_mark_dirty+0x84/0xe0 [ 137.315734][ T4492] ? unlock_page+0x37/0x50 [ 137.320133][ T4492] ? __rcu_read_unlock+0x5c/0x290 [ 137.325146][ T4492] ? blkdev_common_ioctl+0x438/0x1180 [ 137.330509][ T4492] ? selinux_file_ioctl+0x522/0x590 [ 137.335765][ T4492] ? do_vfs_ioctl+0x819/0x14a0 [ 137.340533][ T4492] ? lo_release+0x120/0x120 [ 137.345017][ T4492] blkdev_ioctl+0x20e/0x440 [ 137.349567][ T4492] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 137.355194][ T4492] __se_sys_ioctl+0xcb/0x140 [ 137.359800][ T4492] __x64_sys_ioctl+0x3f/0x50 [ 137.364377][ T4492] do_syscall_64+0x44/0xd0 [ 137.368783][ T4492] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.374732][ T4492] RIP: 0033:0x7fd726699c57 [ 137.379198][ T4492] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.398961][ T4492] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 137.407356][ T4492] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 137.415310][ T4492] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 137.423264][ T4492] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 14:58:24 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012b00)) 14:58:24 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xedc000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 137.431217][ T4492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 137.439434][ T4492] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 137.447397][ T4492] [ 137.472186][ T4498] loop3: detected capacity change from 0 to 2 14:58:24 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 18) [ 137.475983][ T4495] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 137.490873][ T4500] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 137.506980][ T4502] FAULT_INJECTION: forcing a failure. [ 137.506980][ T4502] name failslab, interval 1, probability 0, space 0, times 0 [ 137.519894][ T4502] CPU: 0 PID: 4502 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 137.528627][ T4502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.538712][ T4502] Call Trace: [ 137.542025][ T4502] [ 137.544940][ T4502] dump_stack_lvl+0xd6/0x122 [ 137.549517][ T4502] dump_stack+0x11/0x1b [ 137.553663][ T4502] should_fail+0x23c/0x250 [ 137.558057][ T4502] ? apply_wqattrs_prepare+0xbe/0x630 [ 137.563449][ T4502] __should_failslab+0x81/0x90 [ 137.568422][ T4502] should_failslab+0x5/0x20 [ 137.572909][ T4502] kmem_cache_alloc_trace+0x52/0x350 [ 137.578177][ T4502] ? apply_wqattrs_prepare+0x5f/0x630 [ 137.583548][ T4502] apply_wqattrs_prepare+0xbe/0x630 [ 137.588806][ T4502] ? vsnprintf+0xe8f/0xed0 [ 137.593206][ T4502] apply_workqueue_attrs+0x9e/0x100 [ 137.598401][ T4502] alloc_workqueue+0x777/0xad0 [ 137.603146][ T4502] ? preempt_count_add+0x4e/0x90 [ 137.608072][ T4502] ? _raw_spin_unlock+0x2e/0x50 [ 137.613018][ T4502] ? bd_prepare_to_claim+0x1ac/0x200 [ 137.618359][ T4502] loop_configure+0x70e/0xf30 [ 137.623019][ T4502] lo_ioctl+0x583/0x1270 [ 137.627341][ T4502] ? folio_mark_dirty+0x84/0xe0 [ 137.632181][ T4502] ? unlock_page+0x37/0x50 [ 137.636598][ T4502] ? __rcu_read_unlock+0x5c/0x290 [ 137.641656][ T4502] ? blkdev_common_ioctl+0x438/0x1180 [ 137.647016][ T4502] ? selinux_file_ioctl+0x522/0x590 [ 137.652266][ T4502] ? do_vfs_ioctl+0x819/0x14a0 [ 137.657049][ T4502] ? lo_release+0x120/0x120 [ 137.661600][ T4502] blkdev_ioctl+0x20e/0x440 [ 137.666180][ T4502] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 137.671624][ T4502] __se_sys_ioctl+0xcb/0x140 [ 137.676215][ T4502] __x64_sys_ioctl+0x3f/0x50 [ 137.680846][ T4502] do_syscall_64+0x44/0xd0 [ 137.685270][ T4502] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.691144][ T4502] RIP: 0033:0x7fd726699c57 [ 137.695594][ T4502] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.715179][ T4502] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 137.723569][ T4502] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 137.731530][ T4502] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 137.739539][ T4502] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 137.747512][ T4502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 137.755543][ T4502] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 137.763596][ T4502] [ 137.769044][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:25 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x59c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:25 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 137.788094][ T4504] loop2: detected capacity change from 0 to 264192 [ 137.788434][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a}], 0x0, &(0x7f0000012b00)) 14:58:25 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000b, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:25 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:25 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x9, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 137.835799][ T4507] loop3: detected capacity change from 0 to 2 14:58:25 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 19) [ 137.880846][ T1908] ================================================================== [ 137.885027][ T4512] loop1: detected capacity change from 0 to 1024 [ 137.888937][ T1908] BUG: KCSAN: data-race in shmem_mknod / vfs_getattr_nosec [ 137.902419][ T1908] [ 137.904733][ T1908] write to 0xffff8881037b63d8 of 8 bytes by task 2188 on cpu 1: [ 137.912356][ T1908] shmem_mknod+0xdc/0x170 [ 137.913488][ T4516] FAULT_INJECTION: forcing a failure. [ 137.913488][ T4516] name failslab, interval 1, probability 0, space 0, times 0 [ 137.916687][ T1908] shmem_create+0x2f/0x40 [ 137.916711][ T1908] path_openat+0xd2c/0x1eb0 [ 137.929299][ T4516] CPU: 1 PID: 4516 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 137.933568][ T1908] do_filp_open+0x105/0x220 [ 137.938219][ T4516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.946858][ T1908] do_sys_openat2+0xb5/0x2b0 [ 137.951334][ T4516] Call Trace: [ 137.951342][ T4516] [ 137.961456][ T1908] __x64_sys_openat+0xef/0x110 [ 137.966020][ T4516] dump_stack_lvl+0xd6/0x122 [ 137.969278][ T1908] do_syscall_64+0x44/0xd0 [ 137.969298][ T1908] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.969318][ T1908] [ 137.969323][ T1908] read to 0xffff8881037b63d8 of 8 bytes by task 1908 on cpu 0: [ 137.969337][ T1908] vfs_getattr_nosec+0x242/0x2f0 [ 137.972257][ T4516] dump_stack+0x11/0x1b [ 137.976991][ T1908] vfs_statx+0x138/0x2a0 [ 137.981556][ T4516] should_fail+0x23c/0x250 [ 137.985949][ T1908] __se_sys_newfstatat+0x63/0x260 [ 137.991813][ T4516] __should_failslab+0x81/0x90 [ 137.994120][ T1908] __x64_sys_newfstatat+0x51/0x60 [ 138.001729][ T4516] should_failslab+0x5/0x20 [ 138.006639][ T1908] do_syscall_64+0x44/0xd0 [ 138.006658][ T1908] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.006678][ T1908] [ 138.006681][ T1908] value changed: 0x0000000000001644 -> 0x0000000000001658 [ 138.006691][ T1908] [ 138.006693][ T1908] Reported by Kernel Concurrency Sanitizer on: [ 138.006700][ T1908] CPU: 0 PID: 1908 Comm: udevd Not tainted 5.16.0-rc5-syzkaller #0 [ 138.010819][ T4516] kmem_cache_alloc_node+0x61/0x2d0 [ 138.015035][ T1908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.019424][ T4516] ? should_fail+0xd6/0x250 [ 138.024423][ T1908] ================================================================== [ 138.029155][ T4516] ? should_fail+0xd6/0x250 [ 138.041593][ T4510] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 138.043190][ T4516] ? alloc_unbound_pwq+0x3e6/0x780 [ 138.043222][ T4516] alloc_unbound_pwq+0x3e6/0x780 [ 138.049335][ T4512] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 138.051390][ T4516] apply_wqattrs_prepare+0x1ed/0x630 [ 138.051419][ T4516] ? vsnprintf+0xe8f/0xed0 [ 138.051439][ T4516] apply_workqueue_attrs+0x9e/0x100 [ 138.148853][ T4516] alloc_workqueue+0x777/0xad0 [ 138.153608][ T4516] ? preempt_count_add+0x4e/0x90 [ 138.158595][ T4516] ? _raw_spin_unlock+0x2e/0x50 [ 138.163487][ T4516] ? bd_prepare_to_claim+0x1ac/0x200 [ 138.168879][ T4516] loop_configure+0x70e/0xf30 [ 138.173536][ T4516] lo_ioctl+0x583/0x1270 [ 138.177764][ T4516] ? folio_mark_dirty+0x84/0xe0 [ 138.182691][ T4516] ? unlock_page+0x37/0x50 [ 138.187081][ T4516] ? __rcu_read_unlock+0x5c/0x290 [ 138.192089][ T4516] ? blkdev_common_ioctl+0x438/0x1180 [ 138.197495][ T4516] ? selinux_file_ioctl+0x522/0x590 [ 138.202738][ T4516] ? do_vfs_ioctl+0x819/0x14a0 [ 138.207489][ T4516] ? lo_release+0x120/0x120 [ 138.211971][ T4516] blkdev_ioctl+0x20e/0x440 [ 138.216628][ T4516] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 138.222139][ T4516] __se_sys_ioctl+0xcb/0x140 [ 138.226942][ T4516] __x64_sys_ioctl+0x3f/0x50 [ 138.232491][ T4516] do_syscall_64+0x44/0xd0 [ 138.236900][ T4516] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.242788][ T4516] RIP: 0033:0x7fd726699c57 [ 138.247179][ T4516] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.266778][ T4516] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:58:25 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 20) 14:58:25 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5c2, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 138.275208][ T4516] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 138.283159][ T4516] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 138.291108][ T4516] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 138.299057][ T4516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 138.307182][ T4516] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 138.315134][ T4516] [ 138.324458][ T4518] loop2: detected capacity change from 0 to 264192 14:58:25 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0) 14:58:25 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 138.347855][ T4522] loop3: detected capacity change from 0 to 2 [ 138.353132][ T4520] FAULT_INJECTION: forcing a failure. [ 138.353132][ T4520] name failslab, interval 1, probability 0, space 0, times 0 [ 138.367001][ T4520] CPU: 0 PID: 4520 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 138.375678][ T4520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.385740][ T4520] Call Trace: [ 138.389021][ T4520] [ 138.391944][ T4520] dump_stack_lvl+0xd6/0x122 14:58:25 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x600, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 138.393543][ T4526] loop1: detected capacity change from 0 to 1024 [ 138.396612][ T4520] dump_stack+0x11/0x1b [ 138.396636][ T4520] should_fail+0x23c/0x250 [ 138.412661][ T4520] ? kobject_uevent_env+0x1a7/0xc40 [ 138.415975][ T4526] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 138.417866][ T4520] __should_failslab+0x81/0x90 [ 138.417894][ T4520] should_failslab+0x5/0x20 [ 138.437504][ T4520] kmem_cache_alloc_trace+0x52/0x350 [ 138.439707][ T4528] loop5: detected capacity change from 0 to 4 14:58:25 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x100000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 138.442794][ T4520] ? pwq_adjust_max_active+0x4c5/0x4e0 [ 138.454326][ T4520] ? dev_uevent_filter+0x70/0x70 [ 138.459268][ T4520] kobject_uevent_env+0x1a7/0xc40 [ 138.464334][ T4520] ? preempt_count_add+0x4e/0x90 [ 138.468698][ T4530] loop2: detected capacity change from 0 to 264192 [ 138.469312][ T4520] ? _raw_spin_unlock+0x2e/0x50 [ 138.469336][ T4520] ? bd_prepare_to_claim+0x1ac/0x200 [ 138.469355][ T4520] disk_force_media_change+0xe3/0x170 [ 138.469382][ T4520] loop_configure+0x74d/0xf30 [ 138.496094][ T4520] lo_ioctl+0x583/0x1270 [ 138.500368][ T4520] ? folio_mark_dirty+0x84/0xe0 [ 138.505263][ T4520] ? unlock_page+0x37/0x50 [ 138.509765][ T4520] ? __rcu_read_unlock+0x5c/0x290 [ 138.514790][ T4520] ? blkdev_common_ioctl+0x438/0x1180 [ 138.520321][ T4520] ? selinux_file_ioctl+0x522/0x590 [ 138.525544][ T4520] ? do_vfs_ioctl+0x819/0x14a0 [ 138.530407][ T4520] ? lo_release+0x120/0x120 [ 138.534958][ T4520] blkdev_ioctl+0x20e/0x440 [ 138.539482][ T4520] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 138.544920][ T4520] __se_sys_ioctl+0xcb/0x140 [ 138.549544][ T4520] __x64_sys_ioctl+0x3f/0x50 [ 138.554112][ T4520] do_syscall_64+0x44/0xd0 [ 138.558507][ T4520] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.564586][ T4520] RIP: 0033:0x7fd726699c57 [ 138.568981][ T4520] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.588696][ T4520] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.597108][ T4520] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 138.605106][ T4520] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 138.613061][ T4520] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 138.621013][ T4520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 138.629003][ T4520] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 138.637022][ T4520] [ 138.640756][ T4520] loop0: detected capacity change from 0 to 4 14:58:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0) 14:58:25 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:25 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000d, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:25 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x200000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 138.648427][ T4520] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 138.680198][ T4532] loop3: detected capacity change from 0 to 3 14:58:25 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 21) [ 138.703435][ T4537] loop1: detected capacity change from 0 to 1024 [ 138.710095][ T4538] loop2: detected capacity change from 0 to 264192 [ 138.712389][ T4540] FAULT_INJECTION: forcing a failure. [ 138.712389][ T4540] name failslab, interval 1, probability 0, space 0, times 0 [ 138.718601][ T4537] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 138.729257][ T4540] CPU: 1 PID: 4540 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 138.748770][ T4540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.758815][ T4540] Call Trace: [ 138.762079][ T4540] [ 138.765007][ T4540] dump_stack_lvl+0xd6/0x122 [ 138.769679][ T4540] dump_stack+0x11/0x1b [ 138.773828][ T4540] should_fail+0x23c/0x250 [ 138.778258][ T4540] ? kzalloc+0x1d/0x30 [ 138.782413][ T4540] __should_failslab+0x81/0x90 [ 138.787199][ T4540] should_failslab+0x5/0x20 [ 138.791765][ T4540] __kmalloc+0x6f/0x370 [ 138.795968][ T4540] kzalloc+0x1d/0x30 [ 138.799919][ T4540] kobject_get_path+0x7c/0x110 [ 138.804717][ T4540] kobject_uevent_env+0x1be/0xc40 [ 138.809743][ T4540] ? preempt_count_add+0x4e/0x90 [ 138.814792][ T4540] ? _raw_spin_unlock+0x2e/0x50 [ 138.819635][ T4540] ? bd_prepare_to_claim+0x1ac/0x200 [ 138.825573][ T4540] disk_force_media_change+0xe3/0x170 [ 138.830929][ T4540] loop_configure+0x74d/0xf30 [ 138.835627][ T4540] lo_ioctl+0x583/0x1270 [ 138.839869][ T4540] ? folio_mark_dirty+0x84/0xe0 [ 138.844784][ T4540] ? unlock_page+0x37/0x50 [ 138.849213][ T4540] ? __rcu_read_unlock+0x5c/0x290 [ 138.854242][ T4540] ? blkdev_common_ioctl+0x438/0x1180 [ 138.859765][ T4540] ? selinux_file_ioctl+0x522/0x590 [ 138.865013][ T4540] ? do_vfs_ioctl+0x819/0x14a0 [ 138.869836][ T4540] ? lo_release+0x120/0x120 [ 138.874320][ T4540] blkdev_ioctl+0x20e/0x440 [ 138.878824][ T4540] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 138.884264][ T4540] __se_sys_ioctl+0xcb/0x140 [ 138.888878][ T4540] __x64_sys_ioctl+0x3f/0x50 [ 138.893479][ T4540] do_syscall_64+0x44/0xd0 [ 138.897971][ T4540] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.903949][ T4540] RIP: 0033:0x7fd726699c57 [ 138.908442][ T4540] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.928026][ T4540] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.936434][ T4540] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 138.944399][ T4540] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:58:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x204000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x604, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 138.952410][ T4540] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 138.960373][ T4540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 138.968343][ T4540] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 138.976318][ T4540] [ 138.980678][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 138.986813][ T4540] loop0: detected capacity change from 0 to 4 14:58:26 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000e, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:26 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x700, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, 0x0) 14:58:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 139.020305][ T4540] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 139.037185][ T4542] loop3: detected capacity change from 0 to 3 [ 139.041001][ T4546] loop5: detected capacity change from 0 to 4 [ 139.044996][ T4547] loop2: detected capacity change from 0 to 264192 14:58:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 22) 14:58:26 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x400000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 139.087829][ T4552] loop1: detected capacity change from 0 to 1024 [ 139.103615][ T4552] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 139.110744][ T4554] loop3: detected capacity change from 0 to 3 [ 139.138185][ T4558] FAULT_INJECTION: forcing a failure. [ 139.138185][ T4558] name failslab, interval 1, probability 0, space 0, times 0 [ 139.150957][ T4558] CPU: 0 PID: 4558 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 139.159632][ T4558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.169671][ T4558] Call Trace: [ 139.172938][ T4558] [ 139.175852][ T4558] dump_stack_lvl+0xd6/0x122 [ 139.180425][ T4558] dump_stack+0x11/0x1b [ 139.184600][ T4558] should_fail+0x23c/0x250 [ 139.189115][ T4558] __should_failslab+0x81/0x90 [ 139.193860][ T4558] should_failslab+0x5/0x20 [ 139.198379][ T4558] kmem_cache_alloc_node+0x61/0x2d0 [ 139.203635][ T4558] ? __alloc_skb+0xf0/0x450 [ 139.208270][ T4558] __alloc_skb+0xf0/0x450 [ 139.212602][ T4558] alloc_uevent_skb+0x5b/0x120 [ 139.217465][ T4558] kobject_uevent_env+0x863/0xc40 [ 139.222474][ T4558] ? preempt_count_add+0x4e/0x90 [ 139.227452][ T4558] ? _raw_spin_unlock+0x2e/0x50 [ 139.232284][ T4558] ? bd_prepare_to_claim+0x1ac/0x200 [ 139.237564][ T4558] disk_force_media_change+0xe3/0x170 [ 139.242917][ T4558] loop_configure+0x74d/0xf30 [ 139.247667][ T4558] lo_ioctl+0x583/0x1270 [ 139.251927][ T4558] ? folio_mark_dirty+0x84/0xe0 [ 139.256771][ T4558] ? unlock_page+0x37/0x50 [ 139.261205][ T4558] ? __rcu_read_unlock+0x5c/0x290 [ 139.266372][ T4558] ? blkdev_common_ioctl+0x438/0x1180 [ 139.271826][ T4558] ? selinux_file_ioctl+0x522/0x590 [ 139.277054][ T4558] ? do_vfs_ioctl+0x819/0x14a0 [ 139.281804][ T4558] ? lo_release+0x120/0x120 [ 139.286390][ T4558] blkdev_ioctl+0x20e/0x440 [ 139.290886][ T4558] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 139.297674][ T4558] __se_sys_ioctl+0xcb/0x140 [ 139.302287][ T4558] __x64_sys_ioctl+0x3f/0x50 [ 139.306951][ T4558] do_syscall_64+0x44/0xd0 [ 139.311352][ T4558] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.317339][ T4558] RIP: 0033:0x7fd726699c57 [ 139.321732][ T4558] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.341321][ T4558] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.349802][ T4558] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 139.357802][ T4558] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 139.365808][ T4558] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 139.373832][ T4558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:26 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8000f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:26 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x900, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 139.381888][ T4558] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 139.389876][ T4558] [ 139.393600][ T4560] loop2: detected capacity change from 0 to 264192 [ 139.395942][ T4558] loop0: detected capacity change from 0 to 4 [ 139.411050][ T4562] loop5: detected capacity change from 0 to 4 [ 139.419511][ T4558] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) 14:58:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x500000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 23) [ 139.444209][ T4564] loop3: detected capacity change from 0 to 4 [ 139.451912][ T4567] loop1: detected capacity change from 0 to 1024 [ 139.459321][ T4567] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 139.476635][ T4570] loop2: detected capacity change from 0 to 264192 14:58:26 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x10, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x600000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:26 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80010, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 139.496822][ T4572] loop5: detected capacity change from 0 to 264192 [ 139.530642][ T4576] FAULT_INJECTION: forcing a failure. [ 139.530642][ T4576] name failslab, interval 1, probability 0, space 0, times 0 [ 139.543372][ T4576] CPU: 1 PID: 4576 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 139.552060][ T4576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.562147][ T4576] Call Trace: [ 139.565489][ T4576] [ 139.568407][ T4576] dump_stack_lvl+0xd6/0x122 [ 139.573033][ T4576] dump_stack+0x11/0x1b [ 139.577222][ T4576] should_fail+0x23c/0x250 [ 139.581629][ T4576] __should_failslab+0x81/0x90 [ 139.586443][ T4576] should_failslab+0x5/0x20 [ 139.590999][ T4576] kmem_cache_alloc_node_trace+0x61/0x310 [ 139.596744][ T4576] ? __kmalloc_node_track_caller+0x30/0x40 [ 139.602541][ T4576] __kmalloc_node_track_caller+0x30/0x40 [ 139.608161][ T4576] ? alloc_uevent_skb+0x5b/0x120 [ 139.613159][ T4576] __alloc_skb+0x19d/0x450 [ 139.617680][ T4576] alloc_uevent_skb+0x5b/0x120 [ 139.622450][ T4576] kobject_uevent_env+0x863/0xc40 [ 139.627540][ T4576] ? preempt_count_add+0x4e/0x90 [ 139.632624][ T4576] ? _raw_spin_unlock+0x2e/0x50 [ 139.637504][ T4576] ? bd_prepare_to_claim+0x1ac/0x200 [ 139.642830][ T4576] disk_force_media_change+0xe3/0x170 [ 139.648217][ T4576] loop_configure+0x74d/0xf30 [ 139.653010][ T4576] lo_ioctl+0x583/0x1270 [ 139.657241][ T4576] ? folio_mark_dirty+0x84/0xe0 [ 139.662081][ T4576] ? unlock_page+0x37/0x50 [ 139.666485][ T4576] ? __rcu_read_unlock+0x5c/0x290 [ 139.671531][ T4576] ? blkdev_common_ioctl+0x438/0x1180 [ 139.676941][ T4576] ? selinux_file_ioctl+0x522/0x590 [ 139.682130][ T4576] ? do_vfs_ioctl+0x819/0x14a0 [ 139.686984][ T4576] ? lo_release+0x120/0x120 [ 139.691559][ T4576] blkdev_ioctl+0x20e/0x440 [ 139.696060][ T4576] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 139.701589][ T4576] __se_sys_ioctl+0xcb/0x140 [ 139.706170][ T4576] __x64_sys_ioctl+0x3f/0x50 [ 139.710751][ T4576] do_syscall_64+0x44/0xd0 [ 139.715235][ T4576] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.721194][ T4576] RIP: 0033:0x7fd726699c57 [ 139.725604][ T4576] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:58:27 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x402, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 139.745199][ T4576] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.753597][ T4576] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 139.761587][ T4576] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 139.769565][ T4576] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 139.777522][ T4576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 139.785477][ T4576] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 139.793487][ T4576] [ 139.809351][ T4581] loop3: detected capacity change from 0 to 5 [ 139.811983][ T4576] loop0: detected capacity change from 0 to 4 [ 139.815780][ T4582] loop1: detected capacity change from 0 to 1024 [ 139.824649][ T4576] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 139.829654][ T4580] loop2: detected capacity change from 0 to 264192 [ 139.840627][ T4582] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock 14:58:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x11, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 24) 14:58:27 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:27 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x604000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 139.866802][ T4584] loop5: detected capacity change from 0 to 2 [ 139.887110][ T4588] FAULT_INJECTION: forcing a failure. [ 139.887110][ T4588] name failslab, interval 1, probability 0, space 0, times 0 [ 139.899740][ T4588] CPU: 1 PID: 4588 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 139.908453][ T4588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.918558][ T4588] Call Trace: [ 139.921883][ T4588] [ 139.924799][ T4588] dump_stack_lvl+0xd6/0x122 [ 139.929388][ T4588] dump_stack+0x11/0x1b [ 139.933551][ T4588] should_fail+0x23c/0x250 [ 139.937955][ T4588] ? skb_clone+0x12c/0x1f0 [ 139.942364][ T4588] __should_failslab+0x81/0x90 [ 139.947115][ T4588] should_failslab+0x5/0x20 [ 139.951668][ T4588] kmem_cache_alloc+0x4f/0x320 [ 139.956423][ T4588] skb_clone+0x12c/0x1f0 [ 139.960694][ T4588] netlink_broadcast+0x4e9/0xad0 [ 139.965682][ T4588] kobject_uevent_env+0x8c9/0xc40 [ 139.970729][ T4588] ? preempt_count_add+0x4e/0x90 [ 139.975657][ T4588] ? _raw_spin_unlock+0x2e/0x50 [ 139.980504][ T4588] ? bd_prepare_to_claim+0x1ac/0x200 [ 139.985777][ T4588] disk_force_media_change+0xe3/0x170 [ 139.991227][ T4588] loop_configure+0x74d/0xf30 [ 139.995892][ T4588] lo_ioctl+0x583/0x1270 [ 140.000200][ T4588] ? folio_mark_dirty+0x84/0xe0 [ 140.005038][ T4588] ? unlock_page+0x37/0x50 [ 140.009484][ T4588] ? __rcu_read_unlock+0x5c/0x290 [ 140.014512][ T4588] ? blkdev_common_ioctl+0x438/0x1180 [ 140.019872][ T4588] ? selinux_file_ioctl+0x522/0x590 [ 140.025060][ T4588] ? do_vfs_ioctl+0x819/0x14a0 [ 140.029836][ T4588] ? lo_release+0x120/0x120 [ 140.034324][ T4588] blkdev_ioctl+0x20e/0x440 [ 140.038886][ T4588] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 140.044332][ T4588] __se_sys_ioctl+0xcb/0x140 [ 140.048976][ T4588] __x64_sys_ioctl+0x3f/0x50 [ 140.053597][ T4588] do_syscall_64+0x44/0xd0 [ 140.058003][ T4588] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.063931][ T4588] RIP: 0033:0x7fd726699c57 [ 140.068333][ T4588] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.087935][ T4588] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.096334][ T4588] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 140.104381][ T4588] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 140.112337][ T4588] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 140.120292][ T4588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 140.128250][ T4588] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 140.136261][ T4588] [ 140.140736][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.147629][ T4591] loop2: detected capacity change from 0 to 264192 [ 140.151331][ T4588] loop0: detected capacity change from 0 to 4 [ 140.156781][ T4592] loop3: detected capacity change from 0 to 5 14:58:27 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80011, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x12, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 25) 14:58:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80006, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:27 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x22, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 140.170010][ T4588] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 140.190499][ T4596] loop1: detected capacity change from 0 to 1024 [ 140.197737][ T4596] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 140.239917][ T4599] FAULT_INJECTION: forcing a failure. [ 140.239917][ T4599] name failslab, interval 1, probability 0, space 0, times 0 [ 140.240768][ T4600] loop5: detected capacity change from 0 to 1024 [ 140.252696][ T4599] CPU: 0 PID: 4599 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 140.267685][ T4599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.277728][ T4599] Call Trace: [ 140.281008][ T4599] [ 140.283926][ T4599] dump_stack_lvl+0xd6/0x122 [ 140.288507][ T4599] dump_stack+0x11/0x1b [ 140.292650][ T4599] should_fail+0x23c/0x250 [ 140.297082][ T4599] ? __kernfs_new_node+0x6a/0x340 [ 140.302098][ T4599] __should_failslab+0x81/0x90 [ 140.306861][ T4599] should_failslab+0x5/0x20 [ 140.311407][ T4599] kmem_cache_alloc+0x4f/0x320 [ 140.316170][ T4599] __kernfs_new_node+0x6a/0x340 [ 140.321010][ T4599] ? ___cache_free+0x46/0x300 [ 140.325673][ T4599] ? kmem_cache_free+0x65/0x110 [ 140.330588][ T4599] ? kfree+0xf8/0x1f0 [ 140.334552][ T4599] kernfs_create_dir_ns+0x5e/0x140 [ 140.339696][ T4599] internal_create_group+0x13e/0x840 [ 140.345016][ T4599] sysfs_create_group+0x1b/0x20 [ 140.349851][ T4599] loop_configure+0xc58/0xf30 [ 140.354517][ T4599] lo_ioctl+0x583/0x1270 [ 140.358907][ T4599] ? folio_mark_dirty+0x84/0xe0 [ 140.363745][ T4599] ? unlock_page+0x37/0x50 [ 140.368179][ T4599] ? __rcu_read_unlock+0x5c/0x290 [ 140.373196][ T4599] ? blkdev_common_ioctl+0x438/0x1180 [ 140.378557][ T4599] ? selinux_file_ioctl+0x522/0x590 [ 140.383749][ T4599] ? do_vfs_ioctl+0x819/0x14a0 [ 140.388565][ T4599] ? lo_release+0x120/0x120 [ 140.393052][ T4599] blkdev_ioctl+0x20e/0x440 [ 140.397541][ T4599] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 140.402987][ T4599] __se_sys_ioctl+0xcb/0x140 [ 140.407567][ T4599] __x64_sys_ioctl+0x3f/0x50 [ 140.412207][ T4599] do_syscall_64+0x44/0xd0 [ 140.416621][ T4599] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.422506][ T4599] RIP: 0033:0x7fd726699c57 [ 140.426915][ T4599] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.446561][ T4599] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.454970][ T4599] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 140.463008][ T4599] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 140.471075][ T4599] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 140.479098][ T4599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:27 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x700000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 140.487142][ T4599] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 140.495182][ T4599] [ 140.498230][ T4599] loop0: detected capacity change from 0 to 4 [ 140.510345][ T4602] loop3: detected capacity change from 0 to 6 [ 140.518324][ T4599] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) 14:58:27 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80012, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x48, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:27 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 26) 14:58:27 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 140.533766][ T4600] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 140.533873][ T4606] loop2: detected capacity change from 0 to 264192 [ 140.559389][ T4608] loop1: detected capacity change from 0 to 1024 [ 140.593306][ T4614] loop3: detected capacity change from 0 to 6 [ 140.593511][ T4613] FAULT_INJECTION: forcing a failure. [ 140.593511][ T4613] name failslab, interval 1, probability 0, space 0, times 0 [ 140.612081][ T4613] CPU: 1 PID: 4613 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 140.614644][ T4608] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 140.620759][ T4613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:58:27 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x800000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:27 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 140.620774][ T4613] Call Trace: [ 140.620781][ T4613] [ 140.620801][ T4613] dump_stack_lvl+0xd6/0x122 [ 140.649338][ T4616] loop2: detected capacity change from 0 to 264192 [ 140.652120][ T4613] dump_stack+0x11/0x1b [ 140.652146][ T4613] should_fail+0x23c/0x250 [ 140.652164][ T4613] ? __kernfs_new_node+0x6a/0x340 [ 140.672286][ T4613] __should_failslab+0x81/0x90 [ 140.677105][ T4613] should_failslab+0x5/0x20 [ 140.681689][ T4613] kmem_cache_alloc+0x4f/0x320 [ 140.686444][ T4613] __kernfs_new_node+0x6a/0x340 [ 140.691283][ T4613] ? __down_write_common+0x42/0x7b0 [ 140.696463][ T4613] ? __down_write_common+0x42/0x7b0 [ 140.701716][ T4613] ? rb_insert_color+0x7e/0x310 [ 140.706689][ T4613] kernfs_new_node+0x5b/0xd0 [ 140.711299][ T4613] __kernfs_create_file+0x45/0x1a0 [ 140.716401][ T4613] ? dev_attr_show+0x90/0x90 [ 140.720982][ T4613] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 140.726365][ T4613] internal_create_group+0x2dd/0x840 [ 140.731696][ T4613] sysfs_create_group+0x1b/0x20 [ 140.736543][ T4613] loop_configure+0xc58/0xf30 [ 140.741250][ T4613] lo_ioctl+0x583/0x1270 [ 140.745478][ T4613] ? folio_mark_dirty+0x84/0xe0 [ 140.750409][ T4613] ? unlock_page+0x37/0x50 [ 140.754834][ T4613] ? __rcu_read_unlock+0x5c/0x290 [ 140.759910][ T4613] ? blkdev_common_ioctl+0x438/0x1180 [ 140.765272][ T4613] ? selinux_file_ioctl+0x522/0x590 [ 140.770538][ T4613] ? do_vfs_ioctl+0x819/0x14a0 [ 140.775319][ T4613] ? lo_release+0x120/0x120 [ 140.779831][ T4613] blkdev_ioctl+0x20e/0x440 [ 140.784353][ T4613] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 140.789814][ T4613] __se_sys_ioctl+0xcb/0x140 [ 140.794397][ T4613] __x64_sys_ioctl+0x3f/0x50 [ 140.799072][ T4613] do_syscall_64+0x44/0xd0 [ 140.803469][ T4613] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.809475][ T4613] RIP: 0033:0x7fd726699c57 [ 140.813879][ T4613] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.833577][ T4613] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.842058][ T4613] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 140.850013][ T4613] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 140.857969][ T4613] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 140.865926][ T4613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 140.873901][ T4613] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 140.881856][ T4613] [ 140.886381][ T4613] loop0: detected capacity change from 0 to 4 14:58:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 1) 14:58:28 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 140.898835][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.900137][ T4613] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 140.939692][ T4620] FAULT_INJECTION: forcing a failure. [ 140.939692][ T4620] name failslab, interval 1, probability 0, space 0, times 0 [ 140.952474][ T4620] CPU: 0 PID: 4620 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 140.961252][ T4620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.971352][ T4620] Call Trace: [ 140.974695][ T4620] [ 140.977635][ T4620] dump_stack_lvl+0xd6/0x122 [ 140.982314][ T4620] dump_stack+0x11/0x1b [ 140.982506][ T4626] loop1: detected capacity change from 0 to 1024 [ 140.986479][ T4620] should_fail+0x23c/0x250 [ 140.986501][ T4620] ? __se_sys_memfd_create+0xe9/0x350 [ 141.002568][ T4620] __should_failslab+0x81/0x90 [ 141.007404][ T4620] should_failslab+0x5/0x20 [ 141.011976][ T4620] __kmalloc+0x6f/0x370 [ 141.016140][ T4620] ? strnlen_user+0x137/0x1c0 [ 141.020860][ T4620] __se_sys_memfd_create+0xe9/0x350 [ 141.026057][ T4620] __x64_sys_memfd_create+0x2d/0x40 [ 141.031249][ T4620] do_syscall_64+0x44/0xd0 [ 141.035653][ T4620] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.041615][ T4620] RIP: 0033:0x7f4b42e02e99 [ 141.046136][ T4620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.066002][ T4620] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 141.074399][ T4620] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 [ 141.082454][ T4620] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 14:58:28 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x68, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:28 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x900000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:28 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80022, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 141.090427][ T4620] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 [ 141.098645][ T4620] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 141.106620][ T4620] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 141.114664][ T4620] [ 141.118234][ T4622] loop3: detected capacity change from 0 to 7 [ 141.130851][ T4628] loop2: detected capacity change from 0 to 264192 14:58:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 27) 14:58:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 2) [ 141.139570][ T4626] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 141.165718][ T4630] FAULT_INJECTION: forcing a failure. [ 141.165718][ T4630] name failslab, interval 1, probability 0, space 0, times 0 [ 141.177008][ T4632] FAULT_INJECTION: forcing a failure. [ 141.177008][ T4632] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.178413][ T4630] CPU: 1 PID: 4630 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 141.200060][ T4630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.210107][ T4630] Call Trace: [ 141.213371][ T4630] [ 141.216290][ T4630] dump_stack_lvl+0xd6/0x122 [ 141.220963][ T4630] dump_stack+0x11/0x1b [ 141.225175][ T4630] should_fail+0x23c/0x250 [ 141.229663][ T4630] ? __kernfs_new_node+0x6a/0x340 [ 141.234677][ T4630] __should_failslab+0x81/0x90 [ 141.239498][ T4630] should_failslab+0x5/0x20 [ 141.244033][ T4630] kmem_cache_alloc+0x4f/0x320 [ 141.248807][ T4630] ? __down_write_common+0x42/0x7b0 [ 141.253987][ T4630] __kernfs_new_node+0x6a/0x340 [ 141.258873][ T4630] ? up_write+0x25/0xc0 [ 141.263042][ T4630] kernfs_new_node+0x5b/0xd0 [ 141.267808][ T4630] __kernfs_create_file+0x45/0x1a0 [ 141.272923][ T4630] ? dev_attr_show+0x90/0x90 [ 141.277558][ T4630] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 141.282978][ T4630] internal_create_group+0x2dd/0x840 [ 141.288268][ T4630] sysfs_create_group+0x1b/0x20 [ 141.293122][ T4630] loop_configure+0xc58/0xf30 [ 141.297870][ T4630] lo_ioctl+0x583/0x1270 [ 141.302093][ T4630] ? folio_mark_dirty+0x84/0xe0 [ 141.306963][ T4630] ? unlock_page+0x37/0x50 [ 141.311392][ T4630] ? __rcu_read_unlock+0x5c/0x290 [ 141.316406][ T4630] ? blkdev_common_ioctl+0x438/0x1180 [ 141.321796][ T4630] ? selinux_file_ioctl+0x522/0x590 [ 141.326978][ T4630] ? do_vfs_ioctl+0x819/0x14a0 [ 141.331800][ T4630] ? lo_release+0x120/0x120 [ 141.336317][ T4630] blkdev_ioctl+0x20e/0x440 [ 141.340805][ T4630] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 141.346318][ T4630] __se_sys_ioctl+0xcb/0x140 [ 141.350914][ T4630] __x64_sys_ioctl+0x3f/0x50 [ 141.355489][ T4630] do_syscall_64+0x44/0xd0 [ 141.359932][ T4630] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.365817][ T4630] RIP: 0033:0x7fd726699c57 [ 141.370216][ T4630] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.389833][ T4630] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.398230][ T4630] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 141.406181][ T4630] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 141.414188][ T4630] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 141.422140][ T4630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 141.430093][ T4630] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 141.438055][ T4630] 14:58:28 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 141.441068][ T4632] CPU: 0 PID: 4632 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 141.449742][ T4632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.449996][ T4630] loop0: detected capacity change from 0 to 4 [ 141.459786][ T4632] Call Trace: [ 141.459793][ T4632] [ 141.459800][ T4632] dump_stack_lvl+0xd6/0x122 [ 141.459824][ T4632] dump_stack+0x11/0x1b [ 141.480883][ T4632] should_fail+0x23c/0x250 [ 141.485302][ T4632] should_fail_usercopy+0x16/0x20 [ 141.490322][ T4632] _copy_from_user+0x1c/0xd0 [ 141.495139][ T4632] __se_sys_memfd_create+0x125/0x350 [ 141.500411][ T4632] __x64_sys_memfd_create+0x2d/0x40 [ 141.505676][ T4632] do_syscall_64+0x44/0xd0 [ 141.510079][ T4632] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.516333][ T4632] RIP: 0033:0x7f4b42e02e99 [ 141.520731][ T4632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.540521][ T4632] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 141.548915][ T4632] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 [ 141.556871][ T4632] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 [ 141.564824][ T4632] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 [ 141.572776][ T4632] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 141.580728][ T4632] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 141.588694][ T4632] 14:58:28 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1020, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:28 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa00000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 141.593058][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 141.599021][ T4630] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 141.601573][ T1911] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:28 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x74, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 3) 14:58:28 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xb00000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:28 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80025, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 141.655307][ T4636] loop3: detected capacity change from 0 to 8 [ 141.673641][ T4638] loop2: detected capacity change from 0 to 264192 14:58:28 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 28) 14:58:28 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x7a, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 141.726812][ T4644] FAULT_INJECTION: forcing a failure. [ 141.726812][ T4644] name failslab, interval 1, probability 0, space 0, times 0 [ 141.739605][ T4644] CPU: 1 PID: 4644 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 141.742479][ T4646] FAULT_INJECTION: forcing a failure. [ 141.742479][ T4646] name failslab, interval 1, probability 0, space 0, times 0 [ 141.748325][ T4644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.771184][ T4644] Call Trace: [ 141.774452][ T4644] [ 141.777427][ T4644] dump_stack_lvl+0xd6/0x122 [ 141.782035][ T4644] dump_stack+0x11/0x1b [ 141.786210][ T4644] should_fail+0x23c/0x250 [ 141.790700][ T4644] ? shmem_alloc_inode+0x22/0x30 [ 141.795654][ T4644] __should_failslab+0x81/0x90 [ 141.800497][ T4644] ? shmem_match+0xa0/0xa0 [ 141.804905][ T4644] should_failslab+0x5/0x20 [ 141.809457][ T4644] kmem_cache_alloc+0x4f/0x320 [ 141.814208][ T4644] ? shmem_match+0xa0/0xa0 [ 141.818684][ T4644] shmem_alloc_inode+0x22/0x30 [ 141.823478][ T4644] new_inode_pseudo+0x38/0x190 [ 141.828230][ T4644] new_inode+0x21/0x100 [ 141.832431][ T4644] shmem_get_inode+0xb7/0x490 [ 141.837188][ T4644] __shmem_file_setup+0xf1/0x1d0 [ 141.842132][ T4644] shmem_file_setup+0x37/0x40 [ 141.846807][ T4644] __se_sys_memfd_create+0x1c1/0x350 [ 141.852112][ T4644] __x64_sys_memfd_create+0x2d/0x40 [ 141.857296][ T4644] do_syscall_64+0x44/0xd0 [ 141.861739][ T4644] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.867710][ T4644] RIP: 0033:0x7f4b42e02e99 [ 141.872108][ T4644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.891748][ T4644] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 141.900152][ T4644] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 [ 141.908106][ T4644] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 [ 141.916059][ T4644] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 14:58:29 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1100, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 4) [ 141.924031][ T4644] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 141.931987][ T4644] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 141.939983][ T4644] [ 141.942985][ T4646] CPU: 0 PID: 4646 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 141.951660][ T4646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.961822][ T4646] Call Trace: [ 141.965090][ T4646] [ 141.968015][ T4646] dump_stack_lvl+0xd6/0x122 [ 141.972623][ T4646] dump_stack+0x11/0x1b [ 141.973286][ T4652] FAULT_INJECTION: forcing a failure. [ 141.973286][ T4652] name failslab, interval 1, probability 0, space 0, times 0 [ 141.976848][ T4646] should_fail+0x23c/0x250 [ 141.976870][ T4646] ? __kernfs_new_node+0x6a/0x340 [ 141.976894][ T4646] __should_failslab+0x81/0x90 [ 142.003587][ T4646] should_failslab+0x5/0x20 [ 142.008150][ T4646] kmem_cache_alloc+0x4f/0x320 [ 142.012948][ T4646] ? __down_write_common+0x42/0x7b0 [ 142.018193][ T4646] __kernfs_new_node+0x6a/0x340 [ 142.023059][ T4646] ? up_write+0x25/0xc0 [ 142.027223][ T4646] kernfs_new_node+0x5b/0xd0 [ 142.031807][ T4646] __kernfs_create_file+0x45/0x1a0 [ 142.036942][ T4646] ? dev_attr_show+0x90/0x90 [ 142.041543][ T4646] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 142.047070][ T4646] internal_create_group+0x2dd/0x840 [ 142.052361][ T4646] sysfs_create_group+0x1b/0x20 [ 142.057196][ T4646] loop_configure+0xc58/0xf30 [ 142.061858][ T4646] lo_ioctl+0x583/0x1270 [ 142.066081][ T4646] ? folio_mark_dirty+0x84/0xe0 [ 142.070917][ T4646] ? unlock_page+0x37/0x50 [ 142.075371][ T4646] ? __rcu_read_unlock+0x5c/0x290 [ 142.080477][ T4646] ? blkdev_common_ioctl+0x438/0x1180 [ 142.085960][ T4646] ? selinux_file_ioctl+0x522/0x590 [ 142.091251][ T4646] ? do_vfs_ioctl+0x819/0x14a0 [ 142.096056][ T4646] ? lo_release+0x120/0x120 [ 142.100540][ T4646] blkdev_ioctl+0x20e/0x440 [ 142.105072][ T4646] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 142.110547][ T4646] __se_sys_ioctl+0xcb/0x140 [ 142.115193][ T4646] __x64_sys_ioctl+0x3f/0x50 [ 142.119768][ T4646] do_syscall_64+0x44/0xd0 [ 142.124169][ T4646] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.130087][ T4646] RIP: 0033:0x7fd726699c57 [ 142.134552][ T4646] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.154142][ T4646] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.162534][ T4646] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 142.170513][ T4646] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 142.178468][ T4646] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 142.186421][ T4646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 142.194415][ T4646] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 142.202416][ T4646] [ 142.205419][ T4652] CPU: 1 PID: 4652 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 142.207707][ T4647] loop1: detected capacity change from 0 to 1024 [ 142.214121][ T4652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.214134][ T4652] Call Trace: [ 142.214140][ T4652] [ 142.214146][ T4652] dump_stack_lvl+0xd6/0x122 [ 142.232400][ T4654] loop3: detected capacity change from 0 to 8 [ 142.233813][ T4652] dump_stack+0x11/0x1b [ 142.238724][ T4647] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 142.241299][ T4652] should_fail+0x23c/0x250 [ 142.247536][ T4646] loop0: detected capacity change from 0 to 4 [ 142.251537][ T4652] ? security_inode_alloc+0x30/0x180 [ 142.251561][ T4652] __should_failslab+0x81/0x90 [ 142.262759][ T4646] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 142.266339][ T4652] should_failslab+0x5/0x20 [ 142.283192][ T4650] loop2: detected capacity change from 0 to 264192 [ 142.290895][ T4652] kmem_cache_alloc+0x4f/0x320 [ 142.306600][ T4652] security_inode_alloc+0x30/0x180 [ 142.311795][ T4652] inode_init_always+0x214/0x3e0 [ 142.316769][ T4652] ? shmem_match+0xa0/0xa0 [ 142.321166][ T4652] new_inode_pseudo+0x6f/0x190 [ 142.325987][ T4652] new_inode+0x21/0x100 [ 142.330124][ T4652] shmem_get_inode+0xb7/0x490 [ 142.334820][ T4652] __shmem_file_setup+0xf1/0x1d0 [ 142.339737][ T4652] shmem_file_setup+0x37/0x40 [ 142.344394][ T4652] __se_sys_memfd_create+0x1c1/0x350 [ 142.349675][ T4652] __x64_sys_memfd_create+0x2d/0x40 [ 142.354851][ T4652] do_syscall_64+0x44/0xd0 [ 142.359348][ T4652] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.365227][ T4652] RIP: 0033:0x7f4b42e02e99 [ 142.369731][ T4652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.389322][ T4652] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 142.397722][ T4652] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 [ 142.405715][ T4652] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 [ 142.413677][ T4652] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 [ 142.421628][ T4652] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 14:58:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 5) 14:58:29 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1200, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:29 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 29) 14:58:29 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8002e, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:29 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xfe, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 142.429580][ T4652] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 142.437544][ T4652] [ 142.480962][ T4656] FAULT_INJECTION: forcing a failure. [ 142.480962][ T4656] name failslab, interval 1, probability 0, space 0, times 0 [ 142.487394][ T4658] loop1: detected capacity change from 0 to 1024 [ 142.493777][ T4656] CPU: 1 PID: 4656 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 142.508737][ T4656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.515510][ T4658] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 142.518787][ T4656] Call Trace: [ 142.518795][ T4656] [ 142.518802][ T4656] dump_stack_lvl+0xd6/0x122 [ 142.539947][ T4656] dump_stack+0x11/0x1b [ 142.544103][ T4656] should_fail+0x23c/0x250 [ 142.548591][ T4656] ? __d_alloc+0x36/0x370 [ 142.553384][ T4656] __should_failslab+0x81/0x90 [ 142.558185][ T4656] should_failslab+0x5/0x20 [ 142.562704][ T4656] kmem_cache_alloc+0x4f/0x320 [ 142.567472][ T4656] ? security_inode_alloc+0x138/0x180 [ 142.572843][ T4656] ? __init_rwsem+0x59/0x70 [ 142.577366][ T4656] __d_alloc+0x36/0x370 [ 142.581529][ T4656] ? debug_smp_processor_id+0x18/0x20 [ 142.586995][ T4656] d_alloc_pseudo+0x1a/0x50 [ 142.591499][ T4656] alloc_file_pseudo+0x77/0x150 [ 142.596392][ T4656] __shmem_file_setup+0x14c/0x1d0 [ 142.601472][ T4656] shmem_file_setup+0x37/0x40 [ 142.606150][ T4656] __se_sys_memfd_create+0x1c1/0x350 [ 142.611455][ T4656] __x64_sys_memfd_create+0x2d/0x40 [ 142.616661][ T4656] do_syscall_64+0x44/0xd0 [ 142.621084][ T4656] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.626990][ T4656] RIP: 0033:0x7f4b42e02e99 [ 142.631462][ T4656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.651069][ T4656] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 142.659486][ T4656] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 [ 142.667463][ T4656] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 [ 142.675487][ T4656] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 [ 142.683461][ T4656] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 142.691437][ T4656] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 142.699407][ T4656] [ 142.703883][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.714435][ T4661] FAULT_INJECTION: forcing a failure. [ 142.714435][ T4661] name failslab, interval 1, probability 0, space 0, times 0 [ 142.727134][ T4661] CPU: 1 PID: 4661 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 142.735852][ T4661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.745939][ T4661] Call Trace: [ 142.749215][ T4661] [ 142.752236][ T4661] dump_stack_lvl+0xd6/0x122 [ 142.756880][ T4661] dump_stack+0x11/0x1b [ 142.761053][ T4661] should_fail+0x23c/0x250 [ 142.765476][ T4661] ? __kernfs_new_node+0x6a/0x340 [ 142.770530][ T4661] __should_failslab+0x81/0x90 [ 142.775301][ T4661] should_failslab+0x5/0x20 [ 142.779816][ T4661] kmem_cache_alloc+0x4f/0x320 [ 142.784653][ T4661] ? __down_write_common+0x42/0x7b0 [ 142.789859][ T4661] __kernfs_new_node+0x6a/0x340 [ 142.794793][ T4661] ? up_write+0x25/0xc0 [ 142.799090][ T4661] kernfs_new_node+0x5b/0xd0 [ 142.803693][ T4661] __kernfs_create_file+0x45/0x1a0 [ 142.808814][ T4661] ? dev_attr_show+0x90/0x90 [ 142.813564][ T4661] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 142.818972][ T4661] internal_create_group+0x2dd/0x840 [ 142.824263][ T4661] sysfs_create_group+0x1b/0x20 [ 142.829118][ T4661] loop_configure+0xc58/0xf30 [ 142.833873][ T4661] lo_ioctl+0x583/0x1270 [ 142.838217][ T4661] ? debug_smp_processor_id+0x18/0x20 [ 142.843594][ T4661] ? delay_tsc+0x96/0xe0 [ 142.847860][ T4661] ? __rcu_read_unlock+0x5c/0x290 [ 142.852901][ T4661] ? blkdev_common_ioctl+0x438/0x1180 [ 142.858292][ T4661] ? selinux_file_ioctl+0x522/0x590 [ 142.863525][ T4661] ? do_vfs_ioctl+0x819/0x14a0 [ 142.868292][ T4661] ? lo_release+0x120/0x120 [ 142.872834][ T4661] blkdev_ioctl+0x20e/0x440 [ 142.877346][ T4661] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 142.882821][ T4661] __se_sys_ioctl+0xcb/0x140 [ 142.887523][ T4661] __x64_sys_ioctl+0x3f/0x50 [ 142.892153][ T4661] do_syscall_64+0x44/0xd0 [ 142.896574][ T4661] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.902481][ T4661] RIP: 0033:0x7fd726699c57 [ 142.906929][ T4661] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.926532][ T4661] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.934967][ T4661] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 142.943019][ T4661] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 142.950988][ T4661] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 142.958963][ T4661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 142.966964][ T4661] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 142.974966][ T4661] 14:58:30 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xc00000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 6) [ 142.978388][ T4662] loop3: detected capacity change from 0 to 9 [ 142.983506][ T4661] loop0: detected capacity change from 0 to 4 [ 142.998967][ T4668] FAULT_INJECTION: forcing a failure. [ 142.998967][ T4668] name failslab, interval 1, probability 0, space 0, times 0 [ 143.011622][ T4668] CPU: 1 PID: 4668 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 143.013238][ T4666] loop2: detected capacity change from 0 to 264192 [ 143.020327][ T4668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.020341][ T4668] Call Trace: [ 143.020347][ T4668] [ 143.020355][ T4668] dump_stack_lvl+0xd6/0x122 [ 143.045995][ T4661] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 143.047697][ T4668] dump_stack+0x11/0x1b [ 143.059979][ T4668] should_fail+0x23c/0x250 [ 143.064463][ T4668] ? __alloc_file+0x2e/0x1a0 [ 143.069060][ T4668] __should_failslab+0x81/0x90 [ 143.073920][ T4668] should_failslab+0x5/0x20 [ 143.078428][ T4668] kmem_cache_alloc+0x4f/0x320 14:58:30 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x204, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:30 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xd00000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 143.083241][ T4668] __alloc_file+0x2e/0x1a0 [ 143.087658][ T4668] alloc_empty_file+0xcd/0x1c0 [ 143.092426][ T4668] alloc_file+0x3a/0x280 [ 143.096670][ T4668] alloc_file_pseudo+0xfa/0x150 [ 143.101519][ T4668] __shmem_file_setup+0x14c/0x1d0 [ 143.106580][ T4668] shmem_file_setup+0x37/0x40 [ 143.107589][ T4670] loop4: detected capacity change from 0 to 1 [ 143.111255][ T4668] __se_sys_memfd_create+0x1c1/0x350 [ 143.122747][ T4668] __x64_sys_memfd_create+0x2d/0x40 [ 143.127943][ T4668] do_syscall_64+0x44/0xd0 [ 143.132359][ T4668] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.138238][ T4668] RIP: 0033:0x7f4b42e02e99 [ 143.142680][ T4668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.162366][ T4668] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 143.170842][ T4668] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 14:58:30 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80040, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 7) [ 143.178796][ T4668] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 [ 143.186754][ T4668] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 [ 143.194719][ T4668] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 143.202732][ T4668] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 143.210689][ T4668] 14:58:30 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80048, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 143.236281][ T4672] loop1: detected capacity change from 0 to 1024 [ 143.246325][ T4672] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 143.247436][ T4674] FAULT_INJECTION: forcing a failure. [ 143.247436][ T4674] name failslab, interval 1, probability 0, space 0, times 0 [ 143.269471][ T4674] CPU: 1 PID: 4674 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 143.278240][ T4674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.288308][ T4674] Call Trace: [ 143.292627][ T4674] [ 143.295556][ T4674] dump_stack_lvl+0xd6/0x122 [ 143.300151][ T4674] dump_stack+0x11/0x1b [ 143.304319][ T4674] should_fail+0x23c/0x250 [ 143.308812][ T4674] ? security_file_alloc+0x30/0x190 [ 143.314138][ T4674] __should_failslab+0x81/0x90 [ 143.318912][ T4674] should_failslab+0x5/0x20 [ 143.323427][ T4674] kmem_cache_alloc+0x4f/0x320 [ 143.328208][ T4674] security_file_alloc+0x30/0x190 [ 143.333237][ T4674] __alloc_file+0x83/0x1a0 [ 143.337649][ T4674] alloc_empty_file+0xcd/0x1c0 [ 143.342416][ T4674] alloc_file+0x3a/0x280 [ 143.346744][ T4674] alloc_file_pseudo+0xfa/0x150 [ 143.351640][ T4674] __shmem_file_setup+0x14c/0x1d0 [ 143.356665][ T4674] shmem_file_setup+0x37/0x40 [ 143.361425][ T4674] __se_sys_memfd_create+0x1c1/0x350 [ 143.366760][ T4674] __x64_sys_memfd_create+0x2d/0x40 [ 143.371963][ T4674] do_syscall_64+0x44/0xd0 [ 143.376394][ T4674] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.382349][ T4674] RIP: 0033:0x7f4b42e02e99 [ 143.386756][ T4674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.406493][ T4674] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 143.414931][ T4674] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f4b42e02e99 [ 143.422903][ T4674] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 00007f4b42e5c168 14:58:30 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 143.430889][ T4674] RBP: 0000000000000001 R08: 0000000000000400 R09: 00007f4b41f791d0 [ 143.438921][ T4674] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 143.446899][ T4674] R13: 0000000020000100 R14: 0000000000000800 R15: 0000000020012b00 [ 143.454892][ T4674] [ 143.459199][ T4676] loop2: detected capacity change from 0 to 264192 14:58:30 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:30 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 30) 14:58:30 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xe00000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 143.489580][ T4679] loop4: detected capacity change from 0 to 1 [ 143.498285][ T4680] loop1: detected capacity change from 0 to 1024 [ 143.518571][ T4680] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 143.519852][ T4685] FAULT_INJECTION: forcing a failure. [ 143.519852][ T4685] name failslab, interval 1, probability 0, space 0, times 0 [ 143.541633][ T4685] CPU: 0 PID: 4685 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 143.542370][ T4686] loop3: detected capacity change from 0 to 16 [ 143.550309][ T4685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.550322][ T4685] Call Trace: [ 143.550328][ T4685] [ 143.550335][ T4685] dump_stack_lvl+0xd6/0x122 [ 143.577277][ T4685] dump_stack+0x11/0x1b [ 143.581432][ T4685] should_fail+0x23c/0x250 [ 143.585844][ T4685] ? __kernfs_new_node+0x6a/0x340 [ 143.590865][ T4685] __should_failslab+0x81/0x90 [ 143.595621][ T4685] should_failslab+0x5/0x20 [ 143.600252][ T4685] kmem_cache_alloc+0x4f/0x320 [ 143.605143][ T4685] ? __down_write_common+0x42/0x7b0 [ 143.610366][ T4685] __kernfs_new_node+0x6a/0x340 [ 143.615248][ T4685] ? up_write+0x25/0xc0 [ 143.619549][ T4685] kernfs_new_node+0x5b/0xd0 [ 143.624137][ T4685] __kernfs_create_file+0x45/0x1a0 [ 143.629291][ T4685] ? dev_attr_show+0x90/0x90 [ 143.633933][ T4685] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 143.639299][ T4685] internal_create_group+0x2dd/0x840 [ 143.644572][ T4685] sysfs_create_group+0x1b/0x20 [ 143.649483][ T4685] loop_configure+0xc58/0xf30 [ 143.654245][ T4685] lo_ioctl+0x583/0x1270 [ 143.658564][ T4685] ? folio_mark_dirty+0x84/0xe0 [ 143.663460][ T4685] ? unlock_page+0x37/0x50 [ 143.667858][ T4685] ? __rcu_read_unlock+0x5c/0x290 [ 143.672875][ T4685] ? blkdev_common_ioctl+0x438/0x1180 [ 143.678233][ T4685] ? selinux_file_ioctl+0x522/0x590 [ 143.683430][ T4685] ? do_vfs_ioctl+0x819/0x14a0 [ 143.688188][ T4685] ? lo_release+0x120/0x120 [ 143.692675][ T4685] blkdev_ioctl+0x20e/0x440 [ 143.697208][ T4685] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 143.702672][ T4685] __se_sys_ioctl+0xcb/0x140 [ 143.707273][ T4685] __x64_sys_ioctl+0x3f/0x50 [ 143.711883][ T4685] do_syscall_64+0x44/0xd0 [ 143.716284][ T4685] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.722226][ T4685] RIP: 0033:0x7fd726699c57 [ 143.726623][ T4685] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.746397][ T4685] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 143.754820][ T4685] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 143.762790][ T4685] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 143.770830][ T4685] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 143.778805][ T4685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:30 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 8) [ 143.786768][ T4685] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 143.794730][ T4685] [ 143.798855][ T1906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.809219][ T4689] FAULT_INJECTION: forcing a failure. [ 143.809219][ T4689] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 143.822556][ T4689] CPU: 0 PID: 4689 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 143.831305][ T4689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 14:58:31 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x402, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 143.834278][ T4685] loop0: detected capacity change from 0 to 4 [ 143.841427][ T4689] Call Trace: [ 143.841435][ T4689] [ 143.841442][ T4689] dump_stack_lvl+0xd6/0x122 [ 143.841468][ T4689] dump_stack+0x11/0x1b [ 143.841486][ T4689] should_fail+0x23c/0x250 [ 143.851998][ T4685] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 143.853758][ T4689] __alloc_pages+0x102/0x330 [ 143.853789][ T4689] alloc_pages_vma+0x5ee/0x770 [ 143.864177][ T4692] loop4: detected capacity change from 0 to 2 [ 143.866940][ T4689] shmem_getpage_gfp+0x8bc/0x12c0 [ 143.866973][ T4689] shmem_write_begin+0x7e/0x100 [ 143.900330][ T4689] generic_perform_write+0x1c8/0x400 [ 143.905674][ T4689] ? current_time+0xed/0x1a0 [ 143.910245][ T4689] __generic_file_write_iter+0xf7/0x2b0 [ 143.915829][ T4689] ? generic_write_checks+0x250/0x290 [ 143.921182][ T4689] generic_file_write_iter+0x75/0x130 [ 143.926539][ T4689] vfs_write+0x7f5/0x950 [ 143.930764][ T4689] __x64_sys_pwrite64+0xf5/0x150 [ 143.935826][ T4689] do_syscall_64+0x44/0xd0 [ 143.940299][ T4689] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.946178][ T4689] RIP: 0033:0x7f4b42db5e67 [ 143.950585][ T4689] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 143.970201][ T4689] RSP: 002b:00007f4b41f78f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 143.978684][ T4689] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42db5e67 14:58:31 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8004c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:31 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2010, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 143.986637][ T4689] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004 [ 143.994590][ T4689] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 144.002566][ T4689] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 144.010648][ T4689] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 144.018621][ T4689] [ 144.023955][ T4689] loop5: detected capacity change from 0 to 4 [ 144.030841][ T4689] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 14:58:31 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 31) [ 144.053352][ T4694] loop1: detected capacity change from 0 to 1024 [ 144.053427][ T4691] loop2: detected capacity change from 0 to 264192 [ 144.060524][ T4694] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 144.084697][ T4698] FAULT_INJECTION: forcing a failure. [ 144.084697][ T4698] name failslab, interval 1, probability 0, space 0, times 0 [ 144.087172][ T4697] loop3: detected capacity change from 0 to 16 [ 144.097348][ T4698] CPU: 1 PID: 4698 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 144.097370][ T4698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.097381][ T4698] Call Trace: [ 144.097388][ T4698] [ 144.097394][ T4698] dump_stack_lvl+0xd6/0x122 [ 144.117438][ T4700] loop4: detected capacity change from 0 to 2 [ 144.122258][ T4698] dump_stack+0x11/0x1b [ 144.122283][ T4698] should_fail+0x23c/0x250 [ 144.147761][ T4698] ? __kernfs_new_node+0x6a/0x340 [ 144.152815][ T4698] __should_failslab+0x81/0x90 [ 144.157570][ T4698] should_failslab+0x5/0x20 [ 144.162119][ T4698] kmem_cache_alloc+0x4f/0x320 [ 144.166868][ T4698] ? __down_write_common+0x42/0x7b0 [ 144.172054][ T4698] __kernfs_new_node+0x6a/0x340 [ 144.176988][ T4698] ? up_write+0x25/0xc0 [ 144.181158][ T4698] kernfs_new_node+0x5b/0xd0 [ 144.185794][ T4698] __kernfs_create_file+0x45/0x1a0 [ 144.190895][ T4698] ? dev_attr_show+0x90/0x90 [ 144.195519][ T4698] sysfs_add_file_mode_ns+0x10b/0x1d0 [ 144.200937][ T4698] internal_create_group+0x2dd/0x840 [ 144.206207][ T4698] sysfs_create_group+0x1b/0x20 [ 144.211080][ T4698] loop_configure+0xc58/0xf30 [ 144.215793][ T4698] lo_ioctl+0x583/0x1270 [ 144.220019][ T4698] ? folio_mark_dirty+0x84/0xe0 [ 144.224938][ T4698] ? unlock_page+0x37/0x50 [ 144.229349][ T4698] ? __rcu_read_unlock+0x5c/0x290 [ 144.234363][ T4698] ? blkdev_common_ioctl+0x438/0x1180 [ 144.239756][ T4698] ? selinux_file_ioctl+0x522/0x590 [ 144.244940][ T4698] ? do_vfs_ioctl+0x819/0x14a0 [ 144.249878][ T4698] ? lo_release+0x120/0x120 [ 144.254367][ T4698] blkdev_ioctl+0x20e/0x440 [ 144.258854][ T4698] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 144.264300][ T4698] __se_sys_ioctl+0xcb/0x140 [ 144.268977][ T4698] __x64_sys_ioctl+0x3f/0x50 [ 144.273557][ T4698] do_syscall_64+0x44/0xd0 [ 144.278034][ T4698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.283984][ T4698] RIP: 0033:0x7fd726699c57 [ 144.288383][ T4698] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.307977][ T4698] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 144.316370][ T4698] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 144.324323][ T4698] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 144.332274][ T4698] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 144.340231][ T4698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:31 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x406, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:31 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80060, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:31 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2200, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 9) 14:58:31 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80068, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 144.348240][ T4698] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 144.356196][ T4698] [ 144.367310][ T4698] loop0: detected capacity change from 0 to 4 [ 144.374434][ T4698] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 144.391228][ T4704] FAULT_INJECTION: forcing a failure. [ 144.391228][ T4704] name fail_usercopy, interval 1, probability 0, space 0, times 0 14:58:31 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x500, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:31 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1100000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 144.404389][ T4704] CPU: 1 PID: 4704 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 144.407574][ T4706] loop3: detected capacity change from 0 to 17 [ 144.413107][ T4704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.413132][ T4704] Call Trace: [ 144.413139][ T4704] [ 144.413145][ T4704] dump_stack_lvl+0xd6/0x122 [ 144.413170][ T4704] dump_stack+0x11/0x1b [ 144.444235][ T4704] should_fail+0x23c/0x250 [ 144.448733][ T4704] should_fail_usercopy+0x16/0x20 [ 144.451092][ T4710] loop2: detected capacity change from 0 to 264192 [ 144.453755][ T4704] copy_page_from_iter_atomic+0x2f1/0xc60 [ 144.453819][ T4704] ? shmem_write_begin+0x7e/0x100 [ 144.461609][ T4708] loop4: detected capacity change from 0 to 2 [ 144.466008][ T4704] generic_perform_write+0x211/0x400 [ 144.482310][ T4704] ? current_time+0xed/0x1a0 [ 144.486960][ T4704] __generic_file_write_iter+0xf7/0x2b0 [ 144.492509][ T4704] ? generic_write_checks+0x250/0x290 [ 144.497916][ T4704] generic_file_write_iter+0x75/0x130 [ 144.503403][ T4704] vfs_write+0x7f5/0x950 [ 144.507643][ T4704] __x64_sys_pwrite64+0xf5/0x150 [ 144.512562][ T4704] do_syscall_64+0x44/0xd0 [ 144.516970][ T4704] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.522858][ T4704] RIP: 0033:0x7f4b42db5e67 [ 144.527246][ T4704] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 144.546962][ T4704] RSP: 002b:00007f4b41f78f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 144.555349][ T4704] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42db5e67 [ 144.563303][ T4704] RDX: 000000000000003a RSI: 0000000020010000 RDI: 0000000000000004 [ 144.571276][ T4704] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 144.579230][ T4704] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 144.587182][ T4704] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 144.595135][ T4704] [ 144.599432][ T4704] loop5: detected capacity change from 0 to 4 14:58:31 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3f00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:31 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x59c, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:31 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1200000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 144.608593][ T4704] EXT4-fs (loop5): fragment/cluster size (16384) != block size (1024) [ 144.620036][ T4712] loop1: detected capacity change from 0 to 1024 [ 144.627965][ T4712] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock 14:58:31 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 32) 14:58:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 10) 14:58:31 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8006c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 144.651971][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.663531][ T4716] loop4: detected capacity change from 0 to 2 [ 144.665226][ T4717] loop2: detected capacity change from 0 to 264192 [ 144.678159][ T4718] loop3: detected capacity change from 0 to 31 [ 144.697680][ T4720] loop0: detected capacity change from 0 to 4 [ 144.704758][ T4720] FAULT_INJECTION: forcing a failure. [ 144.704758][ T4720] name failslab, interval 1, probability 0, space 0, times 0 [ 144.714490][ T4723] loop1: detected capacity change from 0 to 1024 [ 144.717440][ T4720] CPU: 1 PID: 4720 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 144.726206][ T4723] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 144.732498][ T4720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.732511][ T4720] Call Trace: [ 144.732517][ T4720] [ 144.732524][ T4720] dump_stack_lvl+0xd6/0x122 [ 144.745402][ T4724] FAULT_INJECTION: forcing a failure. [ 144.745402][ T4724] name failslab, interval 1, probability 0, space 0, times 0 [ 144.752950][ T4720] dump_stack+0x11/0x1b [ 144.752975][ T4720] should_fail+0x23c/0x250 [ 144.784768][ T4720] ? kobject_uevent_env+0x1a7/0xc40 [ 144.789989][ T4720] __should_failslab+0x81/0x90 [ 144.794792][ T4720] should_failslab+0x5/0x20 [ 144.799290][ T4720] kmem_cache_alloc_trace+0x52/0x350 [ 144.804571][ T4720] ? _printk+0x76/0x97 [ 144.808680][ T4720] ? dev_uevent_filter+0x70/0x70 [ 144.813612][ T4720] kobject_uevent_env+0x1a7/0xc40 [ 144.818897][ T4720] kobject_uevent+0x18/0x20 [ 144.823387][ T4720] loop_configure+0xd70/0xf30 [ 144.828049][ T4720] lo_ioctl+0x583/0x1270 [ 144.832302][ T4720] ? folio_mark_dirty+0x84/0xe0 [ 144.837193][ T4720] ? unlock_page+0x37/0x50 [ 144.841589][ T4720] ? __rcu_read_unlock+0x5c/0x290 [ 144.846600][ T4720] ? blkdev_common_ioctl+0x438/0x1180 [ 144.851953][ T4720] ? selinux_file_ioctl+0x522/0x590 [ 144.857176][ T4720] ? do_vfs_ioctl+0x819/0x14a0 [ 144.862011][ T4720] ? lo_release+0x120/0x120 [ 144.866502][ T4720] blkdev_ioctl+0x20e/0x440 [ 144.870999][ T4720] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 144.876511][ T4720] __se_sys_ioctl+0xcb/0x140 [ 144.881088][ T4720] __x64_sys_ioctl+0x3f/0x50 [ 144.885729][ T4720] do_syscall_64+0x44/0xd0 [ 144.890183][ T4720] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.896062][ T4720] RIP: 0033:0x7fd726699c57 [ 144.900459][ T4720] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.920161][ T4720] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 144.928625][ T4720] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 144.936662][ T4720] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 144.944623][ T4720] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 144.952583][ T4720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 144.960534][ T4720] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 144.968488][ T4720] [ 144.971562][ T4724] CPU: 0 PID: 4724 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 144.980239][ T4724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.986307][ T4720] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 144.990319][ T4724] Call Trace: [ 144.990328][ T4724] [ 145.004671][ T4724] dump_stack_lvl+0xd6/0x122 14:58:32 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5c2, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 145.009285][ T4724] dump_stack+0x11/0x1b [ 145.013526][ T4724] should_fail+0x23c/0x250 [ 145.017998][ T4724] ? getname_flags+0x84/0x3f0 [ 145.018481][ T4726] loop4: detected capacity change from 0 to 2 [ 145.022707][ T4724] __should_failslab+0x81/0x90 [ 145.022733][ T4724] should_failslab+0x5/0x20 [ 145.038224][ T4724] kmem_cache_alloc+0x4f/0x320 [ 145.043021][ T4724] getname_flags+0x84/0x3f0 [ 145.047532][ T4724] ? vfs_write+0x667/0x950 [ 145.051977][ T4724] getname+0x15/0x20 [ 145.055852][ T4724] do_sys_openat2+0x6d/0x2b0 [ 145.060435][ T4724] __x64_sys_openat+0xef/0x110 [ 145.065274][ T4724] do_syscall_64+0x44/0xd0 [ 145.069706][ T4724] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.075598][ T4724] RIP: 0033:0x7f4b42db5db4 [ 145.080046][ T4724] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 145.099666][ T4724] RSP: 002b:00007f4b41f78eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 145.108103][ T4724] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42db5db4 [ 145.116075][ T4724] RDX: 0000000000000002 RSI: 00007f4b41f78fe0 RDI: 00000000ffffff9c [ 145.124157][ T4724] RBP: 00007f4b41f78fe0 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 145.132241][ T4724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 145.140201][ T4724] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 145.148280][ T4724] [ 145.152174][ T1906] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog 14:58:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 11) 14:58:32 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:32 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 33) 14:58:32 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:32 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x600, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:32 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80074, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 145.160444][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.210594][ T4728] loop3: detected capacity change from 0 to 32 [ 145.217898][ T4732] FAULT_INJECTION: forcing a failure. [ 145.217898][ T4732] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 145.224104][ T4734] loop2: detected capacity change from 0 to 264192 [ 145.230972][ T4732] CPU: 1 PID: 4732 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 145.243062][ T4737] loop1: detected capacity change from 0 to 1024 [ 145.246119][ T4732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.246132][ T4732] Call Trace: [ 145.246139][ T4732] [ 145.254286][ T4737] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 145.262473][ T4732] dump_stack_lvl+0xd6/0x122 [ 145.269341][ T4738] loop4: detected capacity change from 0 to 3 [ 145.279490][ T4732] dump_stack+0x11/0x1b [ 145.279515][ T4732] should_fail+0x23c/0x250 [ 145.285738][ T4735] loop0: detected capacity change from 0 to 4 [ 145.290161][ T4732] should_fail_usercopy+0x16/0x20 [ 145.294845][ T4735] FAULT_INJECTION: forcing a failure. [ 145.294845][ T4735] name failslab, interval 1, probability 0, space 0, times 0 [ 145.298703][ T4732] strncpy_from_user+0x21/0x250 [ 145.298804][ T4732] getname_flags+0xb8/0x3f0 [ 145.331703][ T4732] ? vfs_write+0x667/0x950 [ 145.336108][ T4732] getname+0x15/0x20 [ 145.340030][ T4732] do_sys_openat2+0x6d/0x2b0 [ 145.344633][ T4732] __x64_sys_openat+0xef/0x110 [ 145.349447][ T4732] do_syscall_64+0x44/0xd0 [ 145.353859][ T4732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.359737][ T4732] RIP: 0033:0x7f4b42db5db4 [ 145.364225][ T4732] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 145.383809][ T4732] RSP: 002b:00007f4b41f78eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 145.392277][ T4732] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42db5db4 [ 145.400228][ T4732] RDX: 0000000000000002 RSI: 00007f4b41f78fe0 RDI: 00000000ffffff9c 14:58:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 12) [ 145.408183][ T4732] RBP: 00007f4b41f78fe0 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 145.416167][ T4732] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 145.424127][ T4732] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 145.432087][ T4732] [ 145.435092][ T4735] CPU: 0 PID: 4735 Comm: syz-executor.0 Not tainted 5.16.0-rc5-syzkaller #0 [ 145.443774][ T4735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.453816][ T4735] Call Trace: [ 145.457078][ T4735] [ 145.460009][ T4735] dump_stack_lvl+0xd6/0x122 [ 145.463680][ T4740] FAULT_INJECTION: forcing a failure. [ 145.463680][ T4740] name failslab, interval 1, probability 0, space 0, times 0 [ 145.464606][ T4735] dump_stack+0x11/0x1b [ 145.464677][ T4735] should_fail+0x23c/0x250 [ 145.485774][ T4735] ? kzalloc+0x1d/0x30 [ 145.489907][ T4735] __should_failslab+0x81/0x90 [ 145.494703][ T4735] should_failslab+0x5/0x20 [ 145.499191][ T4735] __kmalloc+0x6f/0x370 [ 145.503328][ T4735] kzalloc+0x1d/0x30 [ 145.507206][ T4735] kobject_get_path+0x7c/0x110 [ 145.512082][ T4735] kobject_uevent_env+0x1be/0xc40 [ 145.517176][ T4735] kobject_uevent+0x18/0x20 [ 145.521664][ T4735] loop_configure+0xd70/0xf30 [ 145.526325][ T4735] lo_ioctl+0x583/0x1270 [ 145.530648][ T4735] ? folio_mark_dirty+0x84/0xe0 [ 145.535481][ T4735] ? unlock_page+0x37/0x50 [ 145.539881][ T4735] ? __rcu_read_unlock+0x5c/0x290 [ 145.544892][ T4735] ? blkdev_common_ioctl+0x438/0x1180 [ 145.550296][ T4735] ? selinux_file_ioctl+0x522/0x590 [ 145.555475][ T4735] ? do_vfs_ioctl+0x819/0x14a0 [ 145.560254][ T4735] ? lo_release+0x120/0x120 [ 145.564737][ T4735] blkdev_ioctl+0x20e/0x440 [ 145.569222][ T4735] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 145.574693][ T4735] __se_sys_ioctl+0xcb/0x140 [ 145.579268][ T4735] __x64_sys_ioctl+0x3f/0x50 [ 145.583843][ T4735] do_syscall_64+0x44/0xd0 [ 145.588241][ T4735] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.594202][ T4735] RIP: 0033:0x7fd726699c57 [ 145.598597][ T4735] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 145.618276][ T4735] RSP: 002b:00007fd72580ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 145.626702][ T4735] RAX: ffffffffffffffda RBX: 00007fd7266e39c8 RCX: 00007fd726699c57 [ 145.634658][ T4735] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 145.642658][ T4735] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fd7258101d0 [ 145.650684][ T4735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 145.658656][ T4735] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 145.666713][ T4735] [ 145.669761][ T4740] CPU: 1 PID: 4740 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 145.669964][ T1880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.678458][ T4740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.678470][ T4740] Call Trace: [ 145.678476][ T4740] [ 145.678483][ T4740] dump_stack_lvl+0xd6/0x122 [ 145.707501][ T4740] dump_stack+0x11/0x1b [ 145.711819][ T4740] should_fail+0x23c/0x250 [ 145.716216][ T4740] ? __alloc_file+0x2e/0x1a0 [ 145.720808][ T4740] __should_failslab+0x81/0x90 [ 145.725558][ T4740] should_failslab+0x5/0x20 [ 145.730056][ T4740] kmem_cache_alloc+0x4f/0x320 [ 145.734816][ T4740] __alloc_file+0x2e/0x1a0 [ 145.739222][ T4740] alloc_empty_file+0xcd/0x1c0 [ 145.744031][ T4740] path_openat+0x6a/0x1eb0 [ 145.748430][ T4740] ? __set_page_dirty_no_writeback+0x7d/0xc0 [ 145.754394][ T4740] ? folio_mark_dirty+0x84/0xe0 [ 145.759243][ T4740] ? unlock_page+0x37/0x50 [ 145.763679][ T4740] ? inode_to_bdi+0x43/0xa0 [ 145.768197][ T4740] ? balance_dirty_pages_ratelimited+0x47/0x280 [ 145.774436][ T4740] ? generic_perform_write+0x397/0x400 [ 145.779890][ T4740] do_filp_open+0x105/0x220 [ 145.784417][ T4740] do_sys_openat2+0xb5/0x2b0 [ 145.789009][ T4740] __x64_sys_openat+0xef/0x110 [ 145.793762][ T4740] do_syscall_64+0x44/0xd0 [ 145.798169][ T4740] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.804080][ T4740] RIP: 0033:0x7f4b42db5db4 [ 145.808478][ T4740] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 145.828126][ T4740] RSP: 002b:00007f4b41f78eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 145.836532][ T4740] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42db5db4 [ 145.844541][ T4740] RDX: 0000000000000002 RSI: 00007f4b41f78fe0 RDI: 00000000ffffff9c [ 145.852531][ T4740] RBP: 00007f4b41f78fe0 R08: 0000000000000000 R09: 00007f4b41f791d0 14:58:33 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x604, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:33 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2010000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 13) [ 145.860508][ T4740] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 145.868526][ T4740] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 145.876507][ T4740] [ 145.897713][ T4735] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) 14:58:33 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4800, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 145.926641][ T4745] loop4: detected capacity change from 0 to 3 [ 145.932146][ T4744] FAULT_INJECTION: forcing a failure. [ 145.932146][ T4744] name failslab, interval 1, probability 0, space 0, times 0 [ 145.933379][ T4746] loop2: detected capacity change from 0 to 264192 [ 145.945371][ T4744] CPU: 0 PID: 4744 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 145.960535][ T4744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.970726][ T4744] Call Trace: [ 145.974027][ T4744] [ 145.976963][ T4744] dump_stack_lvl+0xd6/0x122 [ 145.981578][ T4744] dump_stack+0x11/0x1b [ 145.985869][ T4744] should_fail+0x23c/0x250 [ 145.990294][ T4744] ? security_file_alloc+0x30/0x190 [ 145.995498][ T4744] __should_failslab+0x81/0x90 [ 146.000456][ T4744] should_failslab+0x5/0x20 [ 146.004970][ T4744] kmem_cache_alloc+0x4f/0x320 [ 146.009761][ T4744] security_file_alloc+0x30/0x190 [ 146.014859][ T4744] __alloc_file+0x83/0x1a0 [ 146.019284][ T4744] alloc_empty_file+0xcd/0x1c0 [ 146.024113][ T4744] path_openat+0x6a/0x1eb0 [ 146.028605][ T4744] ? __set_page_dirty_no_writeback+0x7d/0xc0 [ 146.034726][ T4744] ? folio_mark_dirty+0x84/0xe0 [ 146.039581][ T4744] ? unlock_page+0x37/0x50 [ 146.044000][ T4744] ? inode_to_bdi+0x43/0xa0 [ 146.048525][ T4744] ? balance_dirty_pages_ratelimited+0x47/0x280 [ 146.054791][ T4744] ? generic_perform_write+0x397/0x400 [ 146.060279][ T4744] do_filp_open+0x105/0x220 [ 146.064799][ T4744] do_sys_openat2+0xb5/0x2b0 [ 146.069397][ T4744] __x64_sys_openat+0xef/0x110 14:58:33 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8007a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 146.074167][ T4744] do_syscall_64+0x44/0xd0 [ 146.078638][ T4744] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.084572][ T4744] RIP: 0033:0x7f4b42db5db4 [ 146.088984][ T4744] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 146.108598][ T4744] RSP: 002b:00007f4b41f78eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 146.117069][ T4744] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42db5db4 14:58:33 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2200000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 146.125046][ T4744] RDX: 0000000000000002 RSI: 00007f4b41f78fe0 RDI: 00000000ffffff9c [ 146.133022][ T4744] RBP: 00007f4b41f78fe0 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 146.140992][ T4744] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 146.148958][ T4744] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 146.156919][ T4744] [ 146.162727][ T4748] loop3: detected capacity change from 0 to 36 [ 146.171135][ T4750] loop1: detected capacity change from 0 to 1024 14:58:33 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4c00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:33 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) 14:58:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 14) [ 146.180252][ T19] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.209556][ T4750] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock 14:58:33 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x700, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 146.226184][ T4753] loop0: detected capacity change from 0 to 4 [ 146.233211][ T4754] loop2: detected capacity change from 0 to 264192 [ 146.235987][ T4758] FAULT_INJECTION: forcing a failure. [ 146.235987][ T4758] name failslab, interval 1, probability 0, space 0, times 0 [ 146.242954][ T4757] loop3: detected capacity change from 0 to 38 [ 146.254163][ T4758] CPU: 0 PID: 4758 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 146.269157][ T4758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.279216][ T4758] Call Trace: [ 146.282499][ T4758] [ 146.285417][ T4758] dump_stack_lvl+0xd6/0x122 [ 146.290001][ T4758] dump_stack+0x11/0x1b [ 146.294152][ T4758] should_fail+0x23c/0x250 [ 146.298607][ T4758] ? kzalloc+0x16/0x20 [ 146.302714][ T4758] __should_failslab+0x81/0x90 [ 146.307527][ T4758] should_failslab+0x5/0x20 [ 146.312152][ T4758] __kmalloc+0x6f/0x370 [ 146.316295][ T4758] ? iput+0x1cd/0x580 [ 146.320352][ T4758] kzalloc+0x16/0x20 [ 146.324355][ T4758] alloc_workqueue+0x12f/0xad0 [ 146.329109][ T4758] ? __rcu_read_unlock+0x5c/0x290 [ 146.334150][ T4758] ? preempt_count_add+0x4e/0x90 [ 146.339099][ T4758] ? _raw_spin_unlock+0x2e/0x50 [ 146.343995][ T4758] ? bd_prepare_to_claim+0x1ac/0x200 [ 146.349281][ T4758] loop_configure+0x70e/0xf30 [ 146.354004][ T4758] lo_ioctl+0x583/0x1270 [ 146.358235][ T4758] ? folio_mark_dirty+0x84/0xe0 [ 146.363074][ T4758] ? unlock_page+0x37/0x50 [ 146.367476][ T4758] ? __rcu_read_unlock+0x5c/0x290 [ 146.372490][ T4758] ? blkdev_common_ioctl+0x438/0x1180 [ 146.377851][ T4758] ? selinux_file_ioctl+0x522/0x590 [ 146.383041][ T4758] ? do_vfs_ioctl+0x819/0x14a0 [ 146.387810][ T4758] ? lo_release+0x120/0x120 [ 146.392298][ T4758] blkdev_ioctl+0x20e/0x440 [ 146.396787][ T4758] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 146.402262][ T4758] __se_sys_ioctl+0xcb/0x140 [ 146.406862][ T4758] __x64_sys_ioctl+0x3f/0x50 [ 146.411456][ T4758] do_syscall_64+0x44/0xd0 [ 146.415858][ T4758] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.421787][ T4758] RIP: 0033:0x7f4b42e02c57 [ 146.426187][ T4758] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.445778][ T4758] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.454185][ T4758] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42e02c57 [ 146.462141][ T4758] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 146.470099][ T4758] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4b41f791d0 14:58:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 15) 14:58:33 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3f00000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:33 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6800, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 146.478056][ T4758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 146.486012][ T4758] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 146.494149][ T4758] [ 146.506686][ T4753] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 146.507456][ T4760] loop4: detected capacity change from 0 to 3 [ 146.547110][ T4763] FAULT_INJECTION: forcing a failure. [ 146.547110][ T4763] name failslab, interval 1, probability 0, space 0, times 0 [ 146.548784][ T4764] loop2: detected capacity change from 0 to 264192 [ 146.559835][ T4763] CPU: 1 PID: 4763 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 146.559861][ T4763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.559871][ T4763] Call Trace: [ 146.559877][ T4763] [ 146.559884][ T4763] dump_stack_lvl+0xd6/0x122 [ 146.595874][ T4763] dump_stack+0x11/0x1b [ 146.600097][ T4763] should_fail+0x23c/0x250 [ 146.604502][ T4763] ? alloc_workqueue+0x15d/0xad0 [ 146.609435][ T4763] __should_failslab+0x81/0x90 [ 146.614188][ T4763] should_failslab+0x5/0x20 [ 146.618682][ T4763] kmem_cache_alloc_trace+0x52/0x350 [ 146.624031][ T4763] ? kzalloc+0x16/0x20 [ 146.628110][ T4763] alloc_workqueue+0x15d/0xad0 [ 146.632863][ T4763] ? __rcu_read_unlock+0x5c/0x290 [ 146.637911][ T4763] ? preempt_count_add+0x4e/0x90 [ 146.642851][ T4763] ? _raw_spin_unlock+0x2e/0x50 [ 146.647764][ T4763] ? bd_prepare_to_claim+0x1ac/0x200 [ 146.653043][ T4763] loop_configure+0x70e/0xf30 [ 146.657779][ T4763] lo_ioctl+0x583/0x1270 [ 146.662014][ T4763] ? debug_smp_processor_id+0x18/0x20 [ 146.667538][ T4763] ? delay_tsc+0x96/0xe0 [ 146.671836][ T4763] ? __rcu_read_unlock+0x5c/0x290 [ 146.676855][ T4763] ? blkdev_common_ioctl+0x438/0x1180 [ 146.682214][ T4763] ? selinux_file_ioctl+0x522/0x590 [ 146.687463][ T4763] ? do_vfs_ioctl+0x819/0x14a0 [ 146.692346][ T4763] ? lo_release+0x120/0x120 [ 146.696836][ T4763] blkdev_ioctl+0x20e/0x440 [ 146.701361][ T4763] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 146.706808][ T4763] __se_sys_ioctl+0xcb/0x140 [ 146.711436][ T4763] __x64_sys_ioctl+0x3f/0x50 [ 146.716028][ T4763] do_syscall_64+0x44/0xd0 [ 146.720516][ T4763] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.726432][ T4763] RIP: 0033:0x7f4b42e02c57 [ 146.730830][ T4763] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.750487][ T4763] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.758956][ T4763] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42e02c57 [ 146.766925][ T4763] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 146.774941][ T4763] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 146.782980][ T4763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:34 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x900, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:34 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x800fe, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) 14:58:34 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000000000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 146.790976][ T4763] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 146.798940][ T4763] [ 146.816585][ T4767] loop1: detected capacity change from 0 to 1024 14:58:34 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 16) 14:58:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) [ 146.840933][ T4768] loop3: detected capacity change from 0 to 52 [ 146.847329][ T4767] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 146.851766][ T4770] loop4: detected capacity change from 0 to 4 [ 146.870694][ T4774] loop2: detected capacity change from 0 to 264192 [ 146.873356][ T4775] loop0: detected capacity change from 0 to 4 [ 146.885193][ T4776] FAULT_INJECTION: forcing a failure. 14:58:34 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80204, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000b138543112eb43ac9dbc7e1411f64d55010040", 0x1f, 0x4e0}, {&(0x7f00000002c0)="0100010000000500401ac41a3b6b2140ff8267", 0x13, 0x560}], 0x0, &(0x7f0000012b00)) [ 146.885193][ T4776] name failslab, interval 1, probability 0, space 0, times 0 [ 146.895273][ T4775] EXT4-fs (loop0): fragment/cluster size (16384) != block size (1024) [ 146.897860][ T4776] CPU: 1 PID: 4776 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 146.914638][ T4776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.924684][ T4776] Call Trace: [ 146.927968][ T4776] [ 146.930886][ T4776] dump_stack_lvl+0xd6/0x122 [ 146.935552][ T4776] dump_stack+0x11/0x1b [ 146.939741][ T4776] should_fail+0x23c/0x250 [ 146.944233][ T4776] ? kzalloc+0x16/0x20 [ 146.948369][ T4776] __should_failslab+0x81/0x90 [ 146.953120][ T4776] should_failslab+0x5/0x20 [ 146.957638][ T4776] __kmalloc+0x6f/0x370 [ 146.961836][ T4776] ? number+0xa13/0xb60 [ 146.966015][ T4776] kzalloc+0x16/0x20 [ 146.969950][ T4776] apply_wqattrs_prepare+0x3a/0x630 [ 146.975155][ T4776] ? vsnprintf+0xe8f/0xed0 [ 146.979585][ T4776] apply_workqueue_attrs+0x9e/0x100 [ 146.984856][ T4776] alloc_workqueue+0x777/0xad0 [ 146.989627][ T4776] ? preempt_count_add+0x4e/0x90 [ 146.994556][ T4776] ? _raw_spin_unlock+0x2e/0x50 [ 146.999386][ T4776] ? bd_prepare_to_claim+0x1ac/0x200 [ 147.004686][ T4776] loop_configure+0x70e/0xf30 [ 147.009397][ T4776] lo_ioctl+0x583/0x1270 [ 147.013636][ T4776] ? folio_mark_dirty+0x84/0xe0 [ 147.018468][ T4776] ? unlock_page+0x37/0x50 [ 147.022865][ T4776] ? __rcu_read_unlock+0x5c/0x290 [ 147.028034][ T4776] ? blkdev_common_ioctl+0x438/0x1180 [ 147.033397][ T4776] ? selinux_file_ioctl+0x522/0x590 [ 147.038608][ T4776] ? do_vfs_ioctl+0x819/0x14a0 [ 147.043469][ T4776] ? lo_release+0x120/0x120 [ 147.047949][ T4776] blkdev_ioctl+0x20e/0x440 [ 147.052436][ T4776] ? blkdev_compat_ptr_ioctl+0x80/0x80 [ 147.057875][ T4776] __se_sys_ioctl+0xcb/0x140 [ 147.062447][ T4776] __x64_sys_ioctl+0x3f/0x50 [ 147.067057][ T4776] do_syscall_64+0x44/0xd0 [ 147.071459][ T4776] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 147.077376][ T4776] RIP: 0033:0x7f4b42e02c57 [ 147.081770][ T4776] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.101637][ T4776] RSP: 002b:00007f4b41f78f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 147.110467][ T4776] RAX: ffffffffffffffda RBX: 00007f4b42e4c9c8 RCX: 00007f4b42e02c57 [ 147.118632][ T4776] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 147.126595][ T4776] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4b41f791d0 [ 147.134549][ T4776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 14:58:34 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) (fail_nth: 17) 14:58:34 executing program 4: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) [ 147.142500][ T4776] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 147.150459][ T4776] [ 147.160894][ T4778] loop1: detected capacity change from 0 to 1025 14:58:34 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000080000000000, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:34 executing program 3: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x6c00, 0x0, &(0x7f0000000200), 0x8000, &(0x7f0000000240)={[], [{@hash}]}) 14:58:34 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000d8f4655fd8f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012b00)) [ 147.188681][ T4778] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 147.208363][ T4782] FAULT_INJECTION: forcing a failure. [ 147.208363][ T4782] name failslab, interval 1, probability 0, space 0, times 0 [ 147.221251][ T4782] CPU: 0 PID: 4782 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0 [ 147.230130][ T4782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.240219][ T4782] Call Trace: [ 147.243522][ T4782] [ 147.246442][ T4782] dump_stack_lvl+0xd6/0x122 [ 147.251041][ T4782] dump_stack+0x11/0x1b [ 147.255181][ T4782] should_fail+0x23c/0x250 [ 147.259575][ T4782] ? apply_wqattrs_prepare+0x5f/0x630 [ 147.264987][ T4782] __should_failslab+0x81/0x90 [ 147.269810][ T4782] should_failslab+0x5/0x20 [ 147.274299][ T4782] kmem_c