270740][T11805] direct_splice_actor+0x80/0xa0 [ 125.275755][T11805] splice_direct_to_actor+0x345/0x650 [ 125.281120][T11805] ? do_splice_direct+0x190/0x190 [ 125.286129][T11805] do_splice_direct+0x106/0x190 [ 125.290971][T11805] do_sendfile+0x63e/0xbb0 [ 125.295386][T11805] __x64_sys_sendfile64+0x102/0x140 [ 125.300572][T11805] do_syscall_64+0x44/0xa0 [ 125.305047][T11805] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.310947][T11805] RIP: 0033:0x7fc9483818d9 [ 125.315345][T11805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.334947][T11805] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 125.343343][T11805] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 125.351296][T11805] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 125.359255][T11805] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 125.367209][T11805] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 125.375266][T11805] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 125.387044][T11825] loop3: detected capacity change from 0 to 264192 [ 125.395083][T11825] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 125.407318][T11799] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:39 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xcd000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c963e5cb6c0a8636ccc241c13b1e2e4c3fd", 0x1a, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:39 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:39 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000d01) 00:06:39 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 39) 00:06:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xce000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 125.530713][T11849] loop5: detected capacity change from 0 to 264192 [ 125.560749][T11851] FAULT_INJECTION: forcing a failure. [ 125.560749][T11851] name failslab, interval 1, probability 0, space 0, times 0 [ 125.573388][T11851] CPU: 1 PID: 11851 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 125.582222][T11851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.592284][T11851] Call Trace: [ 125.595560][T11851] dump_stack_lvl+0xd6/0x122 [ 125.600150][T11851] dump_stack+0x11/0x1b [ 125.604305][T11851] should_fail+0x23c/0x250 [ 125.608799][T11851] ? mempool_alloc_slab+0x16/0x20 [ 125.613931][T11851] __should_failslab+0x81/0x90 [ 125.618693][T11851] should_failslab+0x5/0x20 [ 125.623200][T11851] kmem_cache_alloc+0x4f/0x300 [ 125.628022][T11851] ? ext4_fc_track_range+0x90/0x140 [ 125.630559][T11855] loop3: detected capacity change from 0 to 264192 [ 125.633293][T11851] mempool_alloc_slab+0x16/0x20 [ 125.644626][T11851] ? mempool_free+0x130/0x130 [ 125.649352][T11851] mempool_alloc+0x9d/0x310 [ 125.653851][T11851] bio_alloc_bioset+0xcc/0x530 [ 125.658627][T11851] ? iov_iter_alignment+0x34b/0x370 [ 125.663826][T11851] iomap_dio_bio_iter+0x5c1/0xbc0 [ 125.668852][T11851] __iomap_dio_rw+0x8d8/0x1010 [ 125.673651][T11851] iomap_dio_rw+0x30/0x70 [ 125.677980][T11851] ? ext4_file_write_iter+0x461/0x11f0 [ 125.683423][T11851] ext4_file_write_iter+0xaa9/0x11f0 [ 125.688692][T11851] ? ext4_file_write_iter+0x461/0x11f0 [ 125.694135][T11851] do_iter_readv_writev+0x2de/0x380 [ 125.699324][T11851] do_iter_write+0x192/0x5c0 [ 125.703899][T11851] ? splice_from_pipe_next+0x34f/0x3b0 [ 125.709394][T11851] ? kmalloc_array+0x2d/0x40 [ 125.713976][T11851] vfs_iter_write+0x4c/0x70 [ 125.718538][T11851] iter_file_splice_write+0x43a/0x790 [ 125.723901][T11851] ? splice_from_pipe+0xd0/0xd0 [ 125.728731][T11851] direct_splice_actor+0x80/0xa0 [ 125.733654][T11851] splice_direct_to_actor+0x345/0x650 [ 125.739180][T11851] ? do_splice_direct+0x190/0x190 [ 125.744187][T11851] do_splice_direct+0x106/0x190 [ 125.749022][T11851] do_sendfile+0x63e/0xbb0 [ 125.753490][T11851] __x64_sys_sendfile64+0x102/0x140 [ 125.758676][T11851] do_syscall_64+0x44/0xa0 [ 125.763140][T11851] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.769027][T11851] RIP: 0033:0x7fc9483818d9 [ 125.773495][T11851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.793083][T11851] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 125.801491][T11851] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 125.809558][T11851] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 125.817514][T11851] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:06:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xcf000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 125.825538][T11851] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 125.833760][T11851] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 125.848594][T11849] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 125.874085][T11855] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:06:39 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c963e5cb6c0a8636ccc241c13b1e2e4c3fd", 0x1a, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd0000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:39 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000e01) [ 125.946179][T11879] loop5: detected capacity change from 0 to 264192 [ 125.957171][T11879] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 126.004612][T11888] loop3: detected capacity change from 0 to 264192 [ 126.027469][T11888] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:06:40 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd987", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:40 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 40) 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd1000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:40 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:40 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000f01) 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd2000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xdaffffff, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 126.253955][T11925] loop5: detected capacity change from 0 to 264192 [ 126.255212][T11927] loop3: detected capacity change from 0 to 264192 [ 126.283697][T11925] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 126.284216][T11917] FAULT_INJECTION: forcing a failure. 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xe7ff0100, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 126.284216][T11917] name failslab, interval 1, probability 0, space 0, times 0 [ 126.306364][T11917] CPU: 1 PID: 11917 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 126.315181][T11917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.325232][T11917] Call Trace: [ 126.328559][T11917] dump_stack_lvl+0xd6/0x122 [ 126.333155][T11917] dump_stack+0x11/0x1b [ 126.337310][T11917] should_fail+0x23c/0x250 [ 126.341729][T11917] ? kmalloc_array+0x2d/0x40 [ 126.346318][T11917] __should_failslab+0x81/0x90 [ 126.351082][T11917] should_failslab+0x5/0x20 [ 126.355621][T11917] __kmalloc+0x6f/0x350 [ 126.359763][T11917] kmalloc_array+0x2d/0x40 [ 126.364219][T11917] iter_file_splice_write+0xd5/0x790 [ 126.369485][T11917] ? atime_needs_update+0x2ba/0x390 [ 126.374674][T11917] ? touch_atime+0xe0/0x250 [ 126.379165][T11917] ? generic_file_splice_read+0x2a9/0x330 [ 126.385004][T11917] ? splice_from_pipe+0xd0/0xd0 [ 126.389942][T11917] direct_splice_actor+0x80/0xa0 [ 126.394863][T11917] splice_direct_to_actor+0x345/0x650 [ 126.400222][T11917] ? do_splice_direct+0x190/0x190 [ 126.405228][T11917] do_splice_direct+0x106/0x190 [ 126.410066][T11917] do_sendfile+0x63e/0xbb0 [ 126.414541][T11917] __x64_sys_sendfile64+0x102/0x140 [ 126.419727][T11917] do_syscall_64+0x44/0xa0 [ 126.424134][T11917] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.430186][T11917] RIP: 0033:0x7fc9483818d9 [ 126.434595][T11917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.454184][T11917] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 126.462581][T11917] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 126.470535][T11917] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 126.478488][T11917] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 126.486489][T11917] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 126.494444][T11917] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xea2b9c2a, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 126.524427][T11927] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:40 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 41) [ 126.609987][T11961] loop5: detected capacity change from 0 to 264192 [ 126.646713][T11961] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 126.679274][T11968] FAULT_INJECTION: forcing a failure. [ 126.679274][T11968] name failslab, interval 1, probability 0, space 0, times 0 [ 126.691907][T11968] CPU: 0 PID: 11968 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 126.700663][T11968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.710710][T11968] Call Trace: [ 126.713980][T11968] dump_stack_lvl+0xd6/0x122 [ 126.718573][T11968] dump_stack+0x11/0x1b [ 126.722725][T11968] should_fail+0x23c/0x250 [ 126.727135][T11968] ? mempool_alloc_slab+0x16/0x20 [ 126.732152][T11968] __should_failslab+0x81/0x90 [ 126.736972][T11968] should_failslab+0x5/0x20 [ 126.741479][T11968] kmem_cache_alloc+0x4f/0x300 [ 126.746249][T11968] mempool_alloc_slab+0x16/0x20 [ 126.751096][T11968] ? mempool_free+0x130/0x130 [ 126.755757][T11968] mempool_alloc+0x9d/0x310 [ 126.760249][T11968] ? __getblk_gfp+0x3f/0x590 [ 126.764913][T11968] bio_alloc_bioset+0xcc/0x530 [ 126.769703][T11968] ? __ext4_get_inode_loc+0x760/0x8c0 [ 126.775168][T11968] submit_bh_wbc+0x130/0x330 [ 126.779749][T11968] __sync_dirty_buffer+0x136/0x1e0 [ 126.784847][T11968] sync_dirty_buffer+0x16/0x20 [ 126.789619][T11968] ext4_write_inode+0x2ad/0x3c0 [ 126.794601][T11968] write_inode+0x89/0x180 [ 126.798941][T11968] __writeback_single_inode+0x2a2/0x440 [ 126.804485][T11968] writeback_single_inode+0x17b/0x3e0 [ 126.809860][T11968] sync_inode_metadata+0x57/0x80 [ 126.814801][T11968] ext4_sync_file+0x359/0x670 [ 126.819477][T11968] ? tsan.module_ctor+0x10/0x10 [ 126.824334][T11968] vfs_fsync_range+0x107/0x120 [ 126.829097][T11968] iomap_dio_complete+0x2d5/0x3c0 [ 126.834222][T11968] iomap_dio_rw+0x4e/0x70 [ 126.838557][T11968] ? ext4_file_write_iter+0x461/0x11f0 [ 126.844021][T11968] ext4_file_write_iter+0xaa9/0x11f0 [ 126.849302][T11968] ? ext4_file_write_iter+0x461/0x11f0 [ 126.854758][T11968] do_iter_readv_writev+0x2de/0x380 [ 126.859971][T11968] do_iter_write+0x192/0x5c0 [ 126.864555][T11968] ? splice_from_pipe_next+0x34f/0x3b0 [ 126.870015][T11968] ? kmalloc_array+0x2d/0x40 [ 126.874594][T11968] vfs_iter_write+0x4c/0x70 [ 126.879133][T11968] iter_file_splice_write+0x43a/0x790 [ 126.884551][T11968] ? splice_from_pipe+0xd0/0xd0 [ 126.889402][T11968] direct_splice_actor+0x80/0xa0 [ 126.894404][T11968] splice_direct_to_actor+0x345/0x650 [ 126.899785][T11968] ? do_splice_direct+0x190/0x190 [ 126.904804][T11968] do_splice_direct+0x106/0x190 [ 126.909641][T11968] do_sendfile+0x63e/0xbb0 [ 126.914050][T11968] __x64_sys_sendfile64+0x102/0x140 [ 126.919328][T11968] do_syscall_64+0x44/0xa0 [ 126.923762][T11968] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.929730][T11968] RIP: 0033:0x7fc9483818d9 [ 126.934177][T11968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.953784][T11968] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 126.962178][T11968] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 126.970136][T11968] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 00:06:40 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd987", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf4000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:40 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:40 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001001) 00:06:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 126.978090][T11968] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 126.986071][T11968] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 126.994160][T11968] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 127.017667][T11981] loop3: detected capacity change from 0 to 264192 00:06:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf6ffffff, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 127.026135][T11981] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 127.045334][T11980] loop5: detected capacity change from 0 to 264192 00:06:41 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfaf35861, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:41 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:41 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfdffffff, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 127.072848][T11980] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:41 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 42) 00:06:41 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001300) [ 127.193019][T12021] loop3: detected capacity change from 0 to 264192 [ 127.197670][T12018] loop5: detected capacity change from 0 to 264192 [ 127.210943][T12021] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 127.242868][T12027] FAULT_INJECTION: forcing a failure. [ 127.242868][T12027] name failslab, interval 1, probability 0, space 0, times 0 [ 127.255518][T12027] CPU: 0 PID: 12027 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 127.264274][T12027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.274324][T12027] Call Trace: [ 127.277618][T12027] dump_stack_lvl+0xd6/0x122 [ 127.282213][T12027] dump_stack+0x11/0x1b [ 127.286406][T12027] should_fail+0x23c/0x250 [ 127.290809][T12027] ? kcalloc+0x32/0x50 [ 127.294864][T12027] __should_failslab+0x81/0x90 [ 127.299723][T12027] should_failslab+0x5/0x20 [ 127.304237][T12027] __kmalloc+0x6f/0x350 [ 127.308388][T12027] ? check_preempt_wakeup+0x226/0x420 [ 127.313836][T12027] kcalloc+0x32/0x50 [ 127.317729][T12027] ext4_find_extent+0x21c/0x7f0 [ 127.322619][T12027] ? __queue_work+0x830/0xaa0 [ 127.327284][T12027] ext4_ext_map_blocks+0x115/0x1ff0 [ 127.332468][T12027] ? mod_delayed_work_on+0xa5/0xe0 [ 127.337625][T12027] ? ext4_es_lookup_extent+0x36b/0x490 [ 127.343070][T12027] ext4_map_blocks+0x71e/0xf00 [ 127.347924][T12027] ext4_iomap_begin+0x4b0/0x630 [ 127.352762][T12027] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 127.357988][T12027] iomap_iter+0x39c/0x470 [ 127.362307][T12027] __iomap_dio_rw+0x698/0x1010 [ 127.367067][T12027] iomap_dio_rw+0x30/0x70 [ 127.371399][T12027] ? ext4_file_write_iter+0x461/0x11f0 [ 127.376870][T12027] ext4_file_write_iter+0xaa9/0x11f0 [ 127.382221][T12027] ? ext4_file_write_iter+0x461/0x11f0 [ 127.387868][T12027] do_iter_readv_writev+0x2de/0x380 [ 127.393116][T12027] do_iter_write+0x192/0x5c0 [ 127.397779][T12027] vfs_iter_write+0x4c/0x70 [ 127.402266][T12027] iter_file_splice_write+0x43a/0x790 [ 127.407631][T12027] ? splice_from_pipe+0xd0/0xd0 [ 127.412465][T12027] direct_splice_actor+0x80/0xa0 [ 127.417385][T12027] splice_direct_to_actor+0x345/0x650 [ 127.422739][T12027] ? do_splice_direct+0x190/0x190 [ 127.427762][T12027] do_splice_direct+0x106/0x190 [ 127.432592][T12027] do_sendfile+0x63e/0xbb0 [ 127.437027][T12027] __x64_sys_sendfile64+0x102/0x140 [ 127.442207][T12027] do_syscall_64+0x44/0xa0 [ 127.446663][T12027] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.452553][T12027] RIP: 0033:0x7fc9483818d9 [ 127.456949][T12027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.476553][T12027] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 127.484957][T12027] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 127.492908][T12027] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 127.500952][T12027] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 127.508937][T12027] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 127.516920][T12027] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 127.628408][T12018] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:41 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd987", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:41 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfeff0000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c963e5cb6", 0xd, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:41 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 43) 00:06:41 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001500) 00:06:41 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:41 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfeffffff, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:41 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xff030000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 127.777623][T12058] loop5: detected capacity change from 0 to 264192 [ 127.779335][T12051] loop3: detected capacity change from 0 to 264192 [ 127.810223][T12058] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 12 [ 127.822438][T12062] FAULT_INJECTION: forcing a failure. [ 127.822438][T12062] name failslab, interval 1, probability 0, space 0, times 0 [ 127.835133][T12062] CPU: 1 PID: 12062 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 127.843899][T12062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.854040][T12062] Call Trace: [ 127.857306][T12062] dump_stack_lvl+0xd6/0x122 [ 127.861885][T12062] dump_stack+0x11/0x1b [ 127.866024][T12062] should_fail+0x23c/0x250 [ 127.870444][T12062] __should_failslab+0x81/0x90 [ 127.875220][T12062] ? __iomap_dio_rw+0x139/0x1010 [ 127.880140][T12062] should_failslab+0x5/0x20 [ 127.884626][T12062] kmem_cache_alloc_trace+0x52/0x320 [ 127.889968][T12062] __iomap_dio_rw+0x139/0x1010 [ 127.894802][T12062] ? __ext4_mark_inode_dirty+0x502/0x5c0 [ 127.900418][T12062] ? ext4_dirty_inode+0x58/0xa0 [ 127.905253][T12062] iomap_dio_rw+0x30/0x70 [ 127.909581][T12062] ? ext4_file_write_iter+0x461/0x11f0 [ 127.915042][T12062] ext4_file_write_iter+0xaa9/0x11f0 [ 127.920426][T12062] ? ext4_file_write_iter+0x461/0x11f0 [ 127.925874][T12062] do_iter_readv_writev+0x2de/0x380 [ 127.931089][T12062] do_iter_write+0x192/0x5c0 [ 127.935671][T12062] ? splice_from_pipe_next+0x34f/0x3b0 [ 127.941234][T12062] ? kmalloc_array+0x2d/0x40 [ 127.945880][T12062] vfs_iter_write+0x4c/0x70 [ 127.950390][T12062] iter_file_splice_write+0x43a/0x790 [ 127.955745][T12062] ? splice_from_pipe+0xd0/0xd0 [ 127.960576][T12062] direct_splice_actor+0x80/0xa0 [ 127.965496][T12062] splice_direct_to_actor+0x345/0x650 [ 127.970848][T12062] ? do_splice_direct+0x190/0x190 [ 127.975887][T12062] do_splice_direct+0x106/0x190 [ 127.980776][T12062] do_sendfile+0x63e/0xbb0 [ 127.985183][T12062] __x64_sys_sendfile64+0x102/0x140 [ 127.990369][T12062] do_syscall_64+0x44/0xa0 [ 127.994773][T12062] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.000653][T12062] RIP: 0033:0x7fc9483818d9 [ 128.005047][T12062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffff0000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 128.024734][T12062] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 128.033146][T12062] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 128.041131][T12062] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 128.049170][T12062] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.057126][T12062] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 128.065087][T12062] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffe00, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 128.107665][T12051] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 128.166487][T12091] loop5: detected capacity change from 0 to 264192 [ 128.206540][T12090] loop3: detected capacity change from 0 to 264192 [ 128.217533][T12090] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 128.239042][T12091] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:42 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff7f, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:42 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 44) 00:06:42 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001f00) 00:06:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff8c, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 128.431206][T12119] loop3: detected capacity change from 0 to 264192 [ 128.432685][T12120] loop5: detected capacity change from 0 to 264192 [ 128.451880][T12117] FAULT_INJECTION: forcing a failure. [ 128.451880][T12117] name failslab, interval 1, probability 0, space 0, times 0 [ 128.464548][T12117] CPU: 1 PID: 12117 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff97, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 128.473337][T12117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.483381][T12117] Call Trace: [ 128.486711][T12117] dump_stack_lvl+0xd6/0x122 [ 128.491305][T12117] dump_stack+0x11/0x1b [ 128.495462][T12117] should_fail+0x23c/0x250 [ 128.499940][T12117] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 128.505222][T12117] __should_failslab+0x81/0x90 [ 128.509988][T12117] should_failslab+0x5/0x20 [ 128.514526][T12117] kmem_cache_alloc+0x4f/0x300 [ 128.519426][T12117] ext4_mb_new_blocks+0x317/0x1fc0 [ 128.524528][T12117] ? ext4_find_extent+0x7b2/0x7f0 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffffda, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffff6, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 128.529546][T12117] ? ext4_ext_search_right+0x246/0x540 [ 128.534996][T12117] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 128.540277][T12117] ? ext4_es_lookup_extent+0x36b/0x490 [ 128.545845][T12117] ext4_map_blocks+0x71e/0xf00 [ 128.550608][T12117] ext4_iomap_begin+0x4b0/0x630 [ 128.555458][T12117] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 128.560647][T12117] iomap_iter+0x39c/0x470 [ 128.564977][T12117] __iomap_dio_rw+0x698/0x1010 [ 128.569748][T12117] iomap_dio_rw+0x30/0x70 [ 128.574089][T12117] ? ext4_file_write_iter+0x461/0x11f0 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffffd, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 128.579658][T12117] ext4_file_write_iter+0xaa9/0x11f0 [ 128.584941][T12117] ? ext4_file_write_iter+0x461/0x11f0 [ 128.590409][T12117] do_iter_readv_writev+0x2de/0x380 [ 128.595625][T12117] do_iter_write+0x192/0x5c0 [ 128.600210][T12117] ? splice_from_pipe_next+0x34f/0x3b0 [ 128.605657][T12117] ? kmalloc_array+0x2d/0x40 [ 128.610246][T12117] vfs_iter_write+0x4c/0x70 [ 128.614747][T12117] iter_file_splice_write+0x43a/0x790 [ 128.620138][T12117] ? splice_from_pipe+0xd0/0xd0 [ 128.625033][T12117] direct_splice_actor+0x80/0xa0 [ 128.629968][T12117] splice_direct_to_actor+0x345/0x650 [ 128.635332][T12117] ? do_splice_direct+0x190/0x190 [ 128.641480][T12117] do_splice_direct+0x106/0x190 [ 128.646332][T12117] do_sendfile+0x63e/0xbb0 [ 128.650824][T12117] __x64_sys_sendfile64+0x102/0x140 [ 128.656043][T12117] do_syscall_64+0x44/0xa0 [ 128.660601][T12117] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.666488][T12117] RIP: 0033:0x7fc9483818d9 [ 128.670911][T12117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.690498][T12117] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 128.698909][T12117] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 128.706869][T12117] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 128.714906][T12117] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.722899][T12117] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 128.730854][T12117] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 128.752999][T12119] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 128.824472][T12120] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 128.856383][T12170] loop3: detected capacity change from 0 to 264192 [ 128.874851][T12170] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:42 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffffe, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:42 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 45) 00:06:42 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80002000) 00:06:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:42 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 129.009580][T12188] loop3: detected capacity change from 0 to 264192 [ 129.018345][T12192] loop5: detected capacity change from 0 to 264192 [ 129.035435][T12188] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 129.048168][T12192] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 129.070745][T12195] FAULT_INJECTION: forcing a failure. [ 129.070745][T12195] name failslab, interval 1, probability 0, space 0, times 0 [ 129.083416][T12195] CPU: 1 PID: 12195 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 129.092257][T12195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.102305][T12195] Call Trace: [ 129.105681][T12195] dump_stack_lvl+0xd6/0x122 [ 129.110287][T12195] dump_stack+0x11/0x1b [ 129.114443][T12195] should_fail+0x23c/0x250 [ 129.118855][T12195] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 129.124124][T12195] __should_failslab+0x81/0x90 [ 129.128875][T12195] should_failslab+0x5/0x20 [ 129.133374][T12195] kmem_cache_alloc+0x4f/0x300 [ 129.138212][T12195] ext4_mb_new_blocks+0x317/0x1fc0 [ 129.143344][T12195] ? ext4_find_extent+0x7b2/0x7f0 [ 129.148367][T12195] ? ext4_ext_search_right+0x246/0x540 [ 129.153810][T12195] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 129.159081][T12195] ? ext4_es_lookup_extent+0x36b/0x490 [ 129.164613][T12195] ext4_map_blocks+0x71e/0xf00 [ 129.169409][T12195] ext4_iomap_begin+0x4b0/0x630 [ 129.174248][T12195] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 129.179509][T12195] iomap_iter+0x39c/0x470 [ 129.183829][T12195] __iomap_dio_rw+0x698/0x1010 [ 129.188585][T12195] iomap_dio_rw+0x30/0x70 [ 129.193072][T12195] ? ext4_file_write_iter+0x461/0x11f0 [ 129.198514][T12195] ext4_file_write_iter+0xaa9/0x11f0 [ 129.203851][T12195] ? ext4_file_write_iter+0x461/0x11f0 [ 129.209303][T12195] do_iter_readv_writev+0x2de/0x380 [ 129.214490][T12195] do_iter_write+0x192/0x5c0 [ 129.219068][T12195] ? splice_from_pipe_next+0x34f/0x3b0 [ 129.224605][T12195] ? kmalloc_array+0x2d/0x40 [ 129.229192][T12195] vfs_iter_write+0x4c/0x70 [ 129.233730][T12195] iter_file_splice_write+0x43a/0x790 [ 129.239130][T12195] ? splice_from_pipe+0xd0/0xd0 [ 129.243967][T12195] direct_splice_actor+0x80/0xa0 [ 129.248885][T12195] splice_direct_to_actor+0x345/0x650 [ 129.254288][T12195] ? do_splice_direct+0x190/0x190 [ 129.259382][T12195] do_splice_direct+0x106/0x190 [ 129.264213][T12195] do_sendfile+0x63e/0xbb0 [ 129.268617][T12195] __x64_sys_sendfile64+0x102/0x140 [ 129.273800][T12195] do_syscall_64+0x44/0xa0 [ 129.278201][T12195] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.284214][T12195] RIP: 0033:0x7fc9483818d9 [ 129.288609][T12195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.308198][T12195] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 00:06:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:43 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x80000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 129.316593][T12195] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 129.324640][T12195] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 129.332810][T12195] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 129.340783][T12195] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 129.349058][T12195] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:43 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 46) 00:06:43 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x100000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 129.455384][T12228] loop3: detected capacity change from 0 to 264192 [ 129.464652][T12221] FAULT_INJECTION: forcing a failure. [ 129.464652][T12221] name failslab, interval 1, probability 0, space 0, times 0 [ 129.477295][T12221] CPU: 1 PID: 12221 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 129.486102][T12221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.496149][T12221] Call Trace: [ 129.499416][T12221] dump_stack_lvl+0xd6/0x122 [ 129.504001][T12221] dump_stack+0x11/0x1b [ 129.508153][T12221] should_fail+0x23c/0x250 [ 129.512573][T12221] ? ext4_mb_new_blocks+0x73f/0x1fc0 [ 129.517855][T12221] __should_failslab+0x81/0x90 [ 129.522685][T12221] should_failslab+0x5/0x20 [ 129.527186][T12221] kmem_cache_alloc+0x4f/0x300 [ 129.531948][T12221] ext4_mb_new_blocks+0x73f/0x1fc0 [ 129.537051][T12221] ? ext4_find_extent+0x7b2/0x7f0 [ 129.542103][T12221] ? ext4_ext_search_right+0x246/0x540 [ 129.547632][T12221] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 129.552902][T12221] ? ext4_es_lookup_extent+0x36b/0x490 [ 129.558386][T12221] ext4_map_blocks+0x71e/0xf00 [ 129.563138][T12221] ext4_iomap_begin+0x4b0/0x630 [ 129.567988][T12221] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 129.573176][T12221] iomap_iter+0x39c/0x470 [ 129.577495][T12221] __iomap_dio_rw+0x698/0x1010 [ 129.582245][T12221] iomap_dio_rw+0x30/0x70 [ 129.586638][T12221] ? ext4_file_write_iter+0x461/0x11f0 [ 129.592242][T12221] ext4_file_write_iter+0xaa9/0x11f0 [ 129.597511][T12221] ? ext4_file_write_iter+0x461/0x11f0 [ 129.602953][T12221] do_iter_readv_writev+0x2de/0x380 [ 129.608142][T12221] do_iter_write+0x192/0x5c0 [ 129.612745][T12221] ? splice_from_pipe_next+0x34f/0x3b0 [ 129.618184][T12221] ? kmalloc_array+0x2d/0x40 [ 129.622809][T12221] vfs_iter_write+0x4c/0x70 [ 129.627298][T12221] iter_file_splice_write+0x43a/0x790 [ 129.632678][T12221] ? splice_from_pipe+0xd0/0xd0 [ 129.637580][T12221] direct_splice_actor+0x80/0xa0 [ 129.642498][T12221] splice_direct_to_actor+0x345/0x650 [ 129.647942][T12221] ? do_splice_direct+0x190/0x190 [ 129.652948][T12221] do_splice_direct+0x106/0x190 [ 129.657841][T12221] do_sendfile+0x63e/0xbb0 [ 129.662244][T12221] __x64_sys_sendfile64+0x102/0x140 [ 129.667485][T12221] do_syscall_64+0x44/0xa0 [ 129.671909][T12221] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.677801][T12221] RIP: 0033:0x7fc9483818d9 [ 129.682207][T12221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.701881][T12221] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 129.710276][T12221] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 129.718230][T12221] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 129.726184][T12221] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 129.734148][T12221] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 129.742154][T12221] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 129.765404][T12209] loop5: detected capacity change from 0 to 264192 [ 129.776717][T12209] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 129.787550][T12228] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:43 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:43 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xedc000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:43 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 47) 00:06:43 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004000) 00:06:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {0x0, 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:43 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 129.934818][T12252] loop3: detected capacity change from 0 to 264192 [ 129.944351][T12252] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 129.967492][T12266] loop5: detected capacity change from 0 to 264192 00:06:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 129.996588][T12257] FAULT_INJECTION: forcing a failure. [ 129.996588][T12257] name failslab, interval 1, probability 0, space 0, times 0 [ 130.009401][T12257] CPU: 0 PID: 12257 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 130.018155][T12257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.028210][T12257] Call Trace: [ 130.031482][T12257] dump_stack_lvl+0xd6/0x122 [ 130.036071][T12257] dump_stack+0x11/0x1b [ 130.040219][T12257] should_fail+0x23c/0x250 00:06:44 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 130.044629][T12257] ? __es_insert_extent+0x51f/0xe70 [ 130.049869][T12257] __should_failslab+0x81/0x90 [ 130.054630][T12257] should_failslab+0x5/0x20 [ 130.056935][T12266] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 130.059129][T12257] kmem_cache_alloc+0x4f/0x300 [ 130.073838][T12257] __es_insert_extent+0x51f/0xe70 [ 130.078866][T12257] ext4_es_insert_extent+0x1cb/0x1950 [ 130.084235][T12257] ext4_map_blocks+0xa5d/0xf00 [ 130.089005][T12257] ext4_iomap_begin+0x4b0/0x630 [ 130.093858][T12257] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 130.099080][T12257] iomap_iter+0x39c/0x470 [ 130.103463][T12257] __iomap_dio_rw+0x698/0x1010 [ 130.108228][T12257] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 130.113864][T12257] iomap_dio_rw+0x30/0x70 [ 130.118246][T12257] ? ext4_file_write_iter+0x461/0x11f0 [ 130.123699][T12257] ext4_file_write_iter+0xaa9/0x11f0 [ 130.129032][T12257] ? ext4_file_write_iter+0x461/0x11f0 [ 130.134503][T12257] do_iter_readv_writev+0x2de/0x380 [ 130.139713][T12257] do_iter_write+0x192/0x5c0 [ 130.144328][T12257] ? splice_from_pipe_next+0x34f/0x3b0 [ 130.149791][T12257] ? kmalloc_array+0x2d/0x40 [ 130.154555][T12257] vfs_iter_write+0x4c/0x70 [ 130.159062][T12257] iter_file_splice_write+0x43a/0x790 [ 130.164551][T12257] ? splice_from_pipe+0xd0/0xd0 [ 130.169396][T12257] direct_splice_actor+0x80/0xa0 [ 130.174324][T12257] splice_direct_to_actor+0x345/0x650 [ 130.179690][T12257] ? do_splice_direct+0x190/0x190 [ 130.184714][T12257] do_splice_direct+0x106/0x190 [ 130.189681][T12257] do_sendfile+0x63e/0xbb0 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 130.194134][T12257] __x64_sys_sendfile64+0x102/0x140 [ 130.199332][T12257] do_syscall_64+0x44/0xa0 [ 130.203764][T12257] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.209706][T12257] RIP: 0033:0x7fc9483818d9 [ 130.214119][T12257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.233776][T12257] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xee000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 130.242183][T12257] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 130.250139][T12257] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 130.258098][T12257] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 130.266054][T12257] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 130.274007][T12257] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {0x0, 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 130.322418][T12292] loop3: detected capacity change from 0 to 264192 [ 130.352566][T12292] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 130.356379][T12303] loop5: detected capacity change from 0 to 264192 [ 130.422589][T12303] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:44 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67d", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfeffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:44 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 48) 00:06:44 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:44 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004600) 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x100000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {0x0, 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x200000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 130.606279][T12339] loop5: detected capacity change from 0 to 264192 [ 130.616212][T12339] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 130.616820][T12342] loop3: detected capacity change from 0 to 264192 [ 130.627507][T12334] FAULT_INJECTION: forcing a failure. [ 130.627507][T12334] name failslab, interval 1, probability 0, space 0, times 0 [ 130.645643][T12334] CPU: 1 PID: 12334 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x300000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 130.654402][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.664554][T12334] Call Trace: [ 130.668000][T12334] dump_stack_lvl+0xd6/0x122 [ 130.672605][T12334] dump_stack+0x11/0x1b [ 130.676940][T12334] should_fail+0x23c/0x250 [ 130.681419][T12334] ? mempool_alloc_slab+0x16/0x20 [ 130.686522][T12334] __should_failslab+0x81/0x90 [ 130.691298][T12334] should_failslab+0x5/0x20 [ 130.695802][T12334] kmem_cache_alloc+0x4f/0x300 [ 130.700568][T12334] ? ext4_fc_track_range+0x90/0x140 [ 130.705760][T12334] mempool_alloc_slab+0x16/0x20 [ 130.710612][T12334] ? mempool_free+0x130/0x130 [ 130.715285][T12334] mempool_alloc+0x9d/0x310 [ 130.719831][T12334] bio_alloc_bioset+0xcc/0x530 [ 130.724610][T12334] ? iov_iter_alignment+0x34b/0x370 [ 130.729961][T12334] iomap_dio_bio_iter+0x5c1/0xbc0 [ 130.734976][T12334] __iomap_dio_rw+0x8d8/0x1010 [ 130.739730][T12334] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 130.745386][T12334] iomap_dio_rw+0x30/0x70 [ 130.749752][T12334] ? ext4_file_write_iter+0x461/0x11f0 [ 130.755208][T12334] ext4_file_write_iter+0xaa9/0x11f0 [ 130.760959][T12334] ? ext4_file_write_iter+0x461/0x11f0 [ 130.766404][T12334] do_iter_readv_writev+0x2de/0x380 [ 130.771665][T12334] do_iter_write+0x192/0x5c0 [ 130.776342][T12334] ? splice_from_pipe_next+0x34f/0x3b0 [ 130.781789][T12334] ? kmalloc_array+0x2d/0x40 [ 130.786430][T12334] vfs_iter_write+0x4c/0x70 [ 130.790919][T12334] iter_file_splice_write+0x43a/0x790 [ 130.796274][T12334] ? splice_from_pipe+0xd0/0xd0 [ 130.801107][T12334] direct_splice_actor+0x80/0xa0 [ 130.806026][T12334] splice_direct_to_actor+0x345/0x650 [ 130.811385][T12334] ? do_splice_direct+0x190/0x190 [ 130.816396][T12334] do_splice_direct+0x106/0x190 [ 130.821314][T12334] do_sendfile+0x63e/0xbb0 [ 130.825737][T12334] __x64_sys_sendfile64+0x102/0x140 [ 130.830929][T12334] do_syscall_64+0x44/0xa0 [ 130.835405][T12334] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.841419][T12334] RIP: 0033:0x7fc9483818d9 [ 130.845819][T12334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.865490][T12334] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 130.873882][T12334] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 130.881834][T12334] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 130.889788][T12334] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 130.897745][T12334] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x400000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 130.905701][T12334] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:44 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x500000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 130.976932][T12342] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 130.987405][T12366] loop5: detected capacity change from 0 to 264192 [ 131.017851][T12366] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x600000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:45 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67d", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:45 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 49) 00:06:45 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004700) 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x700000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 131.245880][T12395] loop5: detected capacity change from 0 to 264192 [ 131.264703][T12395] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 131.265819][T12405] loop3: detected capacity change from 0 to 264192 [ 131.309213][T12396] FAULT_INJECTION: forcing a failure. [ 131.309213][T12396] name failslab, interval 1, probability 0, space 0, times 0 [ 131.321980][T12396] CPU: 1 PID: 12396 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 131.330741][T12396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.340798][T12396] Call Trace: [ 131.344075][T12396] dump_stack_lvl+0xd6/0x122 [ 131.348704][T12396] dump_stack+0x11/0x1b [ 131.352879][T12396] should_fail+0x23c/0x250 [ 131.357295][T12396] ? mempool_alloc_slab+0x16/0x20 [ 131.362318][T12396] __should_failslab+0x81/0x90 [ 131.367082][T12396] should_failslab+0x5/0x20 [ 131.371593][T12396] kmem_cache_alloc+0x4f/0x300 [ 131.376412][T12396] mempool_alloc_slab+0x16/0x20 [ 131.381261][T12396] ? mempool_free+0x130/0x130 [ 131.385444][T12405] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 131.385928][T12396] mempool_alloc+0x9d/0x310 [ 131.400427][T12396] ? __getblk_gfp+0x3f/0x590 [ 131.405018][T12396] bio_alloc_bioset+0xcc/0x530 [ 131.409778][T12396] ? __ext4_get_inode_loc+0x760/0x8c0 [ 131.415148][T12396] submit_bh_wbc+0x130/0x330 [ 131.419823][T12396] __sync_dirty_buffer+0x136/0x1e0 [ 131.424997][T12396] sync_dirty_buffer+0x16/0x20 [ 131.429839][T12396] ext4_write_inode+0x2ad/0x3c0 [ 131.434683][T12396] write_inode+0x89/0x180 [ 131.439150][T12396] __writeback_single_inode+0x2a2/0x440 [ 131.444696][T12396] writeback_single_inode+0x17b/0x3e0 [ 131.450063][T12396] sync_inode_metadata+0x57/0x80 [ 131.455129][T12396] ext4_sync_file+0x359/0x670 [ 131.459805][T12396] ? tsan.module_ctor+0x10/0x10 [ 131.464711][T12396] vfs_fsync_range+0x107/0x120 [ 131.469478][T12396] iomap_dio_complete+0x2d5/0x3c0 [ 131.474509][T12396] iomap_dio_rw+0x4e/0x70 [ 131.478847][T12396] ? ext4_file_write_iter+0x461/0x11f0 [ 131.484458][T12396] ext4_file_write_iter+0xaa9/0x11f0 [ 131.489790][T12396] ? ext4_file_write_iter+0x461/0x11f0 [ 131.495253][T12396] do_iter_readv_writev+0x2de/0x380 [ 131.500465][T12396] do_iter_write+0x192/0x5c0 [ 131.505049][T12396] ? splice_from_pipe_next+0x34f/0x3b0 [ 131.510506][T12396] ? kmalloc_array+0x2d/0x40 [ 131.515164][T12396] vfs_iter_write+0x4c/0x70 [ 131.519665][T12396] iter_file_splice_write+0x43a/0x790 [ 131.525036][T12396] ? splice_from_pipe+0xd0/0xd0 [ 131.530086][T12396] direct_splice_actor+0x80/0xa0 [ 131.535012][T12396] splice_direct_to_actor+0x345/0x650 [ 131.540377][T12396] ? do_splice_direct+0x190/0x190 [ 131.545399][T12396] do_splice_direct+0x106/0x190 [ 131.550265][T12396] do_sendfile+0x63e/0xbb0 [ 131.554708][T12396] __x64_sys_sendfile64+0x102/0x140 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x800000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 131.559907][T12396] do_syscall_64+0x44/0xa0 [ 131.564382][T12396] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.570358][T12396] RIP: 0033:0x7fc9483818d9 [ 131.574764][T12396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.594623][T12396] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 131.603039][T12396] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:45 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67d", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x900000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 131.611009][T12396] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 131.619064][T12396] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.627030][T12396] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 131.635014][T12396] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xa00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005", 0x7, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xb00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:45 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 50) 00:06:45 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004800) [ 131.770736][T12446] loop3: detected capacity change from 0 to 264192 [ 131.778019][T12452] loop5: detected capacity change from 0 to 264192 [ 131.797486][T12446] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xc00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 131.815394][T12452] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:45 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xe00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 131.860781][T12458] FAULT_INJECTION: forcing a failure. [ 131.860781][T12458] name failslab, interval 1, probability 0, space 0, times 0 [ 131.873429][T12458] CPU: 1 PID: 12458 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 131.882200][T12458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.892292][T12458] Call Trace: [ 131.895671][T12458] dump_stack_lvl+0xd6/0x122 [ 131.900270][T12458] dump_stack+0x11/0x1b [ 131.904426][T12458] should_fail+0x23c/0x250 [ 131.908840][T12458] ? kmalloc_array+0x2d/0x40 [ 131.913481][T12458] __should_failslab+0x81/0x90 [ 131.918248][T12458] should_failslab+0x5/0x20 [ 131.922748][T12458] __kmalloc+0x6f/0x350 [ 131.926903][T12458] kmalloc_array+0x2d/0x40 [ 131.931331][T12458] iter_file_splice_write+0xd5/0x790 [ 131.936613][T12458] ? atime_needs_update+0x2ba/0x390 [ 131.941875][T12458] ? touch_atime+0xe0/0x250 [ 131.946390][T12458] ? generic_file_splice_read+0x2a9/0x330 [ 131.952102][T12458] ? splice_from_pipe+0xd0/0xd0 [ 131.956975][T12458] direct_splice_actor+0x80/0xa0 [ 131.961909][T12458] splice_direct_to_actor+0x345/0x650 [ 131.967280][T12458] ? do_splice_direct+0x190/0x190 [ 131.972296][T12458] do_splice_direct+0x106/0x190 [ 131.977138][T12458] do_sendfile+0x63e/0xbb0 [ 131.981546][T12458] __x64_sys_sendfile64+0x102/0x140 [ 131.986758][T12458] do_syscall_64+0x44/0xa0 [ 131.991168][T12458] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.997058][T12458] RIP: 0033:0x7fc9483818d9 [ 132.001477][T12458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.021134][T12458] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 132.029533][T12458] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 132.037489][T12458] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 132.045445][T12458] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 132.053426][T12458] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:46 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 51) [ 132.061391][T12458] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 132.163380][T12495] FAULT_INJECTION: forcing a failure. [ 132.163380][T12495] name failslab, interval 1, probability 0, space 0, times 0 [ 132.176170][T12495] CPU: 0 PID: 12495 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 132.184927][T12495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.194978][T12495] Call Trace: [ 132.198250][T12495] dump_stack_lvl+0xd6/0x122 [ 132.202973][T12495] dump_stack+0x11/0x1b [ 132.207129][T12495] should_fail+0x23c/0x250 [ 132.211539][T12495] ? kmalloc_array+0x2d/0x40 [ 132.216134][T12495] __should_failslab+0x81/0x90 [ 132.220913][T12495] should_failslab+0x5/0x20 [ 132.225500][T12495] __kmalloc+0x6f/0x350 [ 132.229643][T12495] kmalloc_array+0x2d/0x40 [ 132.234065][T12495] iter_file_splice_write+0xd5/0x790 [ 132.239396][T12495] ? atime_needs_update+0x2ba/0x390 [ 132.244676][T12495] ? touch_atime+0xe0/0x250 [ 132.249174][T12495] ? generic_file_splice_read+0x2a9/0x330 [ 132.254885][T12495] ? splice_from_pipe+0xd0/0xd0 [ 132.259735][T12495] direct_splice_actor+0x80/0xa0 [ 132.264673][T12495] splice_direct_to_actor+0x345/0x650 [ 132.270046][T12495] ? do_splice_direct+0x190/0x190 [ 132.275059][T12495] do_splice_direct+0x106/0x190 [ 132.279894][T12495] do_sendfile+0x63e/0xbb0 [ 132.284298][T12495] __x64_sys_sendfile64+0x102/0x140 [ 132.289546][T12495] do_syscall_64+0x44/0xa0 [ 132.293975][T12495] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.299859][T12495] RIP: 0033:0x7fc9483818d9 [ 132.304258][T12495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.323909][T12495] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 132.332301][T12495] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 132.340259][T12495] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 132.348335][T12495] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 132.356304][T12495] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:46 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x0, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:46 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfffffffffffffff, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:46 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000", 0x5, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 132.364368][T12495] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 132.381373][T12499] loop3: detected capacity change from 0 to 264192 [ 132.397685][T12507] loop5: detected capacity change from 0 to 264192 00:06:46 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1000000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 132.411086][T12499] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 12 [ 132.421963][T12507] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:46 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1100000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:46 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:46 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004900) 00:06:46 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000", 0x5, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:46 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 52) 00:06:46 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1200000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:46 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 132.532099][T12532] loop3: detected capacity change from 0 to 264192 [ 132.553090][T12532] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 12 [ 132.617965][T12544] loop5: detected capacity change from 0 to 264192 [ 132.655882][T12544] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 132.672471][T12557] loop3: detected capacity change from 0 to 264192 [ 132.678141][T12552] FAULT_INJECTION: forcing a failure. [ 132.678141][T12552] name failslab, interval 1, probability 0, space 0, times 0 [ 132.691957][T12552] CPU: 1 PID: 12552 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 132.700729][T12552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.710788][T12552] Call Trace: [ 132.714083][T12552] dump_stack_lvl+0xd6/0x122 [ 132.718663][T12552] dump_stack+0x11/0x1b [ 132.722799][T12552] should_fail+0x23c/0x250 [ 132.727195][T12552] ? mempool_alloc_slab+0x16/0x20 [ 132.732252][T12552] __should_failslab+0x81/0x90 [ 132.737015][T12552] should_failslab+0x5/0x20 [ 132.741574][T12552] kmem_cache_alloc+0x4f/0x300 [ 132.746325][T12552] mempool_alloc_slab+0x16/0x20 [ 132.751185][T12552] ? mempool_free+0x130/0x130 [ 132.755849][T12552] mempool_alloc+0x9d/0x310 [ 132.760351][T12552] ? crypto_shash_update+0x13c/0x1a0 [ 132.765628][T12552] sg_pool_alloc+0x74/0x90 [ 132.770033][T12552] __sg_alloc_table+0xce/0x290 [ 132.774788][T12552] sg_alloc_table_chained+0xaf/0x140 [ 132.780061][T12552] ? sg_alloc_table_chained+0x140/0x140 [ 132.785592][T12552] scsi_alloc_sgtables+0x184/0x510 [ 132.790691][T12552] sd_init_command+0x952/0x1610 [ 132.795523][T12552] scsi_queue_rq+0x10cd/0x15a0 [ 132.800274][T12552] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 132.805849][T12552] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 132.811537][T12552] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 132.817852][T12552] ? rb_insert_color+0x2fa/0x310 [ 132.822784][T12552] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 132.828821][T12552] __blk_mq_run_hw_queue+0xbc/0x140 [ 132.834015][T12552] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 132.839884][T12552] blk_mq_run_hw_queue+0x22c/0x250 [ 132.845064][T12552] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 132.850949][T12552] blk_mq_flush_plug_list+0x302/0x3d0 [ 132.856437][T12552] blk_flush_plug_list+0x235/0x260 [ 132.861636][T12552] blk_finish_plug+0x44/0x60 [ 132.866245][T12552] __iomap_dio_rw+0xca7/0x1010 [ 132.871010][T12552] iomap_dio_rw+0x30/0x70 [ 132.875336][T12552] ? ext4_file_write_iter+0x461/0x11f0 [ 132.880816][T12552] ext4_file_write_iter+0xaa9/0x11f0 [ 132.886165][T12552] ? ext4_file_write_iter+0x461/0x11f0 [ 132.891608][T12552] do_iter_readv_writev+0x2de/0x380 [ 132.896800][T12552] do_iter_write+0x192/0x5c0 [ 132.901399][T12552] ? splice_from_pipe_next+0x34f/0x3b0 [ 132.906867][T12552] ? kmalloc_array+0x2d/0x40 [ 132.911479][T12552] vfs_iter_write+0x4c/0x70 [ 132.915965][T12552] iter_file_splice_write+0x43a/0x790 [ 132.921378][T12552] ? splice_from_pipe+0xd0/0xd0 [ 132.926254][T12552] direct_splice_actor+0x80/0xa0 [ 132.931185][T12552] splice_direct_to_actor+0x345/0x650 [ 132.936604][T12552] ? do_splice_direct+0x190/0x190 [ 132.941633][T12552] do_splice_direct+0x106/0x190 [ 132.946493][T12552] do_sendfile+0x63e/0xbb0 [ 132.951680][T12552] __x64_sys_sendfile64+0x102/0x140 [ 132.956865][T12552] do_syscall_64+0x44/0xa0 [ 132.961272][T12552] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.967153][T12552] RIP: 0033:0x7fc9483818d9 [ 132.971573][T12552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.991164][T12552] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 132.999558][T12552] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 133.007603][T12552] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 133.015579][T12552] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 133.023547][T12552] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 133.031627][T12552] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 133.042241][T12557] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:47 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x0, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x1400000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000", 0x5, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:47 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2000000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:47 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004a00) [ 133.156798][T12569] loop5: detected capacity change from 0 to 264192 [ 133.166963][T12569] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 133.185676][T12574] loop3: detected capacity change from 0 to 264192 00:06:47 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 53) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2010000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000000500", 0x8, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 133.234238][T12574] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 133.293392][T12594] FAULT_INJECTION: forcing a failure. [ 133.293392][T12594] name failslab, interval 1, probability 0, space 0, times 0 [ 133.306023][T12594] CPU: 1 PID: 12594 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 133.314788][T12594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.324916][T12594] Call Trace: [ 133.328186][T12594] dump_stack_lvl+0xd6/0x122 [ 133.332769][T12594] dump_stack+0x11/0x1b [ 133.336924][T12594] should_fail+0x23c/0x250 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2200000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 133.341330][T12594] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 133.346607][T12594] __should_failslab+0x81/0x90 [ 133.351364][T12594] should_failslab+0x5/0x20 [ 133.355858][T12594] kmem_cache_alloc+0x4f/0x300 [ 133.360613][T12594] ext4_mb_new_blocks+0x317/0x1fc0 [ 133.365723][T12594] ? ext4_find_extent+0x7b2/0x7f0 [ 133.370749][T12594] ? ext4_ext_search_right+0x246/0x540 [ 133.376203][T12594] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 133.381488][T12594] ? ext4_es_lookup_extent+0x36b/0x490 [ 133.387007][T12594] ext4_map_blocks+0x71e/0xf00 [ 133.391782][T12594] ext4_iomap_begin+0x4b0/0x630 [ 133.396653][T12594] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 133.401855][T12594] iomap_iter+0x39c/0x470 [ 133.406204][T12594] __iomap_dio_rw+0x698/0x1010 [ 133.410970][T12594] iomap_dio_rw+0x30/0x70 [ 133.415297][T12594] ? ext4_file_write_iter+0x461/0x11f0 [ 133.420805][T12594] ext4_file_write_iter+0xaa9/0x11f0 [ 133.426082][T12594] ? ext4_file_write_iter+0x461/0x11f0 [ 133.431668][T12594] do_iter_readv_writev+0x2de/0x380 [ 133.436887][T12594] do_iter_write+0x192/0x5c0 [ 133.441524][T12594] ? splice_from_pipe_next+0x34f/0x3b0 [ 133.446975][T12594] vfs_iter_write+0x4c/0x70 [ 133.451473][T12594] iter_file_splice_write+0x43a/0x790 [ 133.456833][T12594] ? splice_from_pipe+0xd0/0xd0 [ 133.461688][T12594] direct_splice_actor+0x80/0xa0 [ 133.466618][T12594] splice_direct_to_actor+0x345/0x650 [ 133.471983][T12594] ? do_splice_direct+0x190/0x190 [ 133.477000][T12594] do_splice_direct+0x106/0x190 [ 133.481849][T12594] do_sendfile+0x63e/0xbb0 [ 133.486268][T12594] __x64_sys_sendfile64+0x102/0x140 00:06:47 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x0, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2500000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 133.491484][T12594] do_syscall_64+0x44/0xa0 [ 133.495959][T12594] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.501852][T12594] RIP: 0033:0x7fc9483818d9 [ 133.506258][T12594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.525861][T12594] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 133.534264][T12594] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2a9c2bea00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 133.542270][T12594] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 133.550224][T12594] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 133.558193][T12594] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 133.566158][T12594] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:47 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 54) 00:06:47 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2d03000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2e03000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 133.623246][T12626] loop5: detected capacity change from 0 to 264192 [ 133.636627][T12626] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 133.651028][T12634] loop3: detected capacity change from 0 to 264192 [ 133.661127][T12634] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 133.699545][T12640] FAULT_INJECTION: forcing a failure. [ 133.699545][T12640] name failslab, interval 1, probability 0, space 0, times 0 [ 133.712196][T12640] CPU: 1 PID: 12640 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 133.720957][T12640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.731012][T12640] Call Trace: [ 133.734283][T12640] dump_stack_lvl+0xd6/0x122 [ 133.738879][T12640] dump_stack+0x11/0x1b [ 133.743029][T12640] should_fail+0x23c/0x250 [ 133.747503][T12640] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 133.752785][T12640] __should_failslab+0x81/0x90 [ 133.757550][T12640] should_failslab+0x5/0x20 [ 133.762133][T12640] kmem_cache_alloc+0x4f/0x300 [ 133.766895][T12640] ext4_mb_new_blocks+0x317/0x1fc0 [ 133.772001][T12640] ? ext4_find_extent+0x7b2/0x7f0 [ 133.777066][T12640] ? ext4_ext_search_right+0x246/0x540 [ 133.782512][T12640] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 133.787794][T12640] ? ext4_es_lookup_extent+0x36b/0x490 [ 133.793323][T12640] ext4_map_blocks+0x71e/0xf00 [ 133.798087][T12640] ext4_iomap_begin+0x4b0/0x630 [ 133.802998][T12640] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 133.808238][T12640] iomap_iter+0x39c/0x470 [ 133.812561][T12640] __iomap_dio_rw+0x698/0x1010 [ 133.817320][T12640] iomap_dio_rw+0x30/0x70 [ 133.821649][T12640] ? ext4_file_write_iter+0x461/0x11f0 [ 133.827133][T12640] ext4_file_write_iter+0xaa9/0x11f0 [ 133.832406][T12640] ? ext4_file_write_iter+0x461/0x11f0 [ 133.837862][T12640] do_iter_readv_writev+0x2de/0x380 [ 133.843058][T12640] do_iter_write+0x192/0x5c0 [ 133.847645][T12640] ? splice_from_pipe_next+0x34f/0x3b0 [ 133.853102][T12640] ? kmalloc_array+0x2d/0x40 [ 133.857697][T12640] vfs_iter_write+0x4c/0x70 [ 133.862278][T12640] iter_file_splice_write+0x43a/0x790 [ 133.867742][T12640] ? splice_from_pipe+0xd0/0xd0 [ 133.872627][T12640] direct_splice_actor+0x80/0xa0 [ 133.877561][T12640] splice_direct_to_actor+0x345/0x650 [ 133.882994][T12640] ? do_splice_direct+0x190/0x190 [ 133.888005][T12640] do_splice_direct+0x106/0x190 [ 133.892875][T12640] do_sendfile+0x63e/0xbb0 [ 133.897296][T12640] __x64_sys_sendfile64+0x102/0x140 [ 133.902487][T12640] do_syscall_64+0x44/0xa0 [ 133.906897][T12640] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.912811][T12640] RIP: 0033:0x7fc9483818d9 [ 133.917215][T12640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.936816][T12640] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 133.945230][T12640] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 133.953223][T12640] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 133.961243][T12640] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 133.969291][T12640] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 133.977260][T12640] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:47 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004b00) 00:06:47 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000000500", 0x8, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:47 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, 0x0) mlockall(0x1) mlockall(0x5) 00:06:47 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x2f03000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:47 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:47 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 55) 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3003000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 134.072552][T12673] loop5: detected capacity change from 0 to 264192 [ 134.085423][T12673] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 134.096585][T12683] loop3: detected capacity change from 0 to 264192 [ 134.110093][T12683] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 134.126734][T12675] FAULT_INJECTION: forcing a failure. [ 134.126734][T12675] name failslab, interval 1, probability 0, space 0, times 0 [ 134.141242][T12675] CPU: 1 PID: 12675 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 134.150002][T12675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.160100][T12675] Call Trace: [ 134.163372][T12675] dump_stack_lvl+0xd6/0x122 [ 134.167960][T12675] dump_stack+0x11/0x1b [ 134.172115][T12675] should_fail+0x23c/0x250 [ 134.176529][T12675] ? mempool_alloc_slab+0x16/0x20 [ 134.181556][T12675] __should_failslab+0x81/0x90 [ 134.186470][T12675] should_failslab+0x5/0x20 [ 134.190960][T12675] kmem_cache_alloc+0x4f/0x300 [ 134.195712][T12675] ? ext4_fc_track_range+0x90/0x140 [ 134.200909][T12675] mempool_alloc_slab+0x16/0x20 [ 134.205774][T12675] ? mempool_free+0x130/0x130 [ 134.210492][T12675] mempool_alloc+0x9d/0x310 [ 134.215251][T12675] bio_alloc_bioset+0xcc/0x530 [ 134.219996][T12675] ? iov_iter_alignment+0x34b/0x370 [ 134.225173][T12675] iomap_dio_bio_iter+0x5c1/0xbc0 [ 134.230187][T12675] __iomap_dio_rw+0x8d8/0x1010 [ 134.234938][T12675] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 134.240595][T12675] iomap_dio_rw+0x30/0x70 [ 134.244907][T12675] ? ext4_file_write_iter+0x461/0x11f0 [ 134.250367][T12675] ext4_file_write_iter+0xaa9/0x11f0 [ 134.255640][T12675] ? ext4_file_write_iter+0x461/0x11f0 [ 134.261162][T12675] do_iter_readv_writev+0x2de/0x380 [ 134.266789][T12675] do_iter_write+0x192/0x5c0 [ 134.271364][T12675] ? splice_from_pipe_next+0x34f/0x3b0 [ 134.276802][T12675] ? kmalloc_array+0x2d/0x40 [ 134.281376][T12675] vfs_iter_write+0x4c/0x70 [ 134.285863][T12675] iter_file_splice_write+0x43a/0x790 [ 134.291216][T12675] ? splice_from_pipe+0xd0/0xd0 [ 134.296047][T12675] direct_splice_actor+0x80/0xa0 [ 134.301058][T12675] splice_direct_to_actor+0x345/0x650 [ 134.306410][T12675] ? do_splice_direct+0x190/0x190 [ 134.311474][T12675] do_splice_direct+0x106/0x190 [ 134.316309][T12675] do_sendfile+0x63e/0xbb0 [ 134.320709][T12675] __x64_sys_sendfile64+0x102/0x140 [ 134.325892][T12675] do_syscall_64+0x44/0xa0 [ 134.330316][T12675] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.336201][T12675] RIP: 0033:0x7fc9483818d9 [ 134.340658][T12675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.360296][T12675] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 134.368686][T12675] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000000500", 0x8, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3103000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3203000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 134.376641][T12675] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 134.384589][T12675] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 134.392539][T12675] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 134.400498][T12675] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {0x0, 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 134.478657][T12708] loop3: detected capacity change from 0 to 264192 [ 134.488517][T12708] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 134.491492][T12712] loop5: detected capacity change from 0 to 264192 00:06:48 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004c00) 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3303000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 134.549929][T12712] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 134.571566][T12726] loop3: detected capacity change from 0 to 264192 [ 134.583921][T12726] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {0x0, 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:48 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, 0x0) mlockall(0x1) mlockall(0x5) 00:06:48 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 56) 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x3f00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:48 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:48 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004d00) 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x4000000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 134.843501][T12757] loop3: detected capacity change from 0 to 264192 [ 134.858646][T12756] FAULT_INJECTION: forcing a failure. [ 134.858646][T12756] name failslab, interval 1, probability 0, space 0, times 0 [ 134.862090][T12766] loop5: detected capacity change from 0 to 264192 [ 134.871328][T12756] CPU: 1 PID: 12756 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 134.871347][T12756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.871357][T12756] Call Trace: [ 134.900005][T12756] dump_stack_lvl+0xd6/0x122 [ 134.904669][T12756] dump_stack+0x11/0x1b [ 134.908907][T12756] should_fail+0x23c/0x250 [ 134.913315][T12756] ? kmalloc_array+0x2d/0x40 [ 134.917980][T12756] __should_failslab+0x81/0x90 [ 134.922763][T12756] should_failslab+0x5/0x20 [ 134.927332][T12756] __kmalloc+0x6f/0x350 [ 134.931470][T12756] kmalloc_array+0x2d/0x40 [ 134.935933][T12756] iter_file_splice_write+0xd5/0x790 [ 134.941200][T12756] ? atime_needs_update+0x2ba/0x390 [ 134.946378][T12756] ? touch_atime+0xe0/0x250 [ 134.950912][T12756] ? generic_file_splice_read+0x2a9/0x330 [ 134.956703][T12756] ? splice_from_pipe+0xd0/0xd0 [ 134.961611][T12756] direct_splice_actor+0x80/0xa0 [ 134.966540][T12756] splice_direct_to_actor+0x345/0x650 [ 134.972067][T12756] ? do_splice_direct+0x190/0x190 [ 134.977249][T12756] do_splice_direct+0x106/0x190 [ 134.982100][T12756] do_sendfile+0x63e/0xbb0 [ 134.986507][T12756] __x64_sys_sendfile64+0x102/0x140 [ 134.991753][T12756] do_syscall_64+0x44/0xa0 [ 134.996154][T12756] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.002032][T12756] RIP: 0033:0x7fc9483818d9 [ 135.006428][T12756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.026037][T12756] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 135.034433][T12756] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:48 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 135.042393][T12756] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 135.050358][T12756] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 135.058387][T12756] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 135.066339][T12756] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:49 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 57) 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x97ffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 135.092635][T12766] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xcc00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xcd00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 135.193599][T12787] FAULT_INJECTION: forcing a failure. [ 135.193599][T12787] name failslab, interval 1, probability 0, space 0, times 0 [ 135.206269][T12787] CPU: 1 PID: 12787 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 135.215028][T12787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.225074][T12787] Call Trace: [ 135.228350][T12787] dump_stack_lvl+0xd6/0x122 [ 135.229829][T12757] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 135.232966][T12787] dump_stack+0x11/0x1b [ 135.247120][T12787] should_fail+0x23c/0x250 [ 135.251542][T12787] ? mempool_alloc_slab+0x16/0x20 [ 135.256583][T12787] __should_failslab+0x81/0x90 [ 135.261413][T12787] should_failslab+0x5/0x20 [ 135.265942][T12787] kmem_cache_alloc+0x4f/0x300 [ 135.270697][T12787] mempool_alloc_slab+0x16/0x20 [ 135.275543][T12787] ? mempool_free+0x130/0x130 [ 135.280214][T12787] mempool_alloc+0x9d/0x310 [ 135.284766][T12787] ? __getblk_gfp+0x3f/0x590 [ 135.289365][T12787] bio_alloc_bioset+0xcc/0x530 [ 135.294120][T12787] ? __ext4_get_inode_loc+0x760/0x8c0 [ 135.299488][T12787] submit_bh_wbc+0x130/0x330 [ 135.304082][T12787] __sync_dirty_buffer+0x136/0x1e0 [ 135.309194][T12787] sync_dirty_buffer+0x16/0x20 [ 135.313950][T12787] ext4_write_inode+0x2ad/0x3c0 [ 135.318796][T12787] write_inode+0x89/0x180 [ 135.323121][T12787] __writeback_single_inode+0x2a2/0x440 [ 135.328703][T12787] writeback_single_inode+0x17b/0x3e0 [ 135.334093][T12787] sync_inode_metadata+0x57/0x80 [ 135.339031][T12787] ext4_sync_file+0x359/0x670 [ 135.343737][T12787] ? tsan.module_ctor+0x10/0x10 [ 135.348578][T12787] vfs_fsync_range+0x107/0x120 [ 135.353379][T12787] iomap_dio_complete+0x2d5/0x3c0 [ 135.358404][T12787] iomap_dio_rw+0x4e/0x70 [ 135.362730][T12787] ? ext4_file_write_iter+0x461/0x11f0 [ 135.368223][T12787] ext4_file_write_iter+0xaa9/0x11f0 [ 135.373502][T12787] ? ext4_file_write_iter+0x461/0x11f0 [ 135.378952][T12787] do_iter_readv_writev+0x2de/0x380 [ 135.384167][T12787] do_iter_write+0x192/0x5c0 [ 135.388858][T12787] ? splice_from_pipe_next+0x34f/0x3b0 [ 135.394316][T12787] ? kmalloc_array+0x2d/0x40 [ 135.398944][T12787] vfs_iter_write+0x4c/0x70 [ 135.403515][T12787] iter_file_splice_write+0x43a/0x790 [ 135.408885][T12787] ? splice_from_pipe+0xd0/0xd0 [ 135.413786][T12787] direct_splice_actor+0x80/0xa0 [ 135.418723][T12787] splice_direct_to_actor+0x345/0x650 [ 135.424087][T12787] ? do_splice_direct+0x190/0x190 [ 135.429110][T12787] do_splice_direct+0x106/0x190 [ 135.434020][T12787] do_sendfile+0x63e/0xbb0 [ 135.438439][T12787] __x64_sys_sendfile64+0x102/0x140 [ 135.443638][T12787] do_syscall_64+0x44/0xa0 [ 135.448049][T12787] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.454037][T12787] RIP: 0033:0x7fc9483818d9 [ 135.458436][T12787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.478119][T12787] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 135.486524][T12787] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:49 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {0x0, 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xce00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:49 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, 0x0) mlockall(0x1) mlockall(0x5) [ 135.494595][T12787] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 135.502554][T12787] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 135.510517][T12787] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 135.518491][T12787] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xcf00000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:49 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004e00) 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd000000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 135.606801][T12828] loop5: detected capacity change from 0 to 264192 [ 135.620922][T12835] loop3: detected capacity change from 0 to 264192 [ 135.642200][T12828] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:49 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 58) 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd100000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 135.680166][T12835] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:49 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xd200000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 135.769729][T12853] FAULT_INJECTION: forcing a failure. [ 135.769729][T12853] name failslab, interval 1, probability 0, space 0, times 0 [ 135.782375][T12853] CPU: 1 PID: 12853 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 135.791139][T12853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.801224][T12853] Call Trace: [ 135.804499][T12853] dump_stack_lvl+0xd6/0x122 [ 135.809145][T12853] dump_stack+0x11/0x1b [ 135.813299][T12853] should_fail+0x23c/0x250 00:06:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 135.817712][T12853] ? kmalloc_array+0x2d/0x40 [ 135.822304][T12853] __should_failslab+0x81/0x90 [ 135.827063][T12853] should_failslab+0x5/0x20 [ 135.831561][T12853] __kmalloc+0x6f/0x350 [ 135.835746][T12853] kmalloc_array+0x2d/0x40 [ 135.840272][T12853] iter_file_splice_write+0xd5/0x790 [ 135.845551][T12853] ? atime_needs_update+0x2ba/0x390 [ 135.850746][T12853] ? touch_atime+0xe0/0x250 [ 135.855248][T12853] ? generic_file_splice_read+0x2a9/0x330 [ 135.861000][T12853] ? splice_from_pipe+0xd0/0xd0 [ 135.865925][T12853] direct_splice_actor+0x80/0xa0 [ 135.870924][T12853] splice_direct_to_actor+0x345/0x650 [ 135.875998][T12871] loop5: detected capacity change from 0 to 264192 [ 135.876358][T12853] ? do_splice_direct+0x190/0x190 [ 135.887839][T12853] do_splice_direct+0x106/0x190 [ 135.892781][T12853] do_sendfile+0x63e/0xbb0 [ 135.897197][T12853] __x64_sys_sendfile64+0x102/0x140 [ 135.902388][T12853] do_syscall_64+0x44/0xa0 [ 135.906821][T12853] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.912706][T12853] RIP: 0033:0x7fc9483818d9 [ 135.917110][T12853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.936819][T12853] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 135.945246][T12853] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 135.953376][T12853] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 135.961399][T12853] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:06:49 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xdaffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:49 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004f00) 00:06:49 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 59) [ 135.969351][T12853] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 135.977306][T12853] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 136.002400][T12875] loop3: detected capacity change from 0 to 264192 [ 136.052364][T12875] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 136.081496][T12871] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 12 [ 136.124209][T12897] FAULT_INJECTION: forcing a failure. [ 136.124209][T12897] name failslab, interval 1, probability 0, space 0, times 0 [ 136.136876][T12897] CPU: 1 PID: 12897 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 136.145716][T12897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.155777][T12897] Call Trace: [ 136.159090][T12897] dump_stack_lvl+0xd6/0x122 [ 136.163715][T12897] dump_stack+0x11/0x1b [ 136.167967][T12897] should_fail+0x23c/0x250 [ 136.172377][T12897] ? kcalloc+0x32/0x50 [ 136.176445][T12897] __should_failslab+0x81/0x90 [ 136.181265][T12897] should_failslab+0x5/0x20 [ 136.185765][T12897] __kmalloc+0x6f/0x350 [ 136.189917][T12897] ? check_preempt_wakeup+0x226/0x420 [ 136.195386][T12897] kcalloc+0x32/0x50 [ 136.199284][T12897] ext4_find_extent+0x21c/0x7f0 [ 136.204137][T12897] ? __queue_work+0x830/0xaa0 [ 136.208815][T12897] ext4_ext_map_blocks+0x115/0x1ff0 [ 136.214024][T12897] ? mod_delayed_work_on+0xa5/0xe0 [ 136.219182][T12897] ? ext4_es_lookup_extent+0x36b/0x490 [ 136.224629][T12897] ext4_map_blocks+0x71e/0xf00 [ 136.229386][T12897] ? crypto_shash_update+0x13c/0x1a0 [ 136.234663][T12897] ext4_iomap_begin+0x4b0/0x630 [ 136.239507][T12897] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 136.244695][T12897] iomap_iter+0x39c/0x470 [ 136.249075][T12897] __iomap_dio_rw+0x698/0x1010 [ 136.253843][T12897] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 136.259503][T12897] iomap_dio_rw+0x30/0x70 [ 136.263870][T12897] ? ext4_file_write_iter+0x461/0x11f0 [ 136.269324][T12897] ext4_file_write_iter+0xaa9/0x11f0 00:06:50 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)) mlockall(0x1) mlockall(0x5) 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xe7ff010000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:50 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 136.274636][T12897] ? ext4_file_write_iter+0x461/0x11f0 [ 136.280090][T12897] do_iter_readv_writev+0x2de/0x380 [ 136.285297][T12897] do_iter_write+0x192/0x5c0 [ 136.289884][T12897] ? splice_from_pipe_next+0x34f/0x3b0 [ 136.295362][T12897] ? kmalloc_array+0x2d/0x40 [ 136.300024][T12897] vfs_iter_write+0x4c/0x70 [ 136.304535][T12897] iter_file_splice_write+0x43a/0x790 [ 136.309905][T12897] ? splice_from_pipe+0xd0/0xd0 [ 136.314749][T12897] direct_splice_actor+0x80/0xa0 [ 136.319683][T12897] splice_direct_to_actor+0x345/0x650 [ 136.325138][T12897] ? do_splice_direct+0x190/0x190 [ 136.330149][T12897] do_splice_direct+0x106/0x190 [ 136.334994][T12897] do_sendfile+0x63e/0xbb0 [ 136.339408][T12897] __x64_sys_sendfile64+0x102/0x140 [ 136.344965][T12897] do_syscall_64+0x44/0xa0 [ 136.349386][T12897] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.355308][T12897] RIP: 0033:0x7fc9483818d9 [ 136.359717][T12897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.379325][T12897] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 136.387791][T12897] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 136.395753][T12897] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 136.403753][T12897] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 136.411725][T12897] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf400000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:50 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 60) [ 136.420032][T12897] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 136.440337][T12910] loop3: detected capacity change from 0 to 264192 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 136.492209][T12910] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfaf3586100000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 136.541832][T12934] loop5: detected capacity change from 0 to 264192 [ 136.553538][T12934] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfdffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 136.583107][T12928] FAULT_INJECTION: forcing a failure. [ 136.583107][T12928] name failslab, interval 1, probability 0, space 0, times 0 [ 136.595757][T12928] CPU: 1 PID: 12928 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 136.604520][T12928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.614749][T12928] Call Trace: [ 136.618027][T12928] dump_stack_lvl+0xd6/0x122 [ 136.622693][T12928] dump_stack+0x11/0x1b [ 136.626856][T12928] should_fail+0x23c/0x250 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfeff000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 136.631299][T12928] __should_failslab+0x81/0x90 [ 136.636064][T12928] ? __iomap_dio_rw+0x139/0x1010 [ 136.641085][T12928] should_failslab+0x5/0x20 [ 136.645631][T12928] kmem_cache_alloc_trace+0x52/0x320 [ 136.650914][T12928] ? __getblk_gfp+0x3f/0x590 [ 136.655507][T12928] __iomap_dio_rw+0x139/0x1010 [ 136.660270][T12928] ? __brelse+0x2c/0x50 [ 136.664428][T12928] ? ext4_mark_iloc_dirty+0x161a/0x1700 [ 136.670036][T12928] iomap_dio_rw+0x30/0x70 [ 136.674366][T12928] ? ext4_file_write_iter+0x461/0x11f0 [ 136.679830][T12928] ext4_file_write_iter+0xaa9/0x11f0 [ 136.685113][T12928] ? ext4_file_write_iter+0x461/0x11f0 [ 136.690568][T12928] do_iter_readv_writev+0x2de/0x380 [ 136.695765][T12928] do_iter_write+0x192/0x5c0 [ 136.700351][T12928] ? splice_from_pipe_next+0x34f/0x3b0 [ 136.705880][T12928] ? kmalloc_array+0x2d/0x40 [ 136.710578][T12928] vfs_iter_write+0x4c/0x70 [ 136.715083][T12928] iter_file_splice_write+0x43a/0x790 [ 136.720516][T12928] ? splice_from_pipe+0xd0/0xd0 [ 136.725412][T12928] direct_splice_actor+0x80/0xa0 [ 136.730381][T12928] splice_direct_to_actor+0x345/0x650 [ 136.735784][T12928] ? do_splice_direct+0x190/0x190 [ 136.740963][T12928] do_splice_direct+0x106/0x190 [ 136.745808][T12928] do_sendfile+0x63e/0xbb0 [ 136.750220][T12928] __x64_sys_sendfile64+0x102/0x140 [ 136.755406][T12928] do_syscall_64+0x44/0xa0 [ 136.759810][T12928] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.765757][T12928] RIP: 0033:0x7fc9483818d9 [ 136.770153][T12928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.789802][T12928] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 136.798256][T12928] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 136.806285][T12928] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 136.814289][T12928] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 136.822242][T12928] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:50 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005000) 00:06:50 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 136.830249][T12928] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:50 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)) mlockall(0x1) mlockall(0x5) 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xfeffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:50 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080), 0x0, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:50 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 61) 00:06:50 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xff03000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 136.946569][T12969] loop5: detected capacity change from 0 to 264192 [ 136.968183][T12974] loop3: detected capacity change from 0 to 264192 [ 136.982397][T12969] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 136.987217][T12978] FAULT_INJECTION: forcing a failure. [ 136.987217][T12978] name failslab, interval 1, probability 0, space 0, times 0 [ 137.005069][T12978] CPU: 1 PID: 12978 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 137.013934][T12978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.023992][T12978] Call Trace: [ 137.027264][T12978] dump_stack_lvl+0xd6/0x122 [ 137.031853][T12978] dump_stack+0x11/0x1b [ 137.036001][T12978] should_fail+0x23c/0x250 [ 137.040406][T12978] ? mempool_alloc_slab+0x16/0x20 [ 137.045688][T12978] __should_failslab+0x81/0x90 [ 137.050441][T12978] should_failslab+0x5/0x20 [ 137.054932][T12978] kmem_cache_alloc+0x4f/0x300 [ 137.059681][T12978] mempool_alloc_slab+0x16/0x20 [ 137.064531][T12978] ? mempool_free+0x130/0x130 [ 137.069257][T12978] mempool_alloc+0x9d/0x310 [ 137.073814][T12978] ? crypto_shash_update+0x13c/0x1a0 [ 137.079088][T12978] sg_pool_alloc+0x74/0x90 [ 137.083503][T12978] __sg_alloc_table+0xce/0x290 [ 137.088265][T12978] sg_alloc_table_chained+0xaf/0x140 [ 137.093598][T12978] ? sg_alloc_table_chained+0x140/0x140 [ 137.099208][T12978] scsi_alloc_sgtables+0x184/0x510 [ 137.104323][T12978] sd_init_command+0x952/0x1610 [ 137.109230][T12978] scsi_queue_rq+0x10cd/0x15a0 [ 137.114041][T12978] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 137.119574][T12978] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 137.125127][T12978] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 137.131365][T12978] ? rb_insert_color+0x2fa/0x310 [ 137.136312][T12978] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 137.142285][T12978] __blk_mq_run_hw_queue+0xbc/0x140 [ 137.147510][T12978] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 137.153578][T12978] blk_mq_run_hw_queue+0x22c/0x250 [ 137.158766][T12978] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 137.164651][T12978] blk_mq_flush_plug_list+0x302/0x3d0 [ 137.170014][T12978] blk_flush_plug_list+0x235/0x260 [ 137.175114][T12978] blk_finish_plug+0x44/0x60 [ 137.179693][T12978] __iomap_dio_rw+0xca7/0x1010 [ 137.184445][T12978] iomap_dio_rw+0x30/0x70 [ 137.188772][T12978] ? ext4_file_write_iter+0x461/0x11f0 [ 137.194215][T12978] ext4_file_write_iter+0xaa9/0x11f0 [ 137.199486][T12978] ? ext4_file_write_iter+0x461/0x11f0 [ 137.205015][T12978] do_iter_readv_writev+0x2de/0x380 [ 137.210207][T12978] do_iter_write+0x192/0x5c0 [ 137.214927][T12978] ? splice_from_pipe_next+0x34f/0x3b0 [ 137.220367][T12978] ? kmalloc_array+0x2d/0x40 [ 137.224951][T12978] vfs_iter_write+0x4c/0x70 [ 137.229439][T12978] iter_file_splice_write+0x43a/0x790 [ 137.234808][T12978] ? splice_from_pipe+0xd0/0xd0 [ 137.239638][T12978] direct_splice_actor+0x80/0xa0 [ 137.244567][T12978] splice_direct_to_actor+0x345/0x650 [ 137.249962][T12978] ? do_splice_direct+0x190/0x190 [ 137.254968][T12978] do_splice_direct+0x106/0x190 [ 137.259878][T12978] do_sendfile+0x63e/0xbb0 [ 137.264282][T12978] __x64_sys_sendfile64+0x102/0x140 [ 137.269476][T12978] do_syscall_64+0x44/0xa0 [ 137.273915][T12978] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.279858][T12978] RIP: 0033:0x7fc9483818d9 [ 137.284255][T12978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.303867][T12978] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 137.312314][T12978] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 137.320373][T12978] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 137.328325][T12978] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 137.336354][T12978] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 137.344312][T12978] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:51 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffff000000000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:51 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 137.404674][T12974] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:51 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005100) 00:06:51 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffffff00000000, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 137.483180][T13006] loop5: detected capacity change from 0 to 264192 00:06:51 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0xffffffffffffff0f, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000", 0x5, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 137.554589][T13006] EXT4-fs warning (device loop5): read_mmp_block:107: Error -117 while reading MMP block 0 [ 137.604514][T13032] loop3: detected capacity change from 0 to 264192 [ 137.645533][T13032] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:51 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)) mlockall(0x1) mlockall(0x5) 00:06:51 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:51 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005200) 00:06:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000", 0x5, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:51 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 62) 00:06:51 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 137.801961][T13054] loop3: detected capacity change from 0 to 264192 [ 137.806023][T13055] loop5: detected capacity change from 0 to 264192 [ 137.847537][T13060] FAULT_INJECTION: forcing a failure. [ 137.847537][T13060] name failslab, interval 1, probability 0, space 0, times 0 [ 137.860174][T13060] CPU: 1 PID: 13060 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 137.868993][T13060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.873781][T13055] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 137.879110][T13060] Call Trace: [ 137.879120][T13060] dump_stack_lvl+0xd6/0x122 [ 137.879144][T13060] dump_stack+0x11/0x1b [ 137.897666][T13060] should_fail+0x23c/0x250 [ 137.902081][T13060] ? mempool_alloc_slab+0x16/0x20 [ 137.907105][T13060] __should_failslab+0x81/0x90 [ 137.911887][T13060] should_failslab+0x5/0x20 [ 137.916404][T13060] kmem_cache_alloc+0x4f/0x300 [ 137.921207][T13060] mempool_alloc_slab+0x16/0x20 [ 137.926055][T13060] ? mempool_free+0x130/0x130 [ 137.929744][T13054] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 137.930726][T13060] mempool_alloc+0x9d/0x310 [ 137.930747][T13060] ? crypto_shash_update+0x13c/0x1a0 [ 137.950534][T13060] sg_pool_alloc+0x74/0x90 [ 137.955079][T13060] __sg_alloc_table+0xce/0x290 [ 137.959902][T13060] sg_alloc_table_chained+0xaf/0x140 [ 137.965217][T13060] ? sg_alloc_table_chained+0x140/0x140 [ 137.970783][T13060] scsi_alloc_sgtables+0x184/0x510 [ 137.975902][T13060] sd_init_command+0x952/0x1610 [ 137.980741][T13060] scsi_queue_rq+0x10cd/0x15a0 [ 137.985510][T13060] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 137.991053][T13060] blk_mq_do_dispatch_sched+0x3b5/0x640 00:06:51 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000", 0x5, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 137.996595][T13060] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 138.002844][T13060] ? rb_insert_color+0x2fa/0x310 [ 138.007893][T13060] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 138.013872][T13060] __blk_mq_run_hw_queue+0xbc/0x140 [ 138.019088][T13060] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 138.024900][T13060] blk_mq_run_hw_queue+0x22c/0x250 [ 138.030010][T13060] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 138.035898][T13060] blk_mq_flush_plug_list+0x302/0x3d0 [ 138.041284][T13060] blk_flush_plug_list+0x235/0x260 [ 138.046399][T13060] blk_finish_plug+0x44/0x60 [ 138.051012][T13060] __iomap_dio_rw+0xca7/0x1010 [ 138.055794][T13060] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 138.061494][T13060] iomap_dio_rw+0x30/0x70 [ 138.065919][T13060] ? ext4_file_write_iter+0x461/0x11f0 [ 138.071369][T13060] ext4_file_write_iter+0xaa9/0x11f0 [ 138.076644][T13060] ? ext4_file_write_iter+0x461/0x11f0 [ 138.082322][T13060] do_iter_readv_writev+0x2de/0x380 [ 138.087522][T13060] do_iter_write+0x192/0x5c0 [ 138.092164][T13060] ? splice_from_pipe_next+0x34f/0x3b0 [ 138.097648][T13060] ? kmalloc_array+0x2d/0x40 [ 138.102245][T13060] vfs_iter_write+0x4c/0x70 [ 138.106778][T13060] iter_file_splice_write+0x43a/0x790 [ 138.112224][T13060] ? splice_from_pipe+0xd0/0xd0 [ 138.117056][T13060] direct_splice_actor+0x80/0xa0 [ 138.121981][T13060] splice_direct_to_actor+0x345/0x650 [ 138.127348][T13060] ? do_splice_direct+0x190/0x190 [ 138.132434][T13060] do_splice_direct+0x106/0x190 [ 138.137290][T13060] do_sendfile+0x63e/0xbb0 [ 138.141799][T13060] __x64_sys_sendfile64+0x102/0x140 [ 138.147088][T13060] do_syscall_64+0x44/0xa0 [ 138.151806][T13060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.157711][T13060] RIP: 0033:0x7fc9483818d9 [ 138.162112][T13060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.181910][T13060] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 138.190313][T13060] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:52 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x4, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 138.198267][T13060] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 138.206221][T13060] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 138.214181][T13060] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 138.222259][T13060] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:52 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x5, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000000500", 0x8, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 138.285293][T13078] loop3: detected capacity change from 0 to 264192 [ 138.298558][T13078] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 138.309180][T13094] loop5: detected capacity change from 0 to 264192 [ 138.327679][T13094] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 138.410353][T13104] loop3: detected capacity change from 0 to 264192 00:06:52 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x0) mlockall(0x5) 00:06:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:52 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 63) 00:06:52 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x6, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:52 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005300) [ 138.453503][T13104] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000000500", 0x8, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:52 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x7, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 138.501770][T13126] loop5: detected capacity change from 0 to 264192 [ 138.513759][T13126] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 00:06:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="0100000000000500", 0x8, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 138.546168][T13141] loop3: detected capacity change from 0 to 264192 [ 138.560820][T13141] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 138.569847][T13128] FAULT_INJECTION: forcing a failure. [ 138.569847][T13128] name failslab, interval 1, probability 0, space 0, times 0 [ 138.583428][T13128] CPU: 1 PID: 13128 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 138.592185][T13128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.602237][T13128] Call Trace: [ 138.605510][T13128] dump_stack_lvl+0xd6/0x122 [ 138.610188][T13128] dump_stack+0x11/0x1b [ 138.614386][T13128] should_fail+0x23c/0x250 [ 138.618873][T13128] ? mempool_alloc_slab+0x16/0x20 [ 138.623879][T13128] __should_failslab+0x81/0x90 [ 138.628675][T13128] should_failslab+0x5/0x20 [ 138.633195][T13128] kmem_cache_alloc+0x4f/0x300 [ 138.637942][T13128] mempool_alloc_slab+0x16/0x20 [ 138.642786][T13128] ? mempool_free+0x130/0x130 [ 138.647484][T13128] mempool_alloc+0x9d/0x310 [ 138.651969][T13128] ? __getblk_gfp+0x3f/0x590 [ 138.656618][T13128] bio_alloc_bioset+0xcc/0x530 [ 138.661412][T13128] ? __ext4_get_inode_loc+0x760/0x8c0 [ 138.666808][T13128] submit_bh_wbc+0x130/0x330 [ 138.671397][T13128] __sync_dirty_buffer+0x136/0x1e0 [ 138.676580][T13128] sync_dirty_buffer+0x16/0x20 [ 138.681326][T13128] ext4_write_inode+0x2ad/0x3c0 [ 138.686242][T13128] write_inode+0x89/0x180 [ 138.690559][T13128] __writeback_single_inode+0x2a2/0x440 [ 138.696104][T13128] writeback_single_inode+0x17b/0x3e0 [ 138.701462][T13128] sync_inode_metadata+0x57/0x80 [ 138.706398][T13128] ext4_sync_file+0x359/0x670 [ 138.711060][T13128] ? tsan.module_ctor+0x10/0x10 [ 138.715943][T13128] vfs_fsync_range+0x107/0x120 [ 138.720698][T13128] iomap_dio_complete+0x2d5/0x3c0 [ 138.725771][T13128] iomap_dio_rw+0x4e/0x70 [ 138.730089][T13128] ? ext4_file_write_iter+0x461/0x11f0 [ 138.735544][T13128] ext4_file_write_iter+0xaa9/0x11f0 [ 138.740938][T13128] ? ext4_file_write_iter+0x461/0x11f0 [ 138.746393][T13128] do_iter_readv_writev+0x2de/0x380 [ 138.751582][T13128] do_iter_write+0x192/0x5c0 [ 138.756158][T13128] ? splice_from_pipe_next+0x34f/0x3b0 [ 138.761617][T13128] ? kmalloc_array+0x2d/0x40 [ 138.766193][T13128] vfs_iter_write+0x4c/0x70 [ 138.770684][T13128] iter_file_splice_write+0x43a/0x790 [ 138.776041][T13128] ? splice_from_pipe+0xd0/0xd0 [ 138.780874][T13128] direct_splice_actor+0x80/0xa0 [ 138.785794][T13128] splice_direct_to_actor+0x345/0x650 [ 138.791227][T13128] ? do_splice_direct+0x190/0x190 [ 138.796234][T13128] do_splice_direct+0x106/0x190 [ 138.801069][T13128] do_sendfile+0x63e/0xbb0 [ 138.805477][T13128] __x64_sys_sendfile64+0x102/0x140 [ 138.810686][T13128] do_syscall_64+0x44/0xa0 [ 138.815130][T13128] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.821046][T13128] RIP: 0033:0x7fc9483818d9 [ 138.825446][T13128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:06:52 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x8, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 138.845113][T13128] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 138.853561][T13128] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 138.861630][T13128] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 138.869595][T13128] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 138.877568][T13128] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 138.885521][T13128] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:52 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x9, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:52 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:52 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:52 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x0) mlockall(0x5) 00:06:52 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005400) [ 138.987376][T13170] loop3: detected capacity change from 0 to 264192 [ 139.004357][T13170] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:53 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 64) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xa, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:53 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xb, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 139.081570][T13193] loop5: detected capacity change from 0 to 264192 [ 139.120575][T13203] loop3: detected capacity change from 0 to 264192 00:06:53 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x0) mlockall(0x5) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xc, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 139.156600][T13203] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 12 [ 139.173011][T13193] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 139.203755][T13212] FAULT_INJECTION: forcing a failure. [ 139.203755][T13212] name failslab, interval 1, probability 0, space 0, times 0 [ 139.216417][T13212] CPU: 0 PID: 13212 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 139.225175][T13212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.235226][T13212] Call Trace: [ 139.238492][T13212] dump_stack_lvl+0xd6/0x122 [ 139.243092][T13212] dump_stack+0x11/0x1b [ 139.247229][T13212] should_fail+0x23c/0x250 [ 139.251705][T13212] ? kmalloc_array+0x2d/0x40 [ 139.256283][T13212] __should_failslab+0x81/0x90 [ 139.261205][T13212] should_failslab+0x5/0x20 [ 139.265766][T13212] __kmalloc+0x6f/0x350 [ 139.269951][T13212] kmalloc_array+0x2d/0x40 [ 139.274418][T13212] iter_file_splice_write+0xd5/0x790 [ 139.279681][T13212] ? atime_needs_update+0x2ba/0x390 [ 139.284875][T13212] ? touch_atime+0xe0/0x250 [ 139.289358][T13212] ? generic_file_splice_read+0x2a9/0x330 [ 139.295124][T13212] ? splice_from_pipe+0xd0/0xd0 [ 139.299954][T13212] direct_splice_actor+0x80/0xa0 [ 139.304872][T13212] splice_direct_to_actor+0x345/0x650 [ 139.310223][T13212] ? do_splice_direct+0x190/0x190 [ 139.315261][T13212] do_splice_direct+0x106/0x190 [ 139.320104][T13212] do_sendfile+0x63e/0xbb0 [ 139.324518][T13212] __x64_sys_sendfile64+0x102/0x140 [ 139.329705][T13212] do_syscall_64+0x44/0xa0 [ 139.334130][T13212] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.340068][T13212] RIP: 0033:0x7fc9483818d9 [ 139.344466][T13212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.364058][T13212] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 139.372449][T13212] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 139.380477][T13212] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 139.388439][T13212] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 139.396388][T13212] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:53 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c", 0x9, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:53 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005500) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:53 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 139.404346][T13212] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:53 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 65) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xe, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x10, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 139.475190][T13236] loop3: detected capacity change from 0 to 264192 [ 139.490867][T13236] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 12 00:06:53 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x0) [ 139.538488][T13255] FAULT_INJECTION: forcing a failure. [ 139.538488][T13255] name failslab, interval 1, probability 0, space 0, times 0 [ 139.551124][T13255] CPU: 1 PID: 13255 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 139.559949][T13255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.569996][T13255] Call Trace: [ 139.573266][T13255] dump_stack_lvl+0xd6/0x122 [ 139.577854][T13255] dump_stack+0x11/0x1b [ 139.582155][T13255] should_fail+0x23c/0x250 00:06:53 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 139.586566][T13255] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 139.591849][T13255] __should_failslab+0x81/0x90 [ 139.596613][T13255] should_failslab+0x5/0x20 [ 139.601176][T13255] kmem_cache_alloc+0x4f/0x300 [ 139.605978][T13255] ext4_mb_new_blocks+0x317/0x1fc0 [ 139.611139][T13255] ? ext4_find_extent+0x7b2/0x7f0 [ 139.616164][T13255] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 139.621444][T13255] ? ext4_es_lookup_extent+0x36b/0x490 [ 139.626896][T13255] ext4_map_blocks+0x71e/0xf00 [ 139.631724][T13255] ? crypto_shash_update+0x13c/0x1a0 [ 139.637024][T13255] ext4_iomap_begin+0x4b0/0x630 [ 139.641874][T13255] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 139.647180][T13255] iomap_iter+0x39c/0x470 [ 139.651684][T13255] __iomap_dio_rw+0x698/0x1010 [ 139.656451][T13255] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 139.662164][T13255] iomap_dio_rw+0x30/0x70 [ 139.666488][T13255] ? ext4_file_write_iter+0x461/0x11f0 [ 139.671937][T13255] ext4_file_write_iter+0xaa9/0x11f0 [ 139.677278][T13255] ? ext4_file_write_iter+0x461/0x11f0 [ 139.682736][T13255] do_iter_readv_writev+0x2de/0x380 [ 139.687927][T13255] do_iter_write+0x192/0x5c0 [ 139.692516][T13255] ? splice_from_pipe_next+0x34f/0x3b0 [ 139.698002][T13255] ? kmalloc_array+0x2d/0x40 [ 139.702594][T13255] vfs_iter_write+0x4c/0x70 [ 139.707088][T13255] iter_file_splice_write+0x43a/0x790 [ 139.712496][T13255] ? splice_from_pipe+0xd0/0xd0 [ 139.717409][T13255] direct_splice_actor+0x80/0xa0 [ 139.722338][T13255] splice_direct_to_actor+0x345/0x650 [ 139.727793][T13255] ? do_splice_direct+0x190/0x190 [ 139.732862][T13255] do_splice_direct+0x106/0x190 [ 139.737740][T13255] do_sendfile+0x63e/0xbb0 [ 139.742154][T13255] __x64_sys_sendfile64+0x102/0x140 [ 139.747421][T13255] do_syscall_64+0x44/0xa0 [ 139.751916][T13255] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.757844][T13255] RIP: 0033:0x7fc9483818d9 [ 139.762309][T13255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:06:53 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x0) 00:06:53 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 66) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x11, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 139.781997][T13255] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 139.790445][T13255] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 139.798511][T13255] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 139.806539][T13255] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 139.814504][T13255] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 139.822541][T13255] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 139.874879][T13280] loop3: detected capacity change from 0 to 264192 [ 139.887860][T13280] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:53 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005600) 00:06:53 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x12, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:53 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 139.918601][T13290] loop5: detected capacity change from 0 to 264192 [ 139.959693][T13289] FAULT_INJECTION: forcing a failure. [ 139.959693][T13289] name failslab, interval 1, probability 0, space 0, times 0 [ 139.972334][T13289] CPU: 1 PID: 13289 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 139.981097][T13289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.991217][T13289] Call Trace: [ 139.994484][T13289] dump_stack_lvl+0xd6/0x122 [ 139.999116][T13289] dump_stack+0x11/0x1b [ 140.003253][T13289] should_fail+0x23c/0x250 [ 140.007651][T13289] ? kcalloc+0x32/0x50 [ 140.011728][T13289] __should_failslab+0x81/0x90 [ 140.016593][T13289] should_failslab+0x5/0x20 [ 140.021149][T13289] __kmalloc+0x6f/0x350 [ 140.025287][T13289] ? check_preempt_wakeup+0x226/0x420 [ 140.030702][T13289] kcalloc+0x32/0x50 [ 140.034594][T13289] ext4_find_extent+0x21c/0x7f0 [ 140.039437][T13289] ? __queue_work+0x830/0xaa0 [ 140.044105][T13289] ext4_ext_map_blocks+0x115/0x1ff0 [ 140.049381][T13289] ? mod_delayed_work_on+0xa5/0xe0 [ 140.054570][T13289] ? ext4_es_lookup_extent+0x36b/0x490 [ 140.060016][T13289] ext4_map_blocks+0x71e/0xf00 [ 140.064768][T13289] ext4_iomap_begin+0x4b0/0x630 [ 140.069629][T13289] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 140.074884][T13289] iomap_iter+0x39c/0x470 [ 140.079300][T13289] __iomap_dio_rw+0x698/0x1010 [ 140.084064][T13289] iomap_dio_rw+0x30/0x70 [ 140.088401][T13289] ? ext4_file_write_iter+0x461/0x11f0 [ 140.093847][T13289] ext4_file_write_iter+0xaa9/0x11f0 [ 140.099276][T13289] ? ext4_file_write_iter+0x461/0x11f0 [ 140.104733][T13289] do_iter_readv_writev+0x2de/0x380 [ 140.109923][T13289] do_iter_write+0x192/0x5c0 [ 140.114540][T13289] ? splice_from_pipe_next+0x34f/0x3b0 [ 140.119978][T13289] ? kmalloc_array+0x2d/0x40 [ 140.124554][T13289] vfs_iter_write+0x4c/0x70 [ 140.129074][T13289] iter_file_splice_write+0x43a/0x790 [ 140.134431][T13289] ? splice_from_pipe+0xd0/0xd0 [ 140.139263][T13289] direct_splice_actor+0x80/0xa0 [ 140.144258][T13289] splice_direct_to_actor+0x345/0x650 [ 140.149609][T13289] ? do_splice_direct+0x190/0x190 [ 140.154616][T13289] do_splice_direct+0x106/0x190 [ 140.159445][T13289] do_sendfile+0x63e/0xbb0 [ 140.163849][T13289] __x64_sys_sendfile64+0x102/0x140 [ 140.169067][T13289] do_syscall_64+0x44/0xa0 [ 140.173559][T13289] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.179488][T13289] RIP: 0033:0x7fc9483818d9 [ 140.183883][T13289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.203472][T13289] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 140.211867][T13289] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 140.219832][T13289] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 140.227787][T13289] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 140.235824][T13289] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 140.243780][T13289] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 140.254104][T13290] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 00:06:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x14, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 140.295960][T13309] loop3: detected capacity change from 0 to 264192 [ 140.330332][T13322] loop5: detected capacity change from 0 to 264192 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x22, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 140.333931][T13309] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 [ 140.353441][T13322] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 00:06:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005700) 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x25, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 140.479769][T13353] loop5: detected capacity change from 0 to 264192 [ 140.495960][T13353] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 00:06:54 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x0) 00:06:54 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcc, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:54 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 67) 00:06:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcd, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:54 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005800) [ 140.624382][T13366] loop3: detected capacity change from 0 to 264192 [ 140.636998][T13366] EXT4-fs warning (device loop3): read_mmp_block:107: Error -117 while reading MMP block 0 00:06:54 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xce, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 140.689174][T13388] loop5: detected capacity change from 0 to 264192 [ 140.710077][T13388] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 140.718421][T13403] loop3: detected capacity change from 0 to 264192 [ 140.736364][T13403] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 140.744042][T13390] FAULT_INJECTION: forcing a failure. [ 140.744042][T13390] name failslab, interval 1, probability 0, space 0, times 0 [ 140.756659][T13390] CPU: 1 PID: 13390 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 140.765424][T13390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.775477][T13390] Call Trace: [ 140.778750][T13390] dump_stack_lvl+0xd6/0x122 [ 140.783349][T13390] dump_stack+0x11/0x1b [ 140.787505][T13390] should_fail+0x23c/0x250 [ 140.791922][T13390] ? kcalloc+0x32/0x50 [ 140.795995][T13390] __should_failslab+0x81/0x90 [ 140.800861][T13390] should_failslab+0x5/0x20 [ 140.805397][T13390] __kmalloc+0x6f/0x350 [ 140.809544][T13390] ? check_preempt_wakeup+0x2be/0x420 [ 140.814913][T13390] kcalloc+0x32/0x50 [ 140.818806][T13390] ext4_find_extent+0x21c/0x7f0 [ 140.823716][T13390] ? __queue_work+0x830/0xaa0 [ 140.828386][T13390] ext4_ext_map_blocks+0x115/0x1ff0 [ 140.833578][T13390] ? mod_delayed_work_on+0xa5/0xe0 [ 140.838852][T13390] ? ext4_es_lookup_extent+0x36b/0x490 [ 140.844308][T13390] ext4_map_blocks+0x71e/0xf00 [ 140.849098][T13390] ? crypto_shash_update+0x13c/0x1a0 [ 140.854381][T13390] ext4_iomap_begin+0x4b0/0x630 [ 140.859333][T13390] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 140.864637][T13390] iomap_iter+0x39c/0x470 [ 140.868966][T13390] __iomap_dio_rw+0x698/0x1010 [ 140.873758][T13390] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 140.879398][T13390] iomap_dio_rw+0x30/0x70 [ 140.883723][T13390] ? ext4_file_write_iter+0x461/0x11f0 00:06:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 140.889199][T13390] ext4_file_write_iter+0xaa9/0x11f0 [ 140.894526][T13390] ? ext4_file_write_iter+0x461/0x11f0 [ 140.900059][T13390] do_iter_readv_writev+0x2de/0x380 [ 140.905261][T13390] do_iter_write+0x192/0x5c0 [ 140.909914][T13390] ? splice_from_pipe_next+0x34f/0x3b0 [ 140.915369][T13390] ? kmalloc_array+0x2d/0x40 [ 140.919954][T13390] vfs_iter_write+0x4c/0x70 [ 140.924518][T13390] iter_file_splice_write+0x43a/0x790 [ 140.929882][T13390] ? splice_from_pipe+0xd0/0xd0 [ 140.934727][T13390] direct_splice_actor+0x80/0xa0 [ 140.939659][T13390] splice_direct_to_actor+0x345/0x650 [ 140.945022][T13390] ? do_splice_direct+0x190/0x190 [ 140.950037][T13390] do_splice_direct+0x106/0x190 [ 140.954876][T13390] do_sendfile+0x63e/0xbb0 [ 140.959290][T13390] __x64_sys_sendfile64+0x102/0x140 [ 140.964487][T13390] do_syscall_64+0x44/0xa0 [ 140.968899][T13390] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.974796][T13390] RIP: 0033:0x7fc9483818d9 00:06:54 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 140.979207][T13390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.998849][T13390] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 141.007261][T13390] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 141.015294][T13390] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 141.023273][T13390] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 141.031238][T13390] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:54 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c963e5cb6c0a8636ccc241c13b1e2e4c3fdff23c4dda6856714ea32c68a709285a066cb778c4f6398f44bc5", 0x34, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9}], 0x0, &(0x7f00000000c0)) 00:06:54 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcf, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:55 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:55 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 68) [ 141.039207][T13390] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:55 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:55 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700006201", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {&(0x7f0000000080)="01000000000005000c963e5cb6c0a8636ccc241c13b1e2e4c3fdff23c4dda6856714ea32c68a709285a066cb778c4f6398f44bc5", 0x34, 0x560}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="0200000012000000", 0x8, 0x800}], 0x0, &(0x7f00000000c0)) [ 141.124957][T13443] loop5: detected capacity change from 0 to 264192 [ 141.136796][T13449] loop3: detected capacity change from 0 to 264192 [ 141.142261][T13443] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 141.166256][T13448] FAULT_INJECTION: forcing a failure. [ 141.166256][T13448] name failslab, interval 1, probability 0, space 0, times 0 [ 141.172557][T13449] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 141.178930][T13448] CPU: 1 PID: 13448 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 141.194232][T13448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.204282][T13448] Call Trace: [ 141.207573][T13448] dump_stack_lvl+0xd6/0x122 [ 141.212155][T13448] dump_stack+0x11/0x1b [ 141.216330][T13448] should_fail+0x23c/0x250 [ 141.220738][T13448] ? mempool_alloc_slab+0x16/0x20 [ 141.225747][T13448] __should_failslab+0x81/0x90 [ 141.230501][T13448] should_failslab+0x5/0x20 [ 141.234991][T13448] kmem_cache_alloc+0x4f/0x300 [ 141.239740][T13448] ? ext4_fc_track_range+0x90/0x140 [ 141.244978][T13448] mempool_alloc_slab+0x16/0x20 [ 141.249809][T13448] ? mempool_free+0x130/0x130 [ 141.254477][T13448] mempool_alloc+0x9d/0x310 [ 141.259144][T13448] bio_alloc_bioset+0xcc/0x530 [ 141.263894][T13448] ? iov_iter_alignment+0x34b/0x370 [ 141.269073][T13448] iomap_dio_bio_iter+0x5c1/0xbc0 [ 141.274179][T13448] __iomap_dio_rw+0x8d8/0x1010 [ 141.278993][T13448] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 141.284636][T13448] iomap_dio_rw+0x30/0x70 [ 141.288949][T13448] ? ext4_file_write_iter+0x461/0x11f0 [ 141.294388][T13448] ext4_file_write_iter+0xaa9/0x11f0 [ 141.299700][T13448] ? ext4_file_write_iter+0x461/0x11f0 [ 141.305140][T13448] do_iter_readv_writev+0x2de/0x380 [ 141.310328][T13448] do_iter_write+0x192/0x5c0 [ 141.314994][T13448] ? splice_from_pipe_next+0x34f/0x3b0 [ 141.320434][T13448] ? kmalloc_array+0x2d/0x40 [ 141.325010][T13448] vfs_iter_write+0x4c/0x70 [ 141.329497][T13448] iter_file_splice_write+0x43a/0x790 [ 141.334851][T13448] ? splice_from_pipe+0xd0/0xd0 [ 141.339715][T13448] direct_splice_actor+0x80/0xa0 [ 141.344631][T13448] splice_direct_to_actor+0x345/0x650 [ 141.350055][T13448] ? do_splice_direct+0x190/0x190 [ 141.355087][T13448] do_splice_direct+0x106/0x190 [ 141.359918][T13448] do_sendfile+0x63e/0xbb0 [ 141.364419][T13448] __x64_sys_sendfile64+0x102/0x140 [ 141.369605][T13448] do_syscall_64+0x44/0xa0 [ 141.374047][T13448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.380117][T13448] RIP: 0033:0x7fc9483818d9 [ 141.384517][T13448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.404121][T13448] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 141.412521][T13448] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 141.420475][T13448] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 141.428427][T13448] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 141.436381][T13448] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 141.444335][T13448] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:55 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005900) 00:06:55 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd1, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:55 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) (fail_nth: 1) 00:06:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:55 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:55 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd2, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:55 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 69) [ 141.565783][T13476] loop5: detected capacity change from 0 to 264192 [ 141.576146][T13477] loop3: detected capacity change from 0 to 264192 [ 141.578129][T13476] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 00:06:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:55 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xee, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 141.631382][T13477] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 141.695937][T13498] FAULT_INJECTION: forcing a failure. [ 141.695937][T13498] name failslab, interval 1, probability 0, space 0, times 0 [ 141.708744][T13498] CPU: 1 PID: 13498 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 141.710434][T13509] loop5: detected capacity change from 0 to 264192 [ 141.717759][T13498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.717827][T13498] Call Trace: [ 141.717833][T13498] dump_stack_lvl+0xd6/0x122 [ 141.742283][T13498] dump_stack+0x11/0x1b [ 141.746435][T13498] should_fail+0x23c/0x250 [ 141.750880][T13498] ? mempool_alloc_slab+0x16/0x20 [ 141.756030][T13498] __should_failslab+0x81/0x90 [ 141.760783][T13498] should_failslab+0x5/0x20 [ 141.765271][T13498] kmem_cache_alloc+0x4f/0x300 [ 141.770027][T13498] mempool_alloc_slab+0x16/0x20 [ 141.774868][T13498] ? mempool_free+0x130/0x130 [ 141.779532][T13498] mempool_alloc+0x9d/0x310 [ 141.784022][T13498] ? crypto_shash_update+0x13c/0x1a0 [ 141.789318][T13498] sg_pool_alloc+0x74/0x90 [ 141.793738][T13498] __sg_alloc_table+0xce/0x290 [ 141.798511][T13498] sg_alloc_table_chained+0xaf/0x140 [ 141.803785][T13498] ? sg_alloc_table_chained+0x140/0x140 [ 141.809316][T13498] scsi_alloc_sgtables+0x184/0x510 [ 141.814416][T13498] sd_init_command+0x952/0x1610 [ 141.819324][T13498] scsi_queue_rq+0x10cd/0x15a0 [ 141.824081][T13498] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 141.829695][T13498] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 141.835225][T13498] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 141.841449][T13498] ? rb_insert_color+0x2fa/0x310 [ 141.846376][T13498] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 141.852417][T13498] __blk_mq_run_hw_queue+0xbc/0x140 [ 141.857600][T13498] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 141.863418][T13498] blk_mq_run_hw_queue+0x22c/0x250 [ 141.868524][T13498] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 141.874526][T13498] blk_mq_flush_plug_list+0x302/0x3d0 [ 141.880153][T13498] blk_flush_plug_list+0x235/0x260 [ 141.885797][T13498] blk_finish_plug+0x44/0x60 [ 141.890384][T13498] __iomap_dio_rw+0xca7/0x1010 [ 141.895138][T13498] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 141.900799][T13498] iomap_dio_rw+0x30/0x70 [ 141.905173][T13498] ? ext4_file_write_iter+0x461/0x11f0 [ 141.910617][T13498] ext4_file_write_iter+0xaa9/0x11f0 [ 141.915969][T13498] ? ext4_file_write_iter+0x461/0x11f0 [ 141.921459][T13498] do_iter_readv_writev+0x2de/0x380 [ 141.926650][T13498] do_iter_write+0x192/0x5c0 [ 141.931330][T13498] ? splice_from_pipe_next+0x34f/0x3b0 [ 141.936841][T13498] vfs_iter_write+0x4c/0x70 [ 141.941339][T13498] iter_file_splice_write+0x43a/0x790 [ 141.946706][T13498] ? splice_from_pipe+0xd0/0xd0 [ 141.951547][T13498] direct_splice_actor+0x80/0xa0 [ 141.956468][T13498] splice_direct_to_actor+0x345/0x650 [ 141.961835][T13498] ? do_splice_direct+0x190/0x190 [ 141.966845][T13498] do_splice_direct+0x106/0x190 [ 141.971684][T13498] do_sendfile+0x63e/0xbb0 [ 141.976085][T13498] __x64_sys_sendfile64+0x102/0x140 [ 141.981374][T13498] do_syscall_64+0x44/0xa0 [ 141.985781][T13498] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.991707][T13498] RIP: 0033:0x7fc9483818d9 [ 141.996114][T13498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.015924][T13498] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 142.024354][T13498] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 142.032308][T13498] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xf4, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 142.040270][T13498] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 142.048231][T13498] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 142.056186][T13498] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:56 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x300, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 142.125061][T13529] loop3: detected capacity change from 0 to 264192 00:06:56 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005a00) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x32d, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 142.166353][T13529] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 142.273460][T13509] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 142.313917][T13559] FAULT_INJECTION: forcing a failure. [ 142.313917][T13559] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 142.326989][T13559] CPU: 1 PID: 13559 Comm: syz-executor.0 Not tainted 5.15.0-rc3-syzkaller #0 [ 142.335753][T13559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.345806][T13559] Call Trace: [ 142.349074][T13559] dump_stack_lvl+0xd6/0x122 [ 142.353666][T13559] dump_stack+0x11/0x1b [ 142.357798][T13559] should_fail+0x23c/0x250 [ 142.362278][T13559] should_fail_usercopy+0x16/0x20 [ 142.367343][T13559] _copy_to_user+0x1c/0x90 [ 142.371740][T13559] simple_read_from_buffer+0xab/0x120 [ 142.377093][T13559] proc_fail_nth_read+0x10d/0x150 [ 142.382106][T13559] ? proc_fault_inject_write+0x230/0x230 [ 142.387733][T13559] vfs_read+0x1e6/0x750 [ 142.391867][T13559] ? __fget_light+0x21b/0x260 [ 142.396524][T13559] ? __cond_resched+0x11/0x40 [ 142.401177][T13559] ksys_read+0xd9/0x190 [ 142.405312][T13559] __x64_sys_read+0x3e/0x50 [ 142.409793][T13559] do_syscall_64+0x44/0xa0 [ 142.414424][T13559] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.420321][T13559] RIP: 0033:0x7f18e72ce48c [ 142.424724][T13559] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 142.444395][T13559] RSP: 002b:00007f18e5072170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 142.453020][T13559] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f18e72ce48c [ 142.460971][T13559] RDX: 000000000000000f RSI: 00007f18e50721e0 RDI: 0000000000000005 [ 142.468919][T13559] RBP: 00007f18e50721d0 R08: 0000000000000000 R09: 0000000000000000 [ 142.476941][T13559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.485017][T13559] R13: 00007ffcd6479bef R14: 00007f18e5072300 R15: 0000000000022000 00:06:56 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x32e, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:56 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 70) 00:06:56 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005b00) 00:06:56 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x32f, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 142.602071][T13575] loop5: detected capacity change from 0 to 264192 [ 142.613705][T13581] loop3: detected capacity change from 0 to 264192 [ 142.621021][T13575] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 142.643565][T13574] FAULT_INJECTION: forcing a failure. [ 142.643565][T13574] name failslab, interval 1, probability 0, space 0, times 0 [ 142.656361][T13574] CPU: 1 PID: 13574 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 142.665138][T13574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.675191][T13574] Call Trace: [ 142.678466][T13574] dump_stack_lvl+0xd6/0x122 [ 142.683052][T13574] dump_stack+0x11/0x1b [ 142.687269][T13574] should_fail+0x23c/0x250 [ 142.691695][T13574] ? mempool_alloc_slab+0x16/0x20 [ 142.696706][T13574] __should_failslab+0x81/0x90 [ 142.701540][T13574] should_failslab+0x5/0x20 [ 142.706028][T13574] kmem_cache_alloc+0x4f/0x300 [ 142.710839][T13574] mempool_alloc_slab+0x16/0x20 [ 142.715680][T13574] ? mempool_free+0x130/0x130 [ 142.720362][T13574] mempool_alloc+0x9d/0x310 [ 142.724869][T13574] ? __getblk_gfp+0x3f/0x590 [ 142.729473][T13574] bio_alloc_bioset+0xcc/0x530 [ 142.734237][T13574] ? __ext4_get_inode_loc+0x760/0x8c0 [ 142.739615][T13574] submit_bh_wbc+0x130/0x330 [ 142.744205][T13574] __sync_dirty_buffer+0x136/0x1e0 [ 142.749384][T13574] sync_dirty_buffer+0x16/0x20 [ 142.754140][T13574] ext4_write_inode+0x2ad/0x3c0 [ 142.758989][T13574] write_inode+0x89/0x180 [ 142.763493][T13574] __writeback_single_inode+0x2a2/0x440 [ 142.769091][T13574] writeback_single_inode+0x17b/0x3e0 [ 142.774578][T13574] sync_inode_metadata+0x57/0x80 [ 142.779512][T13574] ext4_sync_file+0x359/0x670 [ 142.784182][T13574] ? tsan.module_ctor+0x10/0x10 [ 142.789028][T13574] vfs_fsync_range+0x107/0x120 [ 142.793879][T13574] iomap_dio_complete+0x2d5/0x3c0 [ 142.798900][T13574] iomap_dio_rw+0x4e/0x70 [ 142.803411][T13574] ? ext4_file_write_iter+0x461/0x11f0 [ 142.808860][T13574] ext4_file_write_iter+0xaa9/0x11f0 [ 142.814145][T13574] ? ext4_file_write_iter+0x461/0x11f0 [ 142.819595][T13574] do_iter_readv_writev+0x2de/0x380 [ 142.824855][T13574] do_iter_write+0x192/0x5c0 [ 142.829440][T13574] ? splice_from_pipe_next+0x34f/0x3b0 [ 142.834972][T13574] ? kmalloc_array+0x2d/0x40 [ 142.839589][T13574] vfs_iter_write+0x4c/0x70 [ 142.844122][T13574] iter_file_splice_write+0x43a/0x790 [ 142.849480][T13574] ? splice_from_pipe+0xd0/0xd0 [ 142.854398][T13574] direct_splice_actor+0x80/0xa0 [ 142.859407][T13574] splice_direct_to_actor+0x345/0x650 [ 142.864785][T13574] ? do_splice_direct+0x190/0x190 [ 142.869816][T13574] do_splice_direct+0x106/0x190 [ 142.874687][T13574] do_sendfile+0x63e/0xbb0 [ 142.879091][T13574] __x64_sys_sendfile64+0x102/0x140 [ 142.884350][T13574] do_syscall_64+0x44/0xa0 [ 142.888766][T13574] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.894748][T13574] RIP: 0033:0x7fc9483818d9 [ 142.899153][T13574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.918745][T13574] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 142.927166][T13574] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 142.935144][T13574] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 142.943098][T13574] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:06:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x330, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x331, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 142.951052][T13574] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 142.959006][T13574] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 142.972875][T13581] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 00:06:56 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:56 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x332, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 143.066387][T13611] loop3: detected capacity change from 0 to 264192 [ 143.088290][T13611] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 143.134827][T13627] loop5: detected capacity change from 0 to 264192 [ 143.164636][T13627] EXT4-fs (loop5): invalid first ino: 0 00:06:57 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x4) 00:06:57 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x333, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:57 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005c00) 00:06:57 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 71) 00:06:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:57 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x500, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 143.383667][T13648] loop3: detected capacity change from 0 to 264192 [ 143.391061][T13650] loop5: detected capacity change from 0 to 264192 [ 143.405264][T13648] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 143.415356][T13650] EXT4-fs (loop5): invalid first ino: 0 [ 143.419977][T13649] FAULT_INJECTION: forcing a failure. [ 143.419977][T13649] name failslab, interval 1, probability 0, space 0, times 0 [ 143.433536][T13649] CPU: 1 PID: 13649 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 143.442396][T13649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.452515][T13649] Call Trace: [ 143.455791][T13649] dump_stack_lvl+0xd6/0x122 [ 143.460406][T13649] dump_stack+0x11/0x1b [ 143.464559][T13649] should_fail+0x23c/0x250 [ 143.468967][T13649] ? kcalloc+0x32/0x50 [ 143.473033][T13649] __should_failslab+0x81/0x90 [ 143.477816][T13649] should_failslab+0x5/0x20 [ 143.482326][T13649] __kmalloc+0x6f/0x350 [ 143.486481][T13649] ? check_preempt_wakeup+0x2be/0x420 [ 143.491860][T13649] kcalloc+0x32/0x50 [ 143.495762][T13649] ext4_find_extent+0x21c/0x7f0 [ 143.500658][T13649] ? __queue_work+0x830/0xaa0 [ 143.505389][T13649] ext4_ext_map_blocks+0x115/0x1ff0 [ 143.510588][T13649] ? mod_delayed_work_on+0xa5/0xe0 [ 143.515714][T13649] ? ext4_es_lookup_extent+0x36b/0x490 [ 143.521158][T13649] ext4_map_blocks+0x71e/0xf00 [ 143.525912][T13649] ext4_iomap_begin+0x4b0/0x630 [ 143.530754][T13649] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 143.535939][T13649] iomap_iter+0x39c/0x470 [ 143.540260][T13649] __iomap_dio_rw+0x698/0x1010 [ 143.545016][T13649] iomap_dio_rw+0x30/0x70 [ 143.549429][T13649] ? ext4_file_write_iter+0x461/0x11f0 [ 143.554929][T13649] ext4_file_write_iter+0xaa9/0x11f0 [ 143.560201][T13649] ? ext4_file_write_iter+0x461/0x11f0 [ 143.565650][T13649] do_iter_readv_writev+0x2de/0x380 [ 143.570840][T13649] do_iter_write+0x192/0x5c0 [ 143.575416][T13649] ? splice_from_pipe_next+0x34f/0x3b0 [ 143.580861][T13649] ? kmalloc_array+0x2d/0x40 [ 143.585611][T13649] vfs_iter_write+0x4c/0x70 [ 143.590201][T13649] iter_file_splice_write+0x43a/0x790 [ 143.595557][T13649] ? splice_from_pipe+0xd0/0xd0 [ 143.600393][T13649] direct_splice_actor+0x80/0xa0 [ 143.605352][T13649] splice_direct_to_actor+0x345/0x650 [ 143.610708][T13649] ? do_splice_direct+0x190/0x190 [ 143.615891][T13649] do_splice_direct+0x106/0x190 [ 143.620726][T13649] do_sendfile+0x63e/0xbb0 [ 143.625131][T13649] __x64_sys_sendfile64+0x102/0x140 [ 143.630330][T13649] do_syscall_64+0x44/0xa0 [ 143.634736][T13649] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.640619][T13649] RIP: 0033:0x7fc9483818d9 [ 143.645055][T13649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.664711][T13649] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 143.673213][T13649] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:06:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:57 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:57 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x600, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 143.681256][T13649] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 143.689233][T13649] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 143.697216][T13649] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 143.705240][T13649] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:57 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 72) 00:06:57 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x700, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 143.790691][T13678] 9pnet: Insufficient options for proto=fd [ 143.801128][T13679] 9pnet: Insufficient options for proto=fd [ 143.816931][T13677] FAULT_INJECTION: forcing a failure. [ 143.816931][T13677] name failslab, interval 1, probability 0, space 0, times 0 [ 143.829560][T13677] CPU: 1 PID: 13677 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 143.838312][T13677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.848362][T13677] Call Trace: [ 143.851647][T13677] dump_stack_lvl+0xd6/0x122 [ 143.856251][T13677] dump_stack+0x11/0x1b [ 143.860406][T13677] should_fail+0x23c/0x250 [ 143.864811][T13677] __should_failslab+0x81/0x90 [ 143.869566][T13677] ? __iomap_dio_rw+0x139/0x1010 [ 143.874499][T13677] should_failslab+0x5/0x20 [ 143.878998][T13677] kmem_cache_alloc_trace+0x52/0x320 [ 143.884292][T13677] __iomap_dio_rw+0x139/0x1010 [ 143.889134][T13677] ? __ext4_mark_inode_dirty+0x502/0x5c0 [ 143.894756][T13677] ? ext4_dirty_inode+0x58/0xa0 [ 143.899688][T13677] iomap_dio_rw+0x30/0x70 [ 143.904008][T13677] ? ext4_file_write_iter+0x461/0x11f0 [ 143.909459][T13677] ext4_file_write_iter+0xaa9/0x11f0 [ 143.914775][T13677] ? ext4_file_write_iter+0x461/0x11f0 [ 143.920241][T13677] do_iter_readv_writev+0x2de/0x380 [ 143.925443][T13677] do_iter_write+0x192/0x5c0 [ 143.930038][T13677] ? splice_from_pipe_next+0x34f/0x3b0 [ 143.935505][T13677] ? kmalloc_array+0x2d/0x40 [ 143.940095][T13677] vfs_iter_write+0x4c/0x70 [ 143.944598][T13677] iter_file_splice_write+0x43a/0x790 [ 143.949980][T13677] ? splice_from_pipe+0xd0/0xd0 [ 143.954818][T13677] direct_splice_actor+0x80/0xa0 [ 143.959819][T13677] splice_direct_to_actor+0x345/0x650 [ 143.965177][T13677] ? do_splice_direct+0x190/0x190 [ 143.970216][T13677] do_splice_direct+0x106/0x190 [ 143.975141][T13677] do_sendfile+0x63e/0xbb0 [ 143.979564][T13677] __x64_sys_sendfile64+0x102/0x140 [ 143.984857][T13677] do_syscall_64+0x44/0xa0 [ 143.989268][T13677] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.995326][T13677] RIP: 0033:0x7fc9483818d9 [ 143.999816][T13677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.019583][T13677] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 144.028059][T13677] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 144.036021][T13677] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 144.043987][T13677] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 144.051951][T13677] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 144.059952][T13677] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 144.086693][T13692] loop5: detected capacity change from 0 to 264192 [ 144.093279][T13695] loop3: detected capacity change from 0 to 264192 [ 144.106895][T13695] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 144.163800][T13692] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 144.175866][T13692] EXT4-fs (loop5): get root inode failed [ 144.181493][T13692] EXT4-fs (loop5): mount failed 00:06:58 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0xb) 00:06:58 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 73) 00:06:58 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:58 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x900, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:58 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005d00) 00:06:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:58 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xa00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 144.291485][T13721] loop5: detected capacity change from 0 to 264192 [ 144.302092][T13723] loop3: detected capacity change from 0 to 264192 [ 144.324424][T13720] FAULT_INJECTION: forcing a failure. [ 144.324424][T13720] name failslab, interval 1, probability 0, space 0, times 0 [ 144.337180][T13720] CPU: 0 PID: 13720 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 144.346011][T13720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.356069][T13720] Call Trace: [ 144.359347][T13720] dump_stack_lvl+0xd6/0x122 [ 144.362550][T13721] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 144.363944][T13720] dump_stack+0x11/0x1b [ 144.376053][T13721] EXT4-fs (loop5): get root inode failed [ 144.380149][T13720] should_fail+0x23c/0x250 [ 144.385795][T13721] EXT4-fs (loop5): mount failed [ 144.390147][T13720] ? kcalloc+0x32/0x50 [ 144.398484][T13723] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 144.399031][T13720] __should_failslab+0x81/0x90 [ 144.410256][T13720] should_failslab+0x5/0x20 [ 144.414759][T13720] __kmalloc+0x6f/0x350 [ 144.418920][T13720] ? check_preempt_wakeup+0x2be/0x420 [ 144.424321][T13720] kcalloc+0x32/0x50 [ 144.428344][T13720] ext4_find_extent+0x21c/0x7f0 [ 144.433269][T13720] ? __queue_work+0x830/0xaa0 00:06:58 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f465", 0x33, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 144.437956][T13720] ext4_ext_map_blocks+0x115/0x1ff0 [ 144.443263][T13720] ? mod_delayed_work_on+0xa5/0xe0 [ 144.448452][T13720] ? ext4_es_lookup_extent+0x36b/0x490 [ 144.453955][T13720] ext4_map_blocks+0x71e/0xf00 [ 144.458726][T13720] ext4_iomap_begin+0x4b0/0x630 [ 144.463592][T13720] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 144.468843][T13720] iomap_iter+0x39c/0x470 [ 144.473186][T13720] __iomap_dio_rw+0x698/0x1010 [ 144.477997][T13720] iomap_dio_rw+0x30/0x70 [ 144.482491][T13720] ? ext4_file_write_iter+0x461/0x11f0 [ 144.487951][T13720] ext4_file_write_iter+0xaa9/0x11f0 [ 144.493230][T13720] ? ext4_file_write_iter+0x461/0x11f0 [ 144.498800][T13720] do_iter_readv_writev+0x2de/0x380 [ 144.504003][T13720] do_iter_write+0x192/0x5c0 [ 144.508666][T13720] ? splice_from_pipe_next+0x34f/0x3b0 [ 144.514125][T13720] ? kmalloc_array+0x2d/0x40 [ 144.518751][T13720] vfs_iter_write+0x4c/0x70 [ 144.523251][T13720] iter_file_splice_write+0x43a/0x790 [ 144.528688][T13720] ? splice_from_pipe+0xd0/0xd0 [ 144.533606][T13720] direct_splice_actor+0x80/0xa0 [ 144.538542][T13720] splice_direct_to_actor+0x345/0x650 [ 144.543909][T13720] ? do_splice_direct+0x190/0x190 [ 144.548928][T13720] do_splice_direct+0x106/0x190 [ 144.553781][T13720] do_sendfile+0x63e/0xbb0 [ 144.558224][T13720] __x64_sys_sendfile64+0x102/0x140 [ 144.563418][T13720] do_syscall_64+0x44/0xa0 [ 144.567829][T13720] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.573712][T13720] RIP: 0033:0x7fc9483818d9 [ 144.578174][T13720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.598027][T13720] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 144.606446][T13720] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 144.614404][T13720] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 144.622361][T13720] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 144.630317][T13720] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:06:58 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xb00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:58 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xc00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:58 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 74) [ 144.638275][T13720] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:58 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 144.732600][T13763] FAULT_INJECTION: forcing a failure. [ 144.732600][T13763] name failslab, interval 1, probability 0, space 0, times 0 [ 144.743381][T13775] loop3: detected capacity change from 0 to 264192 [ 144.745249][T13763] CPU: 0 PID: 13763 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 144.760446][T13763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.765233][T13775] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 144.770513][T13763] Call Trace: [ 144.770522][T13763] dump_stack_lvl+0xd6/0x122 [ 144.784864][T13763] dump_stack+0x11/0x1b [ 144.789024][T13763] should_fail+0x23c/0x250 [ 144.793520][T13763] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 144.798807][T13763] __should_failslab+0x81/0x90 [ 144.803639][T13763] should_failslab+0x5/0x20 [ 144.808143][T13763] kmem_cache_alloc+0x4f/0x300 [ 144.812913][T13763] ext4_mb_new_blocks+0x317/0x1fc0 [ 144.818468][T13763] ? ext4_find_extent+0x7b2/0x7f0 [ 144.823511][T13763] ? ext4_ext_search_right+0x246/0x540 [ 144.829100][T13763] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 144.834392][T13763] ? ext4_es_lookup_extent+0x36b/0x490 [ 144.839853][T13763] ext4_map_blocks+0x71e/0xf00 [ 144.844610][T13763] ext4_iomap_begin+0x4b0/0x630 [ 144.849494][T13763] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 144.854680][T13763] iomap_iter+0x39c/0x470 [ 144.859081][T13763] __iomap_dio_rw+0x698/0x1010 [ 144.863960][T13763] iomap_dio_rw+0x30/0x70 [ 144.868383][T13763] ? ext4_file_write_iter+0x461/0x11f0 [ 144.873930][T13763] ext4_file_write_iter+0xaa9/0x11f0 [ 144.879226][T13763] ? ext4_file_write_iter+0x461/0x11f0 [ 144.884686][T13763] do_iter_readv_writev+0x2de/0x380 [ 144.889973][T13763] do_iter_write+0x192/0x5c0 [ 144.894560][T13763] ? splice_from_pipe_next+0x34f/0x3b0 [ 144.900111][T13763] ? kmalloc_array+0x2d/0x40 [ 144.904718][T13763] vfs_iter_write+0x4c/0x70 [ 144.909666][T13763] iter_file_splice_write+0x43a/0x790 [ 144.915087][T13763] ? splice_from_pipe+0xd0/0xd0 [ 144.919924][T13763] direct_splice_actor+0x80/0xa0 [ 144.924935][T13763] splice_direct_to_actor+0x345/0x650 [ 144.930293][T13763] ? do_splice_direct+0x190/0x190 [ 144.935309][T13763] do_splice_direct+0x106/0x190 [ 144.940154][T13763] do_sendfile+0x63e/0xbb0 [ 144.944582][T13763] __x64_sys_sendfile64+0x102/0x140 [ 144.949781][T13763] do_syscall_64+0x44/0xa0 [ 144.954192][T13763] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.960232][T13763] RIP: 0033:0x7fc9483818d9 [ 144.964758][T13763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.984361][T13763] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 144.992836][T13763] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 145.000795][T13763] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 145.008755][T13763] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 145.016883][T13763] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 145.024842][T13763] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:59 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x25) 00:06:59 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005e00) 00:06:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xe00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:59 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 75) [ 145.149346][T13800] loop3: detected capacity change from 0 to 264192 [ 145.153824][T13807] loop5: detected capacity change from 0 to 264192 [ 145.187176][T13805] FAULT_INJECTION: forcing a failure. [ 145.187176][T13805] name failslab, interval 1, probability 0, space 0, times 0 [ 145.199925][T13805] CPU: 1 PID: 13805 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 145.208691][T13805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.218777][T13805] Call Trace: [ 145.222057][T13805] dump_stack_lvl+0xd6/0x122 [ 145.226667][T13805] dump_stack+0x11/0x1b [ 145.230826][T13805] should_fail+0x23c/0x250 [ 145.234548][T13800] EXT4-fs (loop3): invalid first ino: 0 [ 145.235364][T13805] ? ext4_mb_new_blocks+0x73f/0x1fc0 [ 145.235386][T13805] __should_failslab+0x81/0x90 [ 145.250919][T13805] should_failslab+0x5/0x20 [ 145.255437][T13805] kmem_cache_alloc+0x4f/0x300 [ 145.260383][T13805] ext4_mb_new_blocks+0x73f/0x1fc0 [ 145.265550][T13805] ? ext4_find_extent+0x7b2/0x7f0 [ 145.270680][T13805] ? ext4_ext_search_right+0x246/0x540 [ 145.276135][T13805] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 145.281428][T13805] ? ext4_es_lookup_extent+0x36b/0x490 [ 145.286925][T13805] ext4_map_blocks+0x71e/0xf00 [ 145.291689][T13805] ext4_iomap_begin+0x4b0/0x630 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1020, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1100, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1200, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 145.296546][T13805] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 145.301748][T13805] iomap_iter+0x39c/0x470 [ 145.306117][T13805] __iomap_dio_rw+0x698/0x1010 [ 145.310925][T13805] iomap_dio_rw+0x30/0x70 [ 145.315299][T13805] ? ext4_file_write_iter+0x461/0x11f0 [ 145.320759][T13805] ext4_file_write_iter+0xaa9/0x11f0 [ 145.326083][T13805] ? ext4_file_write_iter+0x461/0x11f0 [ 145.331574][T13805] do_iter_readv_writev+0x2de/0x380 [ 145.336845][T13805] do_iter_write+0x192/0x5c0 [ 145.341443][T13805] ? splice_from_pipe_next+0x34f/0x3b0 00:06:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 145.346927][T13805] ? kmalloc_array+0x2d/0x40 [ 145.351598][T13805] vfs_iter_write+0x4c/0x70 [ 145.356186][T13805] iter_file_splice_write+0x43a/0x790 [ 145.361572][T13805] ? splice_from_pipe+0xd0/0xd0 [ 145.366513][T13805] direct_splice_actor+0x80/0xa0 [ 145.371448][T13805] splice_direct_to_actor+0x345/0x650 [ 145.376823][T13805] ? do_splice_direct+0x190/0x190 [ 145.381847][T13805] do_splice_direct+0x106/0x190 [ 145.386689][T13805] do_sendfile+0x63e/0xbb0 [ 145.391108][T13805] __x64_sys_sendfile64+0x102/0x140 [ 145.396301][T13805] do_syscall_64+0x44/0xa0 [ 145.400768][T13805] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.406700][T13805] RIP: 0033:0x7fc9483818d9 [ 145.411109][T13805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 145.430710][T13805] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 145.439167][T13805] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 145.447154][T13805] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 145.455115][T13805] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 145.463077][T13805] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 145.471404][T13805] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 145.483780][T13807] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 145.495974][T13807] EXT4-fs (loop5): get root inode failed [ 145.501613][T13807] EXT4-fs (loop5): mount failed 00:06:59 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 76) 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1400, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:06:59 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ea787147419980138410aa1cd001b72f0000000000000004f8cb715772192f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf4acd8fcd8e5f772d76afd98752b492c67db2000000000000", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:06:59 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80005f00) [ 145.567808][T13844] loop3: detected capacity change from 0 to 264192 [ 145.603727][T13844] EXT4-fs (loop3): invalid first ino: 0 [ 145.642926][T13850] FAULT_INJECTION: forcing a failure. [ 145.642926][T13850] name failslab, interval 1, probability 0, space 0, times 0 [ 145.655573][T13850] CPU: 0 PID: 13850 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 145.664407][T13850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.674461][T13850] Call Trace: [ 145.677737][T13850] dump_stack_lvl+0xd6/0x122 [ 145.682333][T13850] dump_stack+0x11/0x1b [ 145.686493][T13850] should_fail+0x23c/0x250 [ 145.690907][T13850] ? mempool_alloc_slab+0x16/0x20 [ 145.695941][T13850] __should_failslab+0x81/0x90 [ 145.700709][T13850] should_failslab+0x5/0x20 [ 145.705285][T13850] kmem_cache_alloc+0x4f/0x300 [ 145.710042][T13850] ? ext4_fc_track_range+0x90/0x140 [ 145.715264][T13850] mempool_alloc_slab+0x16/0x20 [ 145.720175][T13850] ? mempool_free+0x130/0x130 [ 145.724883][T13850] mempool_alloc+0x9d/0x310 [ 145.729380][T13850] bio_alloc_bioset+0xcc/0x530 [ 145.734193][T13850] ? iov_iter_alignment+0x34b/0x370 [ 145.739394][T13850] iomap_dio_bio_iter+0x5c1/0xbc0 [ 145.744418][T13850] __iomap_dio_rw+0x8d8/0x1010 [ 145.749210][T13850] iomap_dio_rw+0x30/0x70 [ 145.753542][T13850] ? ext4_file_write_iter+0x461/0x11f0 [ 145.758997][T13850] ext4_file_write_iter+0xaa9/0x11f0 [ 145.764351][T13850] ? ext4_file_write_iter+0x461/0x11f0 [ 145.769939][T13850] do_iter_readv_writev+0x2de/0x380 [ 145.775138][T13850] do_iter_write+0x192/0x5c0 [ 145.779731][T13850] ? splice_from_pipe_next+0x34f/0x3b0 [ 145.785179][T13850] ? kmalloc_array+0x2d/0x40 [ 145.789773][T13850] vfs_iter_write+0x4c/0x70 [ 145.794279][T13850] iter_file_splice_write+0x43a/0x790 [ 145.799653][T13850] ? splice_from_pipe+0xd0/0xd0 [ 145.804505][T13850] direct_splice_actor+0x80/0xa0 [ 145.809444][T13850] splice_direct_to_actor+0x345/0x650 [ 145.814809][T13850] ? do_splice_direct+0x190/0x190 [ 145.819830][T13850] do_splice_direct+0x106/0x190 [ 145.824686][T13850] do_sendfile+0x63e/0xbb0 [ 145.829124][T13850] __x64_sys_sendfile64+0x102/0x140 [ 145.834341][T13850] do_syscall_64+0x44/0xa0 [ 145.838757][T13850] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.844706][T13850] RIP: 0033:0x7fc9483818d9 [ 145.849106][T13850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 145.868907][T13850] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 145.877558][T13850] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 145.885536][T13850] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 00:06:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001", 0x4d, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 145.893494][T13850] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 145.901541][T13850] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 145.909496][T13850] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2010, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 145.947882][T13875] loop3: detected capacity change from 0 to 264192 [ 145.953284][T13876] loop5: detected capacity change from 0 to 264192 [ 145.975822][T13875] EXT4-fs (loop3): invalid first ino: 0 00:06:59 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:06:59 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2200, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 145.998449][T13876] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 146.010516][T13876] EXT4-fs (loop5): get root inode failed [ 146.016165][T13876] EXT4-fs (loop5): mount failed 00:07:00 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2500, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 146.074939][T13901] loop3: detected capacity change from 0 to 264192 [ 146.092582][T13901] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 146.104718][T13901] EXT4-fs (loop3): get root inode failed [ 146.110349][T13901] EXT4-fs (loop3): mount failed 00:07:00 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2d03, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:00 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 77) 00:07:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:00 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c05b7370a9d5ddfefa420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db200"/214, @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) [ 146.253615][T13929] loop5: detected capacity change from 0 to 264192 [ 146.273511][T13921] FAULT_INJECTION: forcing a failure. [ 146.273511][T13921] name failslab, interval 1, probability 0, space 0, times 0 [ 146.286292][T13921] CPU: 1 PID: 13921 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 146.295060][T13921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.305111][T13921] Call Trace: [ 146.308394][T13921] dump_stack_lvl+0xd6/0x122 [ 146.312985][T13921] dump_stack+0x11/0x1b [ 146.317137][T13921] should_fail+0x23c/0x250 [ 146.321566][T13921] ? mempool_alloc_slab+0x16/0x20 [ 146.326580][T13921] __should_failslab+0x81/0x90 [ 146.331381][T13921] should_failslab+0x5/0x20 [ 146.335897][T13921] kmem_cache_alloc+0x4f/0x300 [ 146.340661][T13921] mempool_alloc_slab+0x16/0x20 [ 146.345512][T13921] ? mempool_free+0x130/0x130 [ 146.350197][T13921] mempool_alloc+0x9d/0x310 [ 146.354702][T13921] ? crypto_shash_update+0x13c/0x1a0 [ 146.359985][T13921] ? ext4_mb_new_inode_pa+0x5cb/0x6a0 [ 146.365353][T13921] sg_pool_alloc+0x74/0x90 [ 146.369866][T13921] __sg_alloc_table+0xce/0x290 [ 146.374631][T13921] sg_alloc_table_chained+0xaf/0x140 [ 146.379987][T13921] ? sg_alloc_table_chained+0x140/0x140 [ 146.385730][T13921] scsi_alloc_sgtables+0x184/0x510 [ 146.390843][T13921] sd_init_command+0x952/0x1610 [ 146.393112][T13929] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 146.395694][T13921] scsi_queue_rq+0x10cd/0x15a0 [ 146.407817][T13929] EXT4-fs (loop5): get root inode failed [ 146.412521][T13921] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 146.418169][T13929] EXT4-fs (loop5): mount failed [ 146.423666][T13921] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 146.434014][T13921] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 146.440335][T13921] ? rb_insert_color+0x2fa/0x310 [ 146.445271][T13921] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 146.451343][T13921] __blk_mq_run_hw_queue+0xbc/0x140 [ 146.456624][T13921] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 146.462466][T13921] blk_mq_run_hw_queue+0x22c/0x250 [ 146.467666][T13921] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 146.473561][T13921] blk_mq_flush_plug_list+0x302/0x3d0 [ 146.478949][T13921] blk_flush_plug_list+0x235/0x260 [ 146.484058][T13921] blk_finish_plug+0x44/0x60 [ 146.488659][T13921] __iomap_dio_rw+0xca7/0x1010 [ 146.493503][T13921] iomap_dio_rw+0x30/0x70 [ 146.497836][T13921] ? ext4_file_write_iter+0x461/0x11f0 [ 146.503297][T13921] ext4_file_write_iter+0xaa9/0x11f0 [ 146.508581][T13921] ? ext4_file_write_iter+0x461/0x11f0 [ 146.514038][T13921] do_iter_readv_writev+0x2de/0x380 [ 146.519274][T13921] do_iter_write+0x192/0x5c0 [ 146.523875][T13921] ? splice_from_pipe_next+0x34f/0x3b0 [ 146.529398][T13921] ? kmalloc_array+0x2d/0x40 [ 146.533990][T13921] vfs_iter_write+0x4c/0x70 [ 146.538501][T13921] iter_file_splice_write+0x43a/0x790 [ 146.543868][T13921] ? splice_from_pipe+0xd0/0xd0 [ 146.548757][T13921] direct_splice_actor+0x80/0xa0 [ 146.553687][T13921] splice_direct_to_actor+0x345/0x650 [ 146.559050][T13921] ? do_splice_direct+0x190/0x190 [ 146.564066][T13921] do_splice_direct+0x106/0x190 [ 146.568932][T13921] do_sendfile+0x63e/0xbb0 [ 146.573343][T13921] __x64_sys_sendfile64+0x102/0x140 [ 146.578545][T13921] do_syscall_64+0x44/0xa0 [ 146.582968][T13921] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.588899][T13921] RIP: 0033:0x7fc9483818d9 [ 146.593305][T13921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 146.612947][T13921] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 146.621350][T13921] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 146.629369][T13921] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 146.637330][T13921] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 146.645318][T13921] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:07:00 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006000) 00:07:00 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2e03, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:00 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:00 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead2114741998023c8562d666ffcad2f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x1, &(0x7f0000000000)={0x0, 0x80000001}) mlockall(0x1) mlockall(0x5) mlockall(0x5) mlockall(0x0) [ 146.653335][T13921] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:00 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2f03, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:00 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 78) 00:07:00 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3003, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 146.770089][T13963] loop3: detected capacity change from 0 to 264192 [ 146.781991][T13964] loop5: detected capacity change from 0 to 264192 00:07:00 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3103, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 146.846676][T13963] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 146.849886][T13973] FAULT_INJECTION: forcing a failure. [ 146.849886][T13973] name failslab, interval 1, probability 0, space 0, times 0 [ 146.859013][T13963] EXT4-fs (loop3): get root inode failed [ 146.859025][T13963] EXT4-fs (loop3): mount failed [ 146.871632][T13973] CPU: 1 PID: 13973 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 146.890974][T13973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.901022][T13973] Call Trace: [ 146.904393][T13973] dump_stack_lvl+0xd6/0x122 [ 146.909010][T13973] dump_stack+0x11/0x1b [ 146.913187][T13973] should_fail+0x23c/0x250 [ 146.917599][T13973] ? mempool_alloc_slab+0x16/0x20 [ 146.922629][T13973] __should_failslab+0x81/0x90 [ 146.927511][T13973] should_failslab+0x5/0x20 [ 146.932010][T13973] kmem_cache_alloc+0x4f/0x300 [ 146.936782][T13973] mempool_alloc_slab+0x16/0x20 [ 146.941677][T13973] ? mempool_free+0x130/0x130 [ 146.946351][T13973] mempool_alloc+0x9d/0x310 [ 146.950849][T13973] ? __getblk_gfp+0x3f/0x590 [ 146.955506][T13973] bio_alloc_bioset+0xcc/0x530 [ 146.960271][T13973] ? __ext4_get_inode_loc+0x760/0x8c0 [ 146.965649][T13973] submit_bh_wbc+0x130/0x330 [ 146.968518][T13964] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 146.970829][T13973] __sync_dirty_buffer+0x136/0x1e0 [ 146.970853][T13973] sync_dirty_buffer+0x16/0x20 [ 146.983072][T13964] EXT4-fs (loop5): get root inode failed [ 146.988137][T13973] ext4_write_inode+0x2ad/0x3c0 [ 146.988165][T13973] write_inode+0x89/0x180 [ 146.993079][T13964] EXT4-fs (loop5): mount failed [ 146.998683][T13973] __writeback_single_inode+0x2a2/0x440 [ 146.998711][T13973] writeback_single_inode+0x17b/0x3e0 [ 147.023600][T13973] sync_inode_metadata+0x57/0x80 [ 147.028583][T13973] ext4_sync_file+0x359/0x670 [ 147.033258][T13973] ? tsan.module_ctor+0x10/0x10 [ 147.038164][T13973] vfs_fsync_range+0x107/0x120 [ 147.043020][T13973] iomap_dio_complete+0x2d5/0x3c0 [ 147.048086][T13973] iomap_dio_rw+0x4e/0x70 [ 147.052411][T13973] ? ext4_file_write_iter+0x461/0x11f0 [ 147.057856][T13973] ext4_file_write_iter+0xaa9/0x11f0 [ 147.063194][T13973] ? ext4_file_write_iter+0x461/0x11f0 [ 147.069019][T13973] do_iter_readv_writev+0x2de/0x380 [ 147.074243][T13973] do_iter_write+0x192/0x5c0 [ 147.078829][T13973] ? splice_from_pipe_next+0x34f/0x3b0 [ 147.084283][T13973] ? kmalloc_array+0x2d/0x40 [ 147.088893][T13973] vfs_iter_write+0x4c/0x70 [ 147.093388][T13973] iter_file_splice_write+0x43a/0x790 [ 147.098751][T13973] ? splice_from_pipe+0xd0/0xd0 [ 147.103587][T13973] direct_splice_actor+0x80/0xa0 [ 147.108513][T13973] splice_direct_to_actor+0x345/0x650 [ 147.113874][T13973] ? do_splice_direct+0x190/0x190 [ 147.118891][T13973] do_splice_direct+0x106/0x190 [ 147.123726][T13973] do_sendfile+0x63e/0xbb0 [ 147.128211][T13973] __x64_sys_sendfile64+0x102/0x140 [ 147.133398][T13973] do_syscall_64+0x44/0xa0 [ 147.137860][T13973] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 147.143748][T13973] RIP: 0033:0x7fc9483818d9 [ 147.148221][T13973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.167820][T13973] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 147.176217][T13973] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 147.184369][T13973] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3203, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:01 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000", 0x5a, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 147.192326][T13973] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 147.200284][T13973] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 147.208310][T13973] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3303, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:01 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006100) 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3f00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x4000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 147.358236][T14019] loop3: detected capacity change from 0 to 264192 [ 147.383547][T14019] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 147.395639][T14019] EXT4-fs (loop3): get root inode failed [ 147.401275][T14019] EXT4-fs (loop3): mount failed 00:07:01 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 79) 00:07:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700", 0x63, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcc00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:01 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:01 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r1, r2) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_OPENAT2={0x1c, 0x5, 0x0, 0xffffffffffffff9c, 0x0, 0x0}, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x20010001) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x3000006, 0x11, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(0x0, r4, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4000, @fd_index, 0x0, 0x0}, 0x1) syz_io_uring_setup(0x2de1, &(0x7f0000000280), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000380)=0x0) syz_io_uring_submit(0x0, r5, &(0x7f0000000200)=@IORING_OP_TIMEOUT_REMOVE, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index}, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) r6 = syz_io_uring_complete(0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4004, @fd=r6, 0x7, 0x9, 0x9, 0x12, 0x1}, 0xfffffffc) r7 = geteuid() keyctl$chown(0x4, r3, r7, 0xee01) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[@ANYRESHEX=r3, @ANYRESOCT=r0, @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) 00:07:01 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006200) 00:07:01 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 147.575327][T14046] loop5: detected capacity change from 0 to 264192 [ 147.592469][T14046] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 147.593577][T14055] loop3: detected capacity change from 0 to 264192 [ 147.634595][T14055] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 147.642917][T14059] FAULT_INJECTION: forcing a failure. [ 147.642917][T14059] name failslab, interval 1, probability 0, space 0, times 0 [ 147.646680][T14055] EXT4-fs (loop3): get root inode failed [ 147.646693][T14055] EXT4-fs (loop3): mount failed [ 147.659300][T14059] CPU: 1 PID: 14059 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 147.678802][T14059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 147.688845][T14059] Call Trace: [ 147.692148][T14059] dump_stack_lvl+0xd6/0x122 [ 147.696766][T14059] dump_stack+0x11/0x1b [ 147.700911][T14059] should_fail+0x23c/0x250 [ 147.705403][T14059] ? kmalloc_array+0x2d/0x40 [ 147.709983][T14059] __should_failslab+0x81/0x90 [ 147.714808][T14059] should_failslab+0x5/0x20 [ 147.719300][T14059] __kmalloc+0x6f/0x350 [ 147.723458][T14059] kmalloc_array+0x2d/0x40 [ 147.727864][T14059] iter_file_splice_write+0xd5/0x790 [ 147.733148][T14059] ? atime_needs_update+0x2ba/0x390 [ 147.738350][T14059] ? touch_atime+0xe0/0x250 [ 147.742993][T14059] ? generic_file_splice_read+0x2a9/0x330 [ 147.748697][T14059] ? splice_from_pipe+0xd0/0xd0 [ 147.753533][T14059] direct_splice_actor+0x80/0xa0 [ 147.758458][T14059] splice_direct_to_actor+0x345/0x650 [ 147.763916][T14059] ? do_splice_direct+0x190/0x190 [ 147.768947][T14059] do_splice_direct+0x106/0x190 [ 147.773783][T14059] do_sendfile+0x63e/0xbb0 [ 147.778190][T14059] __x64_sys_sendfile64+0x102/0x140 [ 147.783547][T14059] do_syscall_64+0x44/0xa0 [ 147.787953][T14059] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 147.794272][T14059] RIP: 0033:0x7fc9483818d9 [ 147.798694][T14059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 147.818289][T14059] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 147.827044][T14059] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcd00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:01 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 147.835042][T14059] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 147.843099][T14059] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 147.851057][T14059] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 147.859013][T14059] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:01 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 80) 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xce00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 147.921211][T14078] loop5: detected capacity change from 0 to 264192 00:07:01 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcf00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:01 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006300) [ 147.960768][T14078] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 147.972824][T14078] EXT4-fs (loop5): get root inode failed [ 147.978489][T14078] EXT4-fs (loop5): mount failed [ 147.987297][T14095] loop3: detected capacity change from 0 to 264192 [ 148.037632][T14097] FAULT_INJECTION: forcing a failure. [ 148.037632][T14097] name failslab, interval 1, probability 0, space 0, times 0 [ 148.050301][T14097] CPU: 1 PID: 14097 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 148.059282][T14097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 148.069497][T14097] Call Trace: [ 148.072772][T14097] dump_stack_lvl+0xd6/0x122 [ 148.077417][T14097] dump_stack+0x11/0x1b [ 148.081565][T14097] should_fail+0x23c/0x250 [ 148.084527][T14095] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 148.085986][T14097] ? kcalloc+0x32/0x50 [ 148.098021][T14095] EXT4-fs (loop3): get root inode failed [ 148.102016][T14097] __should_failslab+0x81/0x90 [ 148.107707][T14095] EXT4-fs (loop3): mount failed [ 148.112411][T14097] should_failslab+0x5/0x20 [ 148.121718][T14097] __kmalloc+0x6f/0x350 [ 148.125872][T14097] ? check_preempt_wakeup+0x226/0x420 [ 148.131349][T14097] kcalloc+0x32/0x50 [ 148.135239][T14097] ext4_find_extent+0x21c/0x7f0 [ 148.140189][T14097] ? __queue_work+0x830/0xaa0 [ 148.144860][T14097] ext4_ext_map_blocks+0x115/0x1ff0 [ 148.150093][T14097] ? mod_delayed_work_on+0xa5/0xe0 [ 148.155190][T14097] ? ext4_es_lookup_extent+0x36b/0x490 [ 148.160635][T14097] ext4_map_blocks+0x71e/0xf00 [ 148.165385][T14097] ext4_iomap_begin+0x4b0/0x630 [ 148.170226][T14097] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 148.175441][T14097] iomap_iter+0x39c/0x470 [ 148.179768][T14097] __iomap_dio_rw+0x698/0x1010 [ 148.184613][T14097] iomap_dio_rw+0x30/0x70 [ 148.188929][T14097] ? ext4_file_write_iter+0x461/0x11f0 [ 148.194386][T14097] ext4_file_write_iter+0xaa9/0x11f0 [ 148.199699][T14097] ? ext4_file_write_iter+0x461/0x11f0 [ 148.205142][T14097] do_iter_readv_writev+0x2de/0x380 [ 148.210509][T14097] do_iter_write+0x192/0x5c0 [ 148.215108][T14097] ? splice_from_pipe_next+0x34f/0x3b0 [ 148.220704][T14097] ? kmalloc_array+0x2d/0x40 [ 148.225283][T14097] vfs_iter_write+0x4c/0x70 [ 148.229773][T14097] iter_file_splice_write+0x43a/0x790 [ 148.235170][T14097] ? splice_from_pipe+0xd0/0xd0 [ 148.240004][T14097] direct_splice_actor+0x80/0xa0 [ 148.244926][T14097] splice_direct_to_actor+0x345/0x650 [ 148.250299][T14097] ? do_splice_direct+0x190/0x190 [ 148.255397][T14097] do_splice_direct+0x106/0x190 [ 148.260314][T14097] do_sendfile+0x63e/0xbb0 [ 148.264722][T14097] __x64_sys_sendfile64+0x102/0x140 [ 148.269915][T14097] do_syscall_64+0x44/0xa0 [ 148.274338][T14097] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 148.280348][T14097] RIP: 0033:0x7fc9483818d9 [ 148.284745][T14097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 148.304334][T14097] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 148.312732][T14097] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 148.320686][T14097] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 148.328721][T14097] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:07:02 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:02 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd100, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 148.336771][T14097] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 148.344728][T14097] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 148.434793][T14132] loop5: detected capacity change from 0 to 264192 [ 148.465685][T14132] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 148.477881][T14132] EXT4-fs (loop5): get root inode failed [ 148.483508][T14132] EXT4-fs (loop5): mount failed 00:07:02 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db262fd357c53063884cc26b0264736d7774a7c261d43b112bc158e9b2e87b3a5f82bc9dbfafa763e5d5671c32092fed4077bcfaee88dd39ce3454dba9fde64a1eea2cbb18e20f695fb8b2693ca25de09f9382439b6b29907f8df954ea55c86be89a94e135a19235d0b2a0b88d8fffc1908382bb5754615dc8cb83aecedaf48d8d65f9c3371bd0846a4db735e7c7213c19a8b8997f102b05dc35380b6d91ae8cfca71a0810b1dfedd0172a05e3a94bfe7d59f0202c48c884d1d0cd203a3348961f8", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0x9}) mlockall(0x1) mlockall(0x5) setrlimit(0x3, &(0x7f0000000040)={0x2, 0xffffffff80000001}) 00:07:02 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd200, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:02 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:02 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 81) 00:07:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:02 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006400) 00:07:02 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xedc0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 148.631882][T14159] loop5: detected capacity change from 0 to 264192 [ 148.634302][T14160] loop3: detected capacity change from 0 to 264192 [ 148.662360][T14159] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 148.674512][T14159] EXT4-fs (loop5): get root inode failed [ 148.680216][T14159] EXT4-fs (loop5): mount failed [ 148.696783][T14157] FAULT_INJECTION: forcing a failure. [ 148.696783][T14157] name failslab, interval 1, probability 0, space 0, times 0 [ 148.709586][T14157] CPU: 1 PID: 14157 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 148.718342][T14157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 148.728396][T14157] Call Trace: [ 148.731727][T14157] dump_stack_lvl+0xd6/0x122 [ 148.736407][T14157] dump_stack+0x11/0x1b [ 148.740617][T14157] should_fail+0x23c/0x250 [ 148.745068][T14157] ? kcalloc+0x32/0x50 [ 148.749172][T14157] __should_failslab+0x81/0x90 [ 148.753935][T14157] should_failslab+0x5/0x20 [ 148.758516][T14157] __kmalloc+0x6f/0x350 [ 148.762661][T14157] ? check_preempt_wakeup+0x226/0x420 [ 148.768104][T14157] kcalloc+0x32/0x50 [ 148.771998][T14157] ext4_find_extent+0x21c/0x7f0 [ 148.776859][T14157] ? __queue_work+0x830/0xaa0 [ 148.781540][T14157] ext4_ext_map_blocks+0x115/0x1ff0 [ 148.786740][T14157] ? mod_delayed_work_on+0xa5/0xe0 [ 148.791965][T14157] ? ext4_es_lookup_extent+0x36b/0x490 [ 148.797566][T14157] ext4_map_blocks+0x71e/0xf00 [ 148.802335][T14157] ext4_iomap_begin+0x4b0/0x630 [ 148.807242][T14157] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 148.812430][T14157] iomap_iter+0x39c/0x470 [ 148.816754][T14157] __iomap_dio_rw+0x698/0x1010 [ 148.821517][T14157] iomap_dio_rw+0x30/0x70 [ 148.825912][T14157] ? ext4_file_write_iter+0x461/0x11f0 [ 148.831424][T14157] ext4_file_write_iter+0xaa9/0x11f0 [ 148.836843][T14157] ? ext4_file_write_iter+0x461/0x11f0 [ 148.842638][T14157] do_iter_readv_writev+0x2de/0x380 [ 148.843456][T14160] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 148.847844][T14157] do_iter_write+0x192/0x5c0 [ 148.847869][T14157] ? splice_from_pipe_next+0x34f/0x3b0 [ 148.847887][T14157] ? kmalloc_array+0x2d/0x40 [ 148.859991][T14160] EXT4-fs (loop3): get root inode failed [ 148.864558][T14157] vfs_iter_write+0x4c/0x70 [ 148.870097][T14160] EXT4-fs (loop3): mount failed [ 148.874667][T14157] iter_file_splice_write+0x43a/0x790 [ 148.874688][T14157] ? splice_from_pipe+0xd0/0xd0 [ 148.899780][T14157] direct_splice_actor+0x80/0xa0 [ 148.904812][T14157] splice_direct_to_actor+0x345/0x650 [ 148.910186][T14157] ? do_splice_direct+0x190/0x190 [ 148.915206][T14157] do_splice_direct+0x106/0x190 [ 148.920052][T14157] do_sendfile+0x63e/0xbb0 [ 148.924477][T14157] __x64_sys_sendfile64+0x102/0x140 [ 148.929684][T14157] do_syscall_64+0x44/0xa0 [ 148.934102][T14157] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 148.940004][T14157] RIP: 0033:0x7fc9483818d9 [ 148.944407][T14157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 148.964008][T14157] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 148.972420][T14157] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:07:02 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xee00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:02 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 82) 00:07:02 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xf400, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:02 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 148.980400][T14157] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 148.988365][T14157] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 148.996330][T14157] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 149.004295][T14157] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 149.082195][T14201] loop5: detected capacity change from 0 to 264192 [ 149.102404][T14196] FAULT_INJECTION: forcing a failure. [ 149.102404][T14196] name failslab, interval 1, probability 0, space 0, times 0 [ 149.115047][T14196] CPU: 1 PID: 14196 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 149.123858][T14196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 149.133904][T14196] Call Trace: [ 149.137253][T14196] dump_stack_lvl+0xd6/0x122 [ 149.141848][T14196] dump_stack+0x11/0x1b [ 149.146000][T14196] should_fail+0x23c/0x250 [ 149.150412][T14196] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 149.155701][T14196] __should_failslab+0x81/0x90 [ 149.160470][T14196] should_failslab+0x5/0x20 [ 149.164980][T14196] kmem_cache_alloc+0x4f/0x300 [ 149.169790][T14196] ext4_mb_new_blocks+0x317/0x1fc0 [ 149.175065][T14196] ? ext4_find_extent+0x7b2/0x7f0 [ 149.180082][T14196] ? ext4_ext_search_right+0x246/0x540 [ 149.185561][T14196] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 149.190894][T14196] ? ext4_es_lookup_extent+0x36b/0x490 [ 149.196345][T14196] ext4_map_blocks+0x71e/0xf00 [ 149.201105][T14196] ext4_iomap_begin+0x4b0/0x630 [ 149.205945][T14196] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 149.211132][T14196] iomap_iter+0x39c/0x470 [ 149.215699][T14196] __iomap_dio_rw+0x698/0x1010 [ 149.220464][T14196] iomap_dio_rw+0x30/0x70 [ 149.224780][T14196] ? ext4_file_write_iter+0x461/0x11f0 [ 149.230385][T14196] ext4_file_write_iter+0xaa9/0x11f0 [ 149.235659][T14196] ? ext4_file_write_iter+0x461/0x11f0 [ 149.241163][T14196] do_iter_readv_writev+0x2de/0x380 [ 149.246352][T14196] do_iter_write+0x192/0x5c0 [ 149.250935][T14196] ? splice_from_pipe_next+0x34f/0x3b0 [ 149.256376][T14196] ? kmalloc_array+0x2d/0x40 [ 149.260999][T14196] vfs_iter_write+0x4c/0x70 [ 149.265488][T14196] iter_file_splice_write+0x43a/0x790 [ 149.270888][T14196] ? splice_from_pipe+0xd0/0xd0 [ 149.275721][T14196] direct_splice_actor+0x80/0xa0 [ 149.280641][T14196] splice_direct_to_actor+0x345/0x650 [ 149.285997][T14196] ? do_splice_direct+0x190/0x190 [ 149.291002][T14196] do_splice_direct+0x106/0x190 [ 149.295836][T14196] do_sendfile+0x63e/0xbb0 [ 149.300240][T14196] __x64_sys_sendfile64+0x102/0x140 [ 149.305429][T14196] do_syscall_64+0x44/0xa0 [ 149.309843][T14196] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 149.315771][T14196] RIP: 0033:0x7fc9483818d9 [ 149.320171][T14196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 149.339765][T14196] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 149.348165][T14196] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 149.356127][T14196] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 149.364105][T14196] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 149.372139][T14196] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:07:03 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000524700", 0x63, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 149.380094][T14196] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 149.425028][T14216] loop3: detected capacity change from 0 to 264192 [ 149.460949][T14216] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:03 executing program 0: pipe(&(0x7f00000001c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRES32], 0x4240a2a0) madvise(&(0x7f0000000000/0x4000)=nil, 0x0, 0x17) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:03 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:03 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006500) 00:07:03 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 83) 00:07:03 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:03 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xff03, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 149.492309][T14201] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 149.550057][T14225] FAULT_INJECTION: forcing a failure. [ 149.550057][T14225] name failslab, interval 1, probability 0, space 0, times 0 [ 149.562686][T14225] CPU: 1 PID: 14225 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 149.571443][T14225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 149.581501][T14225] Call Trace: [ 149.583707][T14245] loop3: detected capacity change from 0 to 264192 [ 149.584769][T14225] dump_stack_lvl+0xd6/0x122 [ 149.584797][T14225] dump_stack+0x11/0x1b [ 149.599987][T14225] should_fail+0x23c/0x250 [ 149.604417][T14225] ? mempool_alloc_slab+0x16/0x20 [ 149.609441][T14225] __should_failslab+0x81/0x90 [ 149.614200][T14225] should_failslab+0x5/0x20 [ 149.618693][T14225] kmem_cache_alloc+0x4f/0x300 [ 149.623512][T14225] ? ext4_fc_track_range+0x90/0x140 [ 149.628705][T14225] mempool_alloc_slab+0x16/0x20 [ 149.633565][T14225] ? mempool_free+0x130/0x130 [ 149.638225][T14225] mempool_alloc+0x9d/0x310 [ 149.642716][T14225] bio_alloc_bioset+0xcc/0x530 [ 149.647471][T14225] ? iov_iter_alignment+0x34b/0x370 [ 149.652652][T14225] iomap_dio_bio_iter+0x5c1/0xbc0 [ 149.657666][T14225] __iomap_dio_rw+0x8d8/0x1010 [ 149.662416][T14225] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 149.668056][T14225] iomap_dio_rw+0x30/0x70 [ 149.672374][T14225] ? ext4_file_write_iter+0x461/0x11f0 [ 149.677877][T14225] ext4_file_write_iter+0xaa9/0x11f0 [ 149.683149][T14225] ? ext4_file_write_iter+0x461/0x11f0 [ 149.688663][T14225] do_iter_readv_writev+0x2de/0x380 [ 149.693849][T14225] do_iter_write+0x192/0x5c0 [ 149.698459][T14225] ? splice_from_pipe_next+0x34f/0x3b0 [ 149.703899][T14225] ? kmalloc_array+0x2d/0x40 [ 149.708481][T14225] vfs_iter_write+0x4c/0x70 [ 149.713005][T14225] iter_file_splice_write+0x43a/0x790 [ 149.718377][T14225] ? splice_from_pipe+0xd0/0xd0 [ 149.723209][T14225] direct_splice_actor+0x80/0xa0 [ 149.728215][T14225] splice_direct_to_actor+0x345/0x650 [ 149.733664][T14225] ? do_splice_direct+0x190/0x190 [ 149.738686][T14225] do_splice_direct+0x106/0x190 [ 149.743521][T14225] do_sendfile+0x63e/0xbb0 [ 149.748002][T14225] __x64_sys_sendfile64+0x102/0x140 [ 149.753187][T14225] do_syscall_64+0x44/0xa0 [ 149.757642][T14225] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 149.763537][T14225] RIP: 0033:0x7fc9483818d9 [ 149.767936][T14225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 149.787561][T14225] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 00:07:03 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfffe, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:03 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1ffe7, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 149.795996][T14225] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 149.803972][T14225] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 149.811926][T14225] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 149.819878][T14225] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 149.827863][T14225] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:03 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x20000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 149.889360][T14260] loop5: detected capacity change from 0 to 264192 00:07:03 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 84) 00:07:03 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x80000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 149.931038][T14260] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 150.001448][T14274] FAULT_INJECTION: forcing a failure. [ 150.001448][T14274] name failslab, interval 1, probability 0, space 0, times 0 [ 150.014395][T14274] CPU: 1 PID: 14274 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 150.023191][T14274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 150.033339][T14274] Call Trace: [ 150.033818][T14245] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 150.036645][T14274] dump_stack_lvl+0xd6/0x122 [ 150.036670][T14274] dump_stack+0x11/0x1b [ 150.036687][T14274] should_fail+0x23c/0x250 [ 150.048836][T14245] EXT4-fs (loop3): get root inode failed [ 150.048847][T14245] EXT4-fs (loop3): mount failed [ 150.072801][T14274] ? mempool_alloc_slab+0x16/0x20 [ 150.077916][T14274] __should_failslab+0x81/0x90 [ 150.082688][T14274] should_failslab+0x5/0x20 [ 150.087209][T14274] kmem_cache_alloc+0x4f/0x300 [ 150.091972][T14274] mempool_alloc_slab+0x16/0x20 [ 150.096817][T14274] ? mempool_free+0x130/0x130 [ 150.101493][T14274] mempool_alloc+0x9d/0x310 [ 150.105994][T14274] ? crypto_shash_update+0x13c/0x1a0 [ 150.111330][T14274] sg_pool_alloc+0x74/0x90 [ 150.115784][T14274] __sg_alloc_table+0xce/0x290 [ 150.120617][T14274] sg_alloc_table_chained+0xaf/0x140 [ 150.125980][T14274] ? sg_alloc_table_chained+0x140/0x140 [ 150.131703][T14274] scsi_alloc_sgtables+0x184/0x510 [ 150.136813][T14274] sd_init_command+0x952/0x1610 [ 150.141664][T14274] scsi_queue_rq+0x10cd/0x15a0 [ 150.146428][T14274] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 150.151979][T14274] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 150.157648][T14274] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 150.163888][T14274] ? rb_insert_color+0x2fa/0x310 [ 150.168848][T14274] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 150.174828][T14274] __blk_mq_run_hw_queue+0xbc/0x140 [ 150.180106][T14274] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 150.185917][T14274] blk_mq_run_hw_queue+0x22c/0x250 [ 150.191033][T14274] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 150.196922][T14274] blk_mq_flush_plug_list+0x302/0x3d0 [ 150.202359][T14274] blk_flush_plug_list+0x235/0x260 [ 150.207484][T14274] blk_finish_plug+0x44/0x60 [ 150.212158][T14274] __iomap_dio_rw+0xca7/0x1010 [ 150.216926][T14274] iomap_dio_rw+0x30/0x70 [ 150.221257][T14274] ? ext4_file_write_iter+0x461/0x11f0 [ 150.226711][T14274] ext4_file_write_iter+0xaa9/0x11f0 [ 150.232058][T14274] ? ext4_file_write_iter+0x461/0x11f0 [ 150.237508][T14274] do_iter_readv_writev+0x2de/0x380 [ 150.242707][T14274] do_iter_write+0x192/0x5c0 [ 150.247308][T14274] ? splice_from_pipe_next+0x34f/0x3b0 [ 150.252755][T14274] ? kmalloc_array+0x2d/0x40 [ 150.257434][T14274] vfs_iter_write+0x4c/0x70 [ 150.261936][T14274] iter_file_splice_write+0x43a/0x790 [ 150.267304][T14274] ? splice_from_pipe+0xd0/0xd0 [ 150.272149][T14274] direct_splice_actor+0x80/0xa0 [ 150.277081][T14274] splice_direct_to_actor+0x345/0x650 [ 150.282446][T14274] ? do_splice_direct+0x190/0x190 [ 150.287552][T14274] do_splice_direct+0x106/0x190 [ 150.292398][T14274] do_sendfile+0x63e/0xbb0 [ 150.296819][T14274] __x64_sys_sendfile64+0x102/0x140 00:07:04 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r2, r3) write$binfmt_misc(r0, &(0x7f00000018c0)={'syz0', "4336dc18f112f7896f78c7c532d03dc899c0f175f8aace15e52aa64365b481f2475541f4896cbdb2b8e5dd47ab4659a0a3eb1003365e36fc383c24cc79004d244a2529539702938065d46317ebfa5877168d7dd2b3ce716b25891c86ed8b037a76fc5bf63938dfc5c2e21d80f50dd3b2f787252f04adc428c60c575d0a746b5c325e2ffc881702984ef92e92b9bd31a76d2a4ab3ca1196e40f11fd90897dc83ecfcb0e32d185421196cb11de5ca05d8e486cfa48eecf456f112a31a190c23f1844f64aa54492e1630a8dc17a341c521683a8bca6a6e9c4d8ac8f67082c9125fbae06c99127cecc9c9522fc54b0ce5dfa534bf0f23090d8dcf885"}, 0xfe) writev(r3, &(0x7f0000001800)=[{&(0x7f0000000300)="3e6fe0437fb44be9ef10c82385e49a415c4ada0b8a7f023f890e963be83b4a9fc31b35eb11dc04f71bd5a2b4e200484f667cfd71ed0ef6243b9470220e792ce01403a9676a52938217a9a1683ec20a396bd0707e90c5d91c8bcc702247da1065f6d569b8c978a2bd04c1361acdfe1937d3255423851d7c65f3cb3f54d3633024bf56475ed1d5", 0x86}, {&(0x7f00000003c0)="39edd255be5a0997efee25475f5fa9c8455a064844630f6fc2b63a4bab64e77371dfa3665483b34b2583f5890bba87d6b0e8afb5a03786beb282e25d03b894cd060e9ab6e6b5667b377c3c5a4724d9826f92f62f3a8adefbbbcc9271ae5c33d0756e3e1d4c8eef15ef7cd5e33f34fdab7c9165be432a29763c383f169e9f5394b241993e1cd85a4a84b3a361bb73eba28455eedca9dba4f75d9754c09d278ae61ac07b31e9d8bbbe9f268d3cd59f2b4964363a329c02a948e9e0855cb8ba3f645dc472bd05ebd6e84d9f9aca1671ba0f269a10ea1edc87f75b2c7be7298412e186f2d6eef3e6250b57d2c206b0547725ed36712927d79713a80ecf62c4139ab3c3ec87666cc6b199ccda93bd95283a0a800f4c185b8875bc0b93b6ad2a2631716f97d725cb16016cf4797525ebcef83ae5ab605241303e6bf16063d6281b8e0a767c53f65c39968bab710686728f27a8ee510b7fd70982e7957818a7f7727d14abe18df55abd4d938fb0ed8e0b002b2e302521a883e95fa13828e3dabe3bfc679cc755f5844c4656a0aba19143feed7fb8d2246a39cc7558b22916143eb8b1735d6f2f459bec231c7f9e334ccd5b844a97baa5057df753652f4d6383bc9942c5d4983d5e92ecdc11839d99ad8867072a8f7487bccf8c2946c8911e4f16ff61cad74a1ff5856038d1d267b7fbea690d2178c2da123893a9414042e49e0ba76f4dc7a2187172763d13101afcdd58e84e2e23e6fb00924ddbb4423445e5511840e4ace94e0e2295f3462c89237c8647b2fee191deb135300cd6d5ad42edc8a8d3ba71ff795f6c790464bf15e580538e0f5949ca4fb62780f8edd30a42db9d7e836195c0a6c9dae0a172d5bac07807a03ac36fb12ad1586a2c0f4acafb98f2f2739c0dd48c752b363584242eb2ef954611ad4f4c7df62c0b0af9d98209a44ad7ccf38e53880b1f9f48acd4ee835d38183b2006549f6ad079e7dfe9120fe2a9002bf9b8d6d7f2946d0d42e10530a2b8ba44be5739568189bb631949c3b4384ddbfbb96b29b2a4942ad6aef96cf3d9c202a1e520c527c8d02957956926275423744f28e2f3f3c3eaf4524967cd7fba3d36f1d48301d5b5741cbf27f39676b598974dacf396a301ec69352953ddff5b560c27667ebdd46ceaa98d4f72a8704d00992838f0b880d2975b3b64a998b3f3423fcec1f0e228a137038cad738f78a994ed42d346d131bc7dd81ac5c866c8d804d8880471e1d90251509cac058c67ea9f3812aa5a46d6f5e75ad62188bfefe766eb2d58486e27cda669a227e48705db0a23508729a342d92fc396b66adf097c34727fba4599d35f15a187dd25ed967bd0b62ce6019349f9271d0d768fd7a01be2d52f5c1fd97e5bdcf30e456bc5e0eeddb521e185ac2edbcdcf1103c5eb54f7373a5bb48b9094ec70098288d70f8031927375ff54500bc2b4f446d7339c73f4b0a7bee7e388f971bb3e598296ca513c5380fcc56cc16068a2512d43c48c44fe1c9fc2dc207a52728d16b0febb722c165ab7d7feb19eb259cc227b5fb72aa35ab60ebba1fbcacab965419c7ba78e36bf9bb28d966409549b1774169dc76f6dd092e31c66b941d2c40a598d5cf90d4b1af044bd35eebfeffb984596c9362808ee315136f43b39f80c25f430accecbadb7903aa59e58c1ce9347aace623dca0858691a7c9a52795a695a27b169c0adbaa7fab8d4157beb63ad40b6135d97e5659e1b0a799c972b64a263542c57408b6f920d56713d30ab4faa91117732741eb47634ef62702d03a25be6d8c8eb86ce909fcf032ee908149bb38cb9b656775b6db94acd947c54f3badb3b9cd430e9437e1df5dca177bdba7a8ddec8803b87c76d0af6983e53ffc243ea23056a770678c591da18592d06d31fe79c63c4aa6bae4cef18fc9cf8c4d866838324b8e585de7ec6cf06369e94ee8eb5adb88a0349264974f68d87109739bfc8b7d79c09343d240568df900ffc5d42bf2e4082e03af969a22617ab3cf2c22cdaa525950971a77609875a8a26acbc0b8f676159da4482beeff75efb968181620597d35841f1b5749c46abedc26c8435d74274ed79d08886be7f83bd45f654eeb4fedc6318e9fed005d62eb4d3e26e214cfc3a76b5173072d67d3bafbaac5779f51334395cba79f9bf9985768b1470dcd11f7c8e33ca8f4bc4114fbd7383db73b0541396db440ed63d6f76b3960f9dede2f849136407895e61f22438c0503c165680ed0eec0068b64bbf1779c4002e9e10ba35092f625b70fccc35cde5bd9abf90f11fec9bbaece0de638efcf148cf9b1b78cafbec81f9d32f6e8eed19268e6049f3073a21ce9b639df5f252f4d2f8a1621ae51a6196783c41a52abcb08a4fcfd0d5de3e3d53670fc45afe165cdaa51bf9fc20844c3315022c1843fb85f1777571d103dd00687b415aa284f45f9fd51c7a7aad711fb05e8607806211a7043e483f31cfd1e7871ca376023db8ab05e64f86fa94a69a41f2ed01560d22f00cda7b47412de64580c4e7021123da077c7aebc1a0e2967626c2d162d91620c9046eda36f9d0e64fe08437467de565385fe689b36768712dc0aaacf248e9134bc27440503725a054ef771c6cb86461696ca0e6a868f820820ab5deeb3a2188a7c8a28984e882208ffef2fa40fffb1fd5f9584d4b49a77563f627a52aacf70b50e503abd6b74cfbe42f0016c80b0f05abd4a11b3f127442c2e93ca55935334651b715e2c567845c20da5b0a1659fe58c383a9366c349988aaec9f5628c0f7f6da3440289f1db5050a2ab2dcd1324ee19074802c23295c072727b1f037e729958c995e9ed45217b7a55dd564efe710710e0446fe7680b3b00be0f0bec98eae79ab6d31c0f5ab8f9e1841b7fc745ce133cead186ae3a89a082bc83fb4de600cb95b89de808294f823872c9a5f170ec6d88c4d3a461caae64ab7d86643b6c93a2b5b8d4d9b8790ca805a2c90af8220fdbcf5bae3c03d8baedbb884614e9aa8671e0ec0e695fadca154dafb03747870b1ad9c17a474a90177b6ea1f49b70c90bc6fa2b06d09a25fdf83ba72cd6515a1608d1aeed2e6a420cab0026e8e6209ed44d056e7eaf89b2c2060432b9f876470aff8467f55269dfa71b3bf7c4b57d64c27e3165d4339288b20354296cd7ebab7bde83ea9cf5ba06919a18703fee14a602068081ed5ca202a647dd5c28a4ee52a3a1d67843bc0b8b96c784e1d9a16091aa4c1fb5dd416d355bff10373f0b418c8a40a5350892abd1630dbd12d43e414b858672546228a3be6859a70a7099a5663556c5930a559fa300618d4e6b2a1df79206eddcb967a77ec7bced1d37bdd46f482e53042ddd4951c3764c14d1992068f42eec9d0352a026b71f35b7c6c635fbd826f9a88aba735dc72187a9dcc664d8e917bb20bf1db6d79e7c6976f569034f1f5f5ce893a21700ad00d43651ebfaefeb4ab4f8e2f231dc9c01e9f7a8bfb1a6d4ead3df6cd9260934ca26af8098ac286f956c0e809d90f1f1b01b2b2768b57d16bfcdc6fab8e83d001842c6a3cf82ab1c20ecd4254a613ed64fed1881ac6ed5a65cb3da93a14dc946d26661267e38419708cd47d6700283c158d53aa28b07007736745a594404a6cde69dea2ca18750fbe7f3f94782948721c3a06830915166399e8dca67246b397eeacc1229741817ff8e106b7ce79ab11e8ac75a94aa289f0eb2f7223c90cfa2b9c87aec191456bf46d2d536202d28025ba4fa679498eefe8c3119be23b18d29c739dbb9b304bc46b77ddf879082e3c2efffa4415fce47514671ec8ed510e8554c49e9ffdb20d596f1d50831c24c1b23a8b2a3ad414a1dfabbbaa65324f6caecca479a301c825a3818b5d6e238cc76f02e8279d6e6d82fb7434956e655cb2da86d60520fc69821b14400dad49784eed6353bcf6f9d052998a3fddfc9f28f8c6dd9d676d60ea23b3312bbcb228a1d640fcf4b0510699cc543412b60c29a305fa99f0d4099e02fefd97ea89c588dfbdcc6ba12100ab2084d032f8fd290ff019926213a33e0465547537cca107b17093711815c46f4c717c6cbc9c5f6641788632188a36ca0fbf54bc2db1e78d463a9d61b91da0fb9f76aa0d10fec17ddd8dbfe8b0008b7ce95d5e46474fe957be6c76ff5837e444c53587ae19d8d00d9dd3035e4246d4e1f7b7dc5e958244ea5f67c9fa012295721adbf802dc544d9260f0badee99f4d7854671b31219a857b9b5d51d71fbf00f50f6527e325f126e51acac2a3e11b62c469d4bb108cefe6a16040ca2cc24d6d74778c9e7411090f96e76be858be70972115b87f514e368f6c2cc246c287fc3de2f85b049102df68b380bb02698d9e5fa95b905c534d8ad39f1602b224159ba286802a59d06893c7f87017628dceefcd8b3ca34b369341c63f7db60306f760e52b59cb52afdb03094b41c64c27de3e7cd6d62ff696dc4871dcce41a1c348a6dde1f2c0305b2f94f68c218785094023fb43c5b8ebbacb8f3e56f606d63104eb070f86fe74c1e0302c8fca04200eed05f806db07b706a6fade88db177f1546eebb7d2c9940cc49c5f568b46b62f49789d157035f47ed7009a8b0953271df983845c6c2e35603f5333567b6b330ee4bbd7b9c265a29935a02e99fee4807f0a3dc5f77c14d49d077aab8d3f26ec61ef061ec6b2785e60d91628c2cbba81d23e4e8ab6b35b6982a0cf99cc2bb98711267019f3eaa1dfe861d5f4d8c40472a0551b53bcd16de8bd087e3f938fcc9dd39fb1bbb9ff003466d1175411170be04c5e08ae6c75c8e3dd675703d6568767de1a35fcd45157c7e83db97b532ed1707481c8f908270a3832aa893559a80d33c3bb41db07ce3f1bdc746b8597e6bde53f1ab6123a76349881eb2c9b84d460f993845a82a0b74da73ab8d8137ddff5d763824b2744578587373a306612001624a979f7db8cb3d80566d7e30523ba351cd1b12378470cdae6c58eb3287853d541b22e024b52f24202a9d53de8af3d42cb388252f0140d1ae08436c2a108772f2a7493777bd572f9dabdf53bc94173bbb69c84186d307462087c262dff5ed1d768606c3316100d351e8bac59274371f0d7091d268f6afa3d20124774345675602eb0c20b479a5a2d2ee17bf6e845979c6f59f866890332b8f775777210c287c5917c23677abfb80dbdf8c0c04dc6928ae3905dde141c5a01a0e8162434b36edf08194e77b38ec12ccf6d1b57b326b9d32f852d657a430a63dc2255b0db1ca95ce6c22e179ed5f4baf801b5f78093603491590982ad483d6c68a4eaf97cd79a34c845477a0884b746eef50bc14e22f61a225933e7d5eab8c6ddb860274bd74c3285b0d3e0d7a4928b86838e72a887d8c1386200de7333b2d98e20acd7f6e55f8f43ba08e1e36dd4889b5af3e4ab3eb9ff207ed38f3f5e9f06f6af5a4482448839db0005213ddd6668e0df7cc0b8f8a208e551f3f09f823e32955ddedfafa2aea4ffbbb4e4e041d0acd665c2761e334af5df38fe8802c3af3eba266c2784276c73fe5e60073d3b8b9129d09b9044dc8d1997cfcabe2e3e1b21806ec85a8c7980299c1a1067d1fece39fa02be0b0cf8b7d17f5d34923494fca9e9c7eb4aeb42f347a6bf36e92f69533ecaad49b9c1e22899a934dacc74049ee8885f58c9cde71ad802bb9f0666fea00554a65e664c9ba91aa95a1e40723f9eff89997e411af63029ededab0eef9419c4a35213f5bf32953171a066e61b5de93b1d61b02a077cf8c254cccc837f3a816a144708c055d6db26e2c60530363ae35bcfd58b59f6bb4", 0x1000}, {&(0x7f00000013c0)="a66af1be326947dde826f684c79a51b8c238d683aa85d3e6f9295390cddf3bb03643f4381c430dc7a8bc78eece579dd821ea4f8fd5cb1310d28637e8562656a72a06a6d75bd89fcbf52257907d323108276dd37a1ad840d400e8aef16a3e57a03f2e0de2b7329bd2cb7ef9dfe6a5732b9409fc2dc3bfe5c3186f2617268e69241688c3c9eb21b9b55cec", 0x8a}, {&(0x7f0000000040)="f52a19f25bffc62224ab4422f5a8c59a7ba05dcac457c3c125ce1491fa68060720e785089a322c0f040ed6ada9", 0x2d}, {&(0x7f0000001480)="aa133f7c1d1df436c5e5c94e13177c4c95faf1b531551fa07e5e6f912ff02689f7bf39fb805bc1008d13cd35940bd77b19a2b6e4f69cbbc96fa0f0f307597f00ba37c3a301dc4ed71d250db96d98cecd56747dc824c99c4ba045cddf5de36a47f0f55ef7d0b320ac62ed0cce23b2d01de1655bbe1e773066b5251895272acde6c2923e663f212dd75f80c24e1d392388482d44e01dfc90c8cb42956f3d46a0131ae3315a3a4aaae0a8e538a10b783912f89477df492630", 0xb7}, {&(0x7f0000001540)="78c0c67824ca35a12e79e20d1a37912541eb79525ac78481f80c96b5fdbcd7c41f78d52fafcf6ddb101a652eb77f34c2b4fd2643709634f89d09aca83976d92bba9a3ac10009a1e2888b86ba1e10afa43ab75d79bd18cf9fe6899f666cbed462647dfcc846b0c601ed604727ea538c29320b2e4d12af238b0ce5c2c1a5b088130959d2737d85fb", 0x87}, {&(0x7f0000001600)="4b6586bb1fb906d758d11310ab4fd8a8ab24d53dd0b7bcf1cb1cfbd16b354e2db71d0a3995d6670c3b500cbd5e0afccd598591b45e39090e6e9a815d422d3124f511204708f995a49a84987f55eff39269a2d062935cd977ed88ee7171d2d4afd2dc2ef90fa92bbb66c10e3a64d3a56a31bef530b48ede62f49c45184da9cabbd4814374d3a8303438b4477b680ec219c971e3e64aa2f8c82262a9811e2cabfeb36e10d65ca2", 0xa6}, {&(0x7f00000016c0)="65ace20075027deedf488fc009c29dac18adafeed438cb168f606c11acf739941aa8a67ccc769288b37eddf573bca9dd759f4b81f3b66f4c68528e778abe51b604f53cdadff3495f0d490ffed04b28b4f3e88d508156d13d8682ca7e9da503c2d97b9d6c814cf7d977758bc9f567af09f388bd23ebcbf5c59f5a9a239905d008486890cb5dea7f83d7bd8997056896fc61d9047d97057c291b851fc72b6f9d1946159afff91228c1b0db8fe7f8ed9dfe198552b71993f46eb87aee88a016460fbc5545e6ef9bf9786f27cf3fdd8888", 0xcf}, {&(0x7f00000017c0)="fe30c3cb761d516a57", 0x9}], 0x9) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000019c0)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a898002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aad632c0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc47dd9b6b9c01fbbdc98b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08f743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492807db200"/222, @ANYRESOCT=r1], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) vmsplice(r0, &(0x7f0000000180)=[{&(0x7f0000000040)}, {&(0x7f0000000080)="c469ae8cf1c591060baf587bad72d9066ce448d9d41a83cea36b87d52881acb823ba7c2a1d0f1e13365a0cbe5433842eeb26823464ee6f315261bef242be6de8cf1d4f0a902f7b06e88f30cba81508567586e6485e5e2b99552cb18b06d5f716b14b90aa9b28e8e11edaa9f7035699370d80bc14dd4a787a88eb80503a90710aa6a4515c8318afb937363d01d6ca68a4f2469a1b0699cd1f261eab2ace1b7aaa59b994e7ba4299e8aef583f5e89d30c0729c4fbac39f434933806f9602faa1ad8ee6ece3bf8f8a7f0edba211bb247ba1593043c5f499aab4df23bdc2243c860df595441ba371120aee343dd7ac48", 0xee}], 0x2, 0x3) mlockall(0x5) 00:07:04 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006600) 00:07:04 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x100000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 150.302070][T14274] do_syscall_64+0x44/0xa0 [ 150.306575][T14274] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 150.312556][T14274] RIP: 0033:0x7fc9483818d9 [ 150.316969][T14274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 150.336700][T14274] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 150.345118][T14274] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 150.353101][T14274] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 150.361064][T14274] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 150.369071][T14274] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 150.377043][T14274] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 150.395534][T14299] loop5: detected capacity change from 0 to 264192 00:07:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:04 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xee0000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 150.411169][T14299] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 150.423221][T14299] EXT4-fs (loop5): get root inode failed [ 150.428891][T14299] EXT4-fs (loop5): mount failed 00:07:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:04 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 85) [ 150.479154][T14315] loop3: detected capacity change from 0 to 264192 [ 150.490952][T14315] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 150.503018][T14315] EXT4-fs (loop3): get root inode failed [ 150.508676][T14315] EXT4-fs (loop3): mount failed 00:07:04 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:04 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006700) 00:07:04 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000008000000008000000", 0x60, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 150.561503][T14332] loop5: detected capacity change from 0 to 264192 [ 150.588417][T14327] FAULT_INJECTION: forcing a failure. [ 150.588417][T14327] name failslab, interval 1, probability 0, space 0, times 0 [ 150.601149][T14327] CPU: 1 PID: 14327 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 150.609911][T14327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 150.620010][T14327] Call Trace: [ 150.621153][T14342] loop3: detected capacity change from 0 to 264192 [ 150.623285][T14327] dump_stack_lvl+0xd6/0x122 [ 150.634441][T14327] dump_stack+0x11/0x1b [ 150.638605][T14327] should_fail+0x23c/0x250 [ 150.643019][T14327] ? mempool_alloc_slab+0x16/0x20 [ 150.648034][T14327] __should_failslab+0x81/0x90 [ 150.652810][T14327] should_failslab+0x5/0x20 [ 150.657308][T14327] kmem_cache_alloc+0x4f/0x300 [ 150.662079][T14327] mempool_alloc_slab+0x16/0x20 [ 150.666917][T14327] ? mempool_free+0x130/0x130 [ 150.671660][T14327] mempool_alloc+0x9d/0x310 [ 150.676194][T14327] ? __getblk_gfp+0x3f/0x590 [ 150.680829][T14327] bio_alloc_bioset+0xcc/0x530 [ 150.685608][T14327] ? __ext4_get_inode_loc+0x760/0x8c0 [ 150.691049][T14327] submit_bh_wbc+0x130/0x330 [ 150.695692][T14327] __sync_dirty_buffer+0x136/0x1e0 [ 150.700792][T14327] sync_dirty_buffer+0x16/0x20 [ 150.705540][T14327] ext4_write_inode+0x2ad/0x3c0 [ 150.710378][T14327] write_inode+0x89/0x180 [ 150.714719][T14327] __writeback_single_inode+0x2a2/0x440 [ 150.720254][T14327] writeback_single_inode+0x17b/0x3e0 [ 150.725677][T14327] sync_inode_metadata+0x57/0x80 [ 150.730646][T14327] ext4_sync_file+0x359/0x670 [ 150.735311][T14327] ? tsan.module_ctor+0x10/0x10 [ 150.740216][T14327] vfs_fsync_range+0x107/0x120 [ 150.744967][T14327] iomap_dio_complete+0x2d5/0x3c0 [ 150.749982][T14327] iomap_dio_rw+0x4e/0x70 [ 150.754305][T14327] ? ext4_file_write_iter+0x461/0x11f0 [ 150.759754][T14327] ext4_file_write_iter+0xaa9/0x11f0 [ 150.765060][T14327] ? ext4_file_write_iter+0x461/0x11f0 [ 150.770502][T14327] do_iter_readv_writev+0x2de/0x380 [ 150.775714][T14327] do_iter_write+0x192/0x5c0 [ 150.780306][T14327] ? splice_from_pipe_next+0x34f/0x3b0 [ 150.785754][T14327] ? kmalloc_array+0x2d/0x40 [ 150.790359][T14327] vfs_iter_write+0x4c/0x70 [ 150.794851][T14327] iter_file_splice_write+0x43a/0x790 [ 150.800292][T14327] ? splice_from_pipe+0xd0/0xd0 [ 150.805122][T14327] direct_splice_actor+0x80/0xa0 [ 150.810041][T14327] splice_direct_to_actor+0x345/0x650 [ 150.815402][T14327] ? do_splice_direct+0x190/0x190 [ 150.820417][T14327] do_splice_direct+0x106/0x190 [ 150.825431][T14327] do_sendfile+0x63e/0xbb0 [ 150.829904][T14327] __x64_sys_sendfile64+0x102/0x140 [ 150.835123][T14327] do_syscall_64+0x44/0xa0 [ 150.839533][T14327] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 150.845417][T14327] RIP: 0033:0x7fc9483818d9 [ 150.849903][T14327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 150.869508][T14327] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 150.877902][T14327] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 150.885860][T14327] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 150.893881][T14327] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 150.901838][T14327] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 150.909883][T14327] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:04 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 150.955545][T14332] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 150.967595][T14332] EXT4-fs (loop5): get root inode failed [ 150.973230][T14332] EXT4-fs (loop5): mount failed [ 151.032671][T14342] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 151.044765][T14342] EXT4-fs (loop3): get root inode failed [ 151.050477][T14342] EXT4-fs (loop3): mount failed 00:07:05 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d1fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) setrlimit(0x40000000000008, &(0x7f0000000000)={0x9, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:05 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:05 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 86) 00:07:05 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:05 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006800) [ 151.229624][T14383] loop5: detected capacity change from 0 to 264192 [ 151.236236][T14387] loop3: detected capacity change from 0 to 264192 [ 151.250625][T14383] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 151.262699][T14383] EXT4-fs (loop5): get root inode failed [ 151.268356][T14383] EXT4-fs (loop5): mount failed [ 151.278883][T14390] FAULT_INJECTION: forcing a failure. [ 151.278883][T14390] name failslab, interval 1, probability 0, space 0, times 0 [ 151.291623][T14390] CPU: 1 PID: 14390 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 151.300378][T14390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 151.310420][T14390] Call Trace: [ 151.313690][T14390] dump_stack_lvl+0xd6/0x122 [ 151.318270][T14390] dump_stack+0x11/0x1b [ 151.322412][T14390] should_fail+0x23c/0x250 [ 151.326875][T14390] ? mempool_alloc_slab+0x16/0x20 [ 151.331898][T14390] __should_failslab+0x81/0x90 [ 151.336725][T14390] should_failslab+0x5/0x20 [ 151.341212][T14390] kmem_cache_alloc+0x4f/0x300 [ 151.346083][T14390] mempool_alloc_slab+0x16/0x20 [ 151.350996][T14390] ? mempool_free+0x130/0x130 [ 151.355655][T14390] mempool_alloc+0x9d/0x310 [ 151.360143][T14390] ? crypto_shash_update+0x13c/0x1a0 [ 151.365416][T14390] sg_pool_alloc+0x74/0x90 [ 151.369891][T14390] __sg_alloc_table+0xce/0x290 [ 151.374658][T14390] sg_alloc_table_chained+0xaf/0x140 [ 151.379992][T14390] ? sg_alloc_table_chained+0x140/0x140 [ 151.385535][T14390] scsi_alloc_sgtables+0x184/0x510 [ 151.390675][T14390] sd_init_command+0x952/0x1610 [ 151.395581][T14390] scsi_queue_rq+0x10cd/0x15a0 [ 151.400337][T14390] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 151.405932][T14390] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 151.411523][T14390] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 151.417749][T14390] ? rb_insert_color+0x2fa/0x310 [ 151.422670][T14390] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 151.428635][T14390] __blk_mq_run_hw_queue+0xbc/0x140 [ 151.433841][T14390] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 151.439636][T14390] blk_mq_run_hw_queue+0x22c/0x250 [ 151.444731][T14390] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 151.450656][T14390] blk_mq_flush_plug_list+0x302/0x3d0 [ 151.456107][T14390] blk_flush_plug_list+0x235/0x260 [ 151.461312][T14390] blk_finish_plug+0x44/0x60 [ 151.465911][T14390] __iomap_dio_rw+0xca7/0x1010 [ 151.470732][T14390] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 151.476368][T14390] iomap_dio_rw+0x30/0x70 [ 151.480685][T14390] ? ext4_file_write_iter+0x461/0x11f0 [ 151.486128][T14390] ext4_file_write_iter+0xaa9/0x11f0 [ 151.491399][T14390] ? ext4_file_write_iter+0x461/0x11f0 [ 151.496843][T14390] do_iter_readv_writev+0x2de/0x380 [ 151.502058][T14390] do_iter_write+0x192/0x5c0 [ 151.506723][T14390] ? splice_from_pipe_next+0x34f/0x3b0 [ 151.512259][T14390] ? kmalloc_array+0x2d/0x40 [ 151.516840][T14390] vfs_iter_write+0x4c/0x70 [ 151.521379][T14390] iter_file_splice_write+0x43a/0x790 [ 151.526741][T14390] ? splice_from_pipe+0xd0/0xd0 [ 151.531634][T14390] direct_splice_actor+0x80/0xa0 [ 151.536623][T14390] splice_direct_to_actor+0x345/0x650 [ 151.541984][T14390] ? do_splice_direct+0x190/0x190 [ 151.547078][T14390] do_splice_direct+0x106/0x190 [ 151.551915][T14390] do_sendfile+0x63e/0xbb0 [ 151.556396][T14390] __x64_sys_sendfile64+0x102/0x140 [ 151.561659][T14390] do_syscall_64+0x44/0xa0 [ 151.566766][T14390] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 151.572765][T14390] RIP: 0033:0x7fc9483818d9 [ 151.577189][T14390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 151.596923][T14390] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 151.605321][T14390] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 151.613359][T14390] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 151.621314][T14390] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:07:05 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 151.629287][T14390] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 151.637305][T14390] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:05 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x4000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:05 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x5000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:05 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006900) 00:07:05 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x6000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 151.777698][T14434] loop5: detected capacity change from 0 to 264192 [ 151.822674][T14434] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 151.845804][T14387] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:05 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x34) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x6) prlimit64(r1, 0xc, &(0x7f0000000040)={0x7, 0xd1ec}, &(0x7f0000000080)) mlockall(0x1) mlockall(0x5) 00:07:05 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 87) 00:07:05 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x7000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:05 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:05 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:05 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006a00) 00:07:06 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x8000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:06 executing program 0: pipe(&(0x7f00000001c0)) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x10) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='veth1_to_batadv\x00'}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYBLOB="9dae85a6a10f6fe9e09a07bb9da666501da699f8af3a66ea3c288c8911221d4a83198924894cbe4b6b2dfdfe27bcb3c7d489a7d4069c84e4c60edd"], 0x4240a2a0) setrlimit(0x6, &(0x7f0000000100)={0x95e9, 0x6}) mlockall(0x0) mlockall(0x5) [ 152.077900][T14474] loop3: detected capacity change from 0 to 264192 [ 152.082953][T14475] loop5: detected capacity change from 0 to 264192 [ 152.094858][T14474] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 152.143984][T14480] FAULT_INJECTION: forcing a failure. [ 152.143984][T14480] name failslab, interval 1, probability 0, space 0, times 0 [ 152.156632][T14480] CPU: 1 PID: 14480 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 152.165391][T14480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 152.169331][T14475] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 152.175491][T14480] Call Trace: [ 152.175498][T14480] dump_stack_lvl+0xd6/0x122 [ 152.175523][T14480] dump_stack+0x11/0x1b [ 152.193995][T14480] should_fail+0x23c/0x250 [ 152.198420][T14480] __should_failslab+0x81/0x90 [ 152.203195][T14480] ? __iomap_dio_rw+0x139/0x1010 [ 152.208155][T14480] should_failslab+0x5/0x20 [ 152.212666][T14480] kmem_cache_alloc_trace+0x52/0x320 [ 152.218028][T14480] ? __getblk_gfp+0x3f/0x590 [ 152.222790][T14480] __iomap_dio_rw+0x139/0x1010 [ 152.227569][T14480] ? __brelse+0x2c/0x50 [ 152.231744][T14480] ? ext4_mark_iloc_dirty+0x161a/0x1700 [ 152.237431][T14480] iomap_dio_rw+0x30/0x70 00:07:06 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) tee(r0, r2, 0x200, 0x0) 00:07:06 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 152.241808][T14480] ? ext4_file_write_iter+0x461/0x11f0 [ 152.247298][T14480] ext4_file_write_iter+0xaa9/0x11f0 [ 152.252585][T14480] ? ext4_file_write_iter+0x461/0x11f0 [ 152.258127][T14480] do_iter_readv_writev+0x2de/0x380 [ 152.263385][T14480] do_iter_write+0x192/0x5c0 [ 152.267971][T14480] ? splice_from_pipe_next+0x34f/0x3b0 [ 152.273419][T14480] ? kmalloc_array+0x2d/0x40 [ 152.278005][T14480] vfs_iter_write+0x4c/0x70 [ 152.282510][T14480] iter_file_splice_write+0x43a/0x790 [ 152.287914][T14480] ? splice_from_pipe+0xd0/0xd0 [ 152.292824][T14480] direct_splice_actor+0x80/0xa0 [ 152.297759][T14480] splice_direct_to_actor+0x345/0x650 [ 152.303155][T14480] ? do_splice_direct+0x190/0x190 [ 152.308254][T14480] do_splice_direct+0x106/0x190 [ 152.313104][T14480] do_sendfile+0x63e/0xbb0 [ 152.317519][T14480] __x64_sys_sendfile64+0x102/0x140 [ 152.322796][T14480] do_syscall_64+0x44/0xa0 [ 152.327215][T14480] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 152.333112][T14480] RIP: 0033:0x7fc9483818d9 [ 152.337515][T14480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 152.357180][T14480] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 152.365606][T14480] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 152.373645][T14480] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 152.381614][T14480] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:07:06 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x9000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:06 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 88) 00:07:06 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xa000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 152.389579][T14480] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 152.397550][T14480] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 152.470089][T14521] loop3: detected capacity change from 0 to 264192 [ 152.492744][T14521] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 152.496980][T14530] loop5: detected capacity change from 0 to 264192 [ 152.504805][T14521] EXT4-fs (loop3): get root inode failed [ 152.513349][T14530] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 152.516894][T14521] EXT4-fs (loop3): mount failed [ 152.526922][T14520] FAULT_INJECTION: forcing a failure. [ 152.526922][T14520] name failslab, interval 1, probability 0, space 0, times 0 [ 152.540821][T14520] CPU: 1 PID: 14520 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 152.549575][T14520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 152.559642][T14520] Call Trace: [ 152.563044][T14520] dump_stack_lvl+0xd6/0x122 [ 152.567637][T14520] dump_stack+0x11/0x1b [ 152.571782][T14520] should_fail+0x23c/0x250 [ 152.576185][T14520] ? mempool_alloc_slab+0x16/0x20 [ 152.581193][T14520] __should_failslab+0x81/0x90 [ 152.585977][T14520] should_failslab+0x5/0x20 [ 152.590470][T14520] kmem_cache_alloc+0x4f/0x300 [ 152.595223][T14520] ? ext4_fc_track_range+0x90/0x140 [ 152.600409][T14520] mempool_alloc_slab+0x16/0x20 [ 152.605247][T14520] ? mempool_free+0x130/0x130 [ 152.609923][T14520] mempool_alloc+0x9d/0x310 [ 152.614409][T14520] bio_alloc_bioset+0xcc/0x530 [ 152.619157][T14520] ? iov_iter_alignment+0x34b/0x370 [ 152.624342][T14520] iomap_dio_bio_iter+0x5c1/0xbc0 [ 152.629356][T14520] __iomap_dio_rw+0x8d8/0x1010 [ 152.634189][T14520] iomap_dio_rw+0x30/0x70 [ 152.639034][T14520] ? ext4_file_write_iter+0x461/0x11f0 [ 152.644525][T14520] ext4_file_write_iter+0xaa9/0x11f0 [ 152.649807][T14520] ? ext4_file_write_iter+0x461/0x11f0 [ 152.655277][T14520] do_iter_readv_writev+0x2de/0x380 [ 152.660482][T14520] do_iter_write+0x192/0x5c0 [ 152.665077][T14520] ? splice_from_pipe_next+0x34f/0x3b0 [ 152.670533][T14520] ? kmalloc_array+0x2d/0x40 [ 152.675174][T14520] vfs_iter_write+0x4c/0x70 [ 152.679676][T14520] iter_file_splice_write+0x43a/0x790 [ 152.685044][T14520] ? splice_from_pipe+0xd0/0xd0 [ 152.690000][T14520] direct_splice_actor+0x80/0xa0 [ 152.694929][T14520] splice_direct_to_actor+0x345/0x650 [ 152.700310][T14520] ? do_splice_direct+0x190/0x190 [ 152.705394][T14520] do_splice_direct+0x106/0x190 [ 152.710235][T14520] do_sendfile+0x63e/0xbb0 [ 152.714647][T14520] __x64_sys_sendfile64+0x102/0x140 [ 152.719913][T14520] do_syscall_64+0x44/0xa0 [ 152.724407][T14520] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 152.730304][T14520] RIP: 0033:0x7fc9483818d9 [ 152.734707][T14520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 152.754326][T14520] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 152.762797][T14520] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 00:07:06 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xb000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:06 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 152.770869][T14520] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 152.778826][T14520] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 152.786944][T14520] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 152.794905][T14520] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:06 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xc000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:06 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, 0x0) 00:07:06 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006b00) 00:07:06 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 152.880380][T14552] loop3: detected capacity change from 0 to 264192 [ 152.943213][T14552] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 152.955371][T14552] EXT4-fs (loop3): get root inode failed [ 152.961136][T14552] EXT4-fs (loop3): mount failed [ 152.979135][T14568] loop5: detected capacity change from 0 to 264192 00:07:07 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xe000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:07 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 89) 00:07:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, 0x0) 00:07:07 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:07 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006c00) 00:07:07 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x10000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, 0x0) [ 153.168306][T14599] loop5: detected capacity change from 0 to 264192 [ 153.188175][T14598] loop3: detected capacity change from 0 to 264192 [ 153.228547][T14611] FAULT_INJECTION: forcing a failure. [ 153.228547][T14611] name failslab, interval 1, probability 0, space 0, times 0 [ 153.241190][T14611] CPU: 1 PID: 14611 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 153.249943][T14611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 153.259981][T14611] Call Trace: [ 153.263245][T14611] dump_stack_lvl+0xd6/0x122 [ 153.267864][T14611] dump_stack+0x11/0x1b [ 153.272006][T14611] should_fail+0x23c/0x250 [ 153.276404][T14611] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 153.281699][T14611] __should_failslab+0x81/0x90 [ 153.286491][T14611] should_failslab+0x5/0x20 [ 153.291042][T14611] kmem_cache_alloc+0x4f/0x300 [ 153.295789][T14611] ext4_mb_new_blocks+0x317/0x1fc0 [ 153.300881][T14611] ? ext4_find_extent+0x7b2/0x7f0 [ 153.305919][T14611] ? ext4_ext_search_right+0x246/0x540 [ 153.311385][T14611] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 153.316678][T14611] ? ext4_es_lookup_extent+0x36b/0x490 [ 153.322127][T14611] ext4_map_blocks+0x71e/0xf00 [ 153.327027][T14611] ? crypto_shash_update+0x13c/0x1a0 [ 153.332348][T14611] ext4_iomap_begin+0x4b0/0x630 [ 153.337202][T14611] ? ext4_alloc_da_blocks+0xd0/0xd0 [ 153.342393][T14611] iomap_iter+0x39c/0x470 [ 153.346727][T14611] __iomap_dio_rw+0x698/0x1010 [ 153.351492][T14611] ? __ext4_mark_inode_dirty+0x4c1/0x5c0 [ 153.357120][T14611] iomap_dio_rw+0x30/0x70 [ 153.361437][T14611] ? ext4_file_write_iter+0x461/0x11f0 [ 153.366962][T14611] ext4_file_write_iter+0xaa9/0x11f0 [ 153.372298][T14611] ? ext4_file_write_iter+0x461/0x11f0 [ 153.377739][T14611] do_iter_readv_writev+0x2de/0x380 [ 153.382994][T14611] do_iter_write+0x192/0x5c0 [ 153.387568][T14611] ? splice_from_pipe_next+0x34f/0x3b0 [ 153.393016][T14611] ? kmalloc_array+0x2d/0x40 [ 153.397669][T14611] vfs_iter_write+0x4c/0x70 [ 153.402160][T14611] iter_file_splice_write+0x43a/0x790 [ 153.407512][T14611] ? splice_from_pipe+0xd0/0xd0 [ 153.412341][T14611] direct_splice_actor+0x80/0xa0 [ 153.417322][T14611] splice_direct_to_actor+0x345/0x650 [ 153.422680][T14611] ? do_splice_direct+0x190/0x190 [ 153.427686][T14611] do_splice_direct+0x106/0x190 [ 153.432517][T14611] do_sendfile+0x63e/0xbb0 [ 153.436921][T14611] __x64_sys_sendfile64+0x102/0x140 [ 153.442105][T14611] do_syscall_64+0x44/0xa0 [ 153.446509][T14611] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 153.452394][T14611] RIP: 0033:0x7fc9483818d9 [ 153.456806][T14611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:07 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x11000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 153.476409][T14611] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 153.484803][T14611] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 153.492755][T14611] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 153.500707][T14611] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 153.508658][T14611] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 153.516608][T14611] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:07 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x12000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 153.563436][T14598] EXT4-fs error (device loop3): ext4_fill_super:4810: inode #2: comm syz-executor.3: iget: root inode unallocated [ 153.575484][T14598] EXT4-fs (loop3): get root inode failed [ 153.581109][T14598] EXT4-fs (loop3): mount failed [ 153.595954][T14630] loop5: detected capacity change from 0 to 264192 00:07:07 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006d00) 00:07:07 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x14000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:07 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 90) 00:07:07 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b000000800000000800000052", 0x61, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:07 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:07 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x20000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 153.745397][T14673] loop5: detected capacity change from 0 to 264192 [ 153.752521][T14662] FAULT_INJECTION: forcing a failure. [ 153.752521][T14662] name failslab, interval 1, probability 0, space 0, times 0 [ 153.765172][T14662] CPU: 1 PID: 14662 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 153.768687][T14673] EXT4-fs error (device loop5): ext4_fill_super:4810: inode #2: comm syz-executor.5: iget: root inode unallocated [ 153.773927][T14662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 153.773939][T14662] Call Trace: [ 153.773947][T14662] dump_stack_lvl+0xd6/0x122 [ 153.785945][T14673] EXT4-fs (loop5): get root inode failed [ 153.795932][T14662] dump_stack+0x11/0x1b [ 153.795955][T14662] should_fail+0x23c/0x250 [ 153.799220][T14673] EXT4-fs (loop5): mount failed [ 153.803796][T14662] ? mempool_alloc_slab+0x16/0x20 [ 153.827838][T14662] __should_failslab+0x81/0x90 [ 153.832604][T14662] should_failslab+0x5/0x20 [ 153.837106][T14662] kmem_cache_alloc+0x4f/0x300 [ 153.841869][T14662] mempool_alloc_slab+0x16/0x20 [ 153.846960][T14662] ? mempool_free+0x130/0x130 [ 153.851642][T14662] mempool_alloc+0x9d/0x310 [ 153.856136][T14662] ? crypto_shash_update+0x13c/0x1a0 [ 153.856505][T14674] loop3: detected capacity change from 0 to 264192 [ 153.861412][T14662] sg_pool_alloc+0x74/0x90 [ 153.872306][T14662] __sg_alloc_table+0xce/0x290 [ 153.877071][T14662] sg_alloc_table_chained+0xaf/0x140 [ 153.882399][T14662] ? sg_alloc_table_chained+0x140/0x140 [ 153.887207][T14674] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 153.888005][T14662] scsi_alloc_sgtables+0x184/0x510 [ 153.888033][T14662] sd_init_command+0x952/0x1610 [ 153.904430][T14662] scsi_queue_rq+0x10cd/0x15a0 [ 153.909281][T14662] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 153.914836][T14662] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 153.920419][T14662] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 153.926657][T14662] ? rb_insert_color+0x2fa/0x310 [ 153.931590][T14662] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 153.937572][T14662] __blk_mq_run_hw_queue+0xbc/0x140 [ 153.942795][T14662] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 153.948606][T14662] blk_mq_run_hw_queue+0x22c/0x250 [ 153.953718][T14662] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 153.959714][T14662] blk_mq_flush_plug_list+0x302/0x3d0 [ 153.965090][T14662] blk_flush_plug_list+0x235/0x260 [ 153.970252][T14662] blk_finish_plug+0x44/0x60 [ 153.974888][T14662] __iomap_dio_rw+0xca7/0x1010 [ 153.979691][T14662] iomap_dio_rw+0x30/0x70 [ 153.984017][T14662] ? ext4_file_write_iter+0x461/0x11f0 [ 153.989533][T14662] ext4_file_write_iter+0xaa9/0x11f0 [ 153.994942][T14662] ? ext4_file_write_iter+0x461/0x11f0 [ 154.000447][T14662] do_iter_readv_writev+0x2de/0x380 [ 154.005678][T14662] do_iter_write+0x192/0x5c0 [ 154.010301][T14662] ? splice_from_pipe_next+0x34f/0x3b0 [ 154.015755][T14662] ? kmalloc_array+0x2d/0x40 [ 154.020374][T14662] vfs_iter_write+0x4c/0x70 [ 154.024918][T14662] iter_file_splice_write+0x43a/0x790 [ 154.030291][T14662] ? splice_from_pipe+0xd0/0xd0 [ 154.035136][T14662] direct_splice_actor+0x80/0xa0 [ 154.040070][T14662] splice_direct_to_actor+0x345/0x650 [ 154.045534][T14662] ? do_splice_direct+0x190/0x190 [ 154.050575][T14662] do_splice_direct+0x106/0x190 [ 154.055420][T14662] do_sendfile+0x63e/0xbb0 [ 154.059840][T14662] __x64_sys_sendfile64+0x102/0x140 [ 154.065051][T14662] do_syscall_64+0x44/0xa0 [ 154.069522][T14662] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 154.075418][T14662] RIP: 0033:0x7fc9483818d9 [ 154.079825][T14662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 154.099431][T14662] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 154.107848][T14662] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 154.115835][T14662] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 154.123806][T14662] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 [ 154.131779][T14662] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x20100000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 154.139755][T14662] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 00:07:08 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:08 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006e00) 00:07:08 executing program 5: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x600, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x22000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x25000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:08 executing program 5: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x600, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 154.283001][T14702] loop3: detected capacity change from 0 to 264192 [ 154.305833][T14702] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 00:07:08 executing program 5: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x600, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:08 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) (fail_nth: 91) 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2a9c2bea, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:08 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:08 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80006f00) 00:07:08 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 1) 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2d030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 154.582521][T14775] FAULT_INJECTION: forcing a failure. [ 154.582521][T14775] name failslab, interval 1, probability 0, space 0, times 0 [ 154.595299][T14775] CPU: 1 PID: 14775 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 154.604059][T14775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.604689][T14774] loop3: detected capacity change from 0 to 264192 [ 154.614113][T14775] Call Trace: [ 154.614124][T14775] dump_stack_lvl+0xd6/0x122 [ 154.628442][T14775] dump_stack+0x11/0x1b [ 154.632597][T14775] should_fail+0x23c/0x250 [ 154.637012][T14775] ? __se_sys_memfd_create+0xfb/0x390 [ 154.641559][T14774] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 154.642378][T14775] __should_failslab+0x81/0x90 [ 154.653610][T14775] should_failslab+0x5/0x20 [ 154.658118][T14775] __kmalloc+0x6f/0x350 [ 154.662268][T14775] ? strnlen_user+0x137/0x1c0 [ 154.667040][T14775] __se_sys_memfd_create+0xfb/0x390 [ 154.672249][T14775] __x64_sys_memfd_create+0x2d/0x40 [ 154.677454][T14775] do_syscall_64+0x44/0xa0 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2e030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 154.681869][T14775] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 154.687902][T14775] RIP: 0033:0x7fd8966838d9 [ 154.692314][T14775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 154.711919][T14775] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 154.720353][T14775] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2f030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 154.728383][T14775] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 154.736347][T14775] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 154.744363][T14775] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 154.752329][T14775] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:08 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x30030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:08 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, 0x0) [ 154.791504][T14773] FAULT_INJECTION: forcing a failure. [ 154.791504][T14773] name failslab, interval 1, probability 0, space 0, times 0 [ 154.804142][T14773] CPU: 1 PID: 14773 Comm: syz-executor.2 Not tainted 5.15.0-rc3-syzkaller #0 [ 154.812925][T14773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.823159][T14773] Call Trace: [ 154.826464][T14773] dump_stack_lvl+0xd6/0x122 [ 154.831059][T14773] dump_stack+0x11/0x1b [ 154.835215][T14773] should_fail+0x23c/0x250 00:07:08 executing program 0: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x4240a2a0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001080)={0x58, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_TID_CONFIG={0x30, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xbb}]}, {0x8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x3}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}]}]}]}, 0x58}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000140)={0x0, 0x45, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)={0xfffffffffffffe71, r2, 0x8, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x24}, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x2, 0x6c}}}}, ["", "", "", ""]}, 0x30}}, 0x4) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) setrlimit(0x4, &(0x7f0000000140)={0x2d, 0x100002}) [ 154.839645][T14773] ? mempool_alloc_slab+0x16/0x20 [ 154.844664][T14773] __should_failslab+0x81/0x90 [ 154.849462][T14773] should_failslab+0x5/0x20 [ 154.853959][T14773] kmem_cache_alloc+0x4f/0x300 [ 154.855645][T14799] loop3: detected capacity change from 0 to 264192 [ 154.858718][T14773] mempool_alloc_slab+0x16/0x20 [ 154.858739][T14773] ? mempool_free+0x130/0x130 [ 154.858755][T14773] mempool_alloc+0x9d/0x310 [ 154.858769][T14773] ? crypto_shash_update+0x13c/0x1a0 [ 154.858786][T14773] sg_pool_alloc+0x74/0x90 [ 154.889246][T14773] __sg_alloc_table+0xce/0x290 [ 154.894050][T14773] sg_alloc_table_chained+0xaf/0x140 [ 154.899328][T14773] ? sg_alloc_table_chained+0x140/0x140 [ 154.904869][T14773] scsi_alloc_sgtables+0x184/0x510 [ 154.909988][T14773] sd_init_command+0x952/0x1610 [ 154.914823][T14773] scsi_queue_rq+0x10cd/0x15a0 [ 154.919590][T14773] blk_mq_dispatch_rq_list+0x63b/0x1080 [ 154.925128][T14773] blk_mq_do_dispatch_sched+0x3b5/0x640 [ 154.930770][T14773] __blk_mq_sched_dispatch_requests+0x1eb/0x290 [ 154.937039][T14773] ? rb_insert_color+0x2fa/0x310 [ 154.941970][T14773] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 154.947947][T14773] __blk_mq_run_hw_queue+0xbc/0x140 [ 154.953144][T14773] __blk_mq_delay_run_hw_queue+0x163/0x2f0 [ 154.958937][T14773] blk_mq_run_hw_queue+0x22c/0x250 [ 154.964036][T14773] blk_mq_sched_insert_requests+0x12b/0x1f0 [ 154.969913][T14773] blk_mq_flush_plug_list+0x302/0x3d0 [ 154.975281][T14773] blk_flush_plug_list+0x235/0x260 [ 154.980377][T14773] blk_finish_plug+0x44/0x60 [ 154.985111][T14773] __iomap_dio_rw+0xca7/0x1010 [ 154.989867][T14773] iomap_dio_rw+0x30/0x70 [ 154.994186][T14773] ? ext4_file_write_iter+0x461/0x11f0 [ 154.999659][T14773] ext4_file_write_iter+0xaa9/0x11f0 [ 155.004927][T14773] ? ext4_file_write_iter+0x461/0x11f0 [ 155.010387][T14773] do_iter_readv_writev+0x2de/0x380 [ 155.015571][T14773] do_iter_write+0x192/0x5c0 [ 155.020186][T14773] ? splice_from_pipe_next+0x34f/0x3b0 [ 155.025700][T14773] ? kmalloc_array+0x2d/0x40 [ 155.030285][T14773] vfs_iter_write+0x4c/0x70 [ 155.034794][T14773] iter_file_splice_write+0x43a/0x790 [ 155.040147][T14773] ? splice_from_pipe+0xd0/0xd0 [ 155.045071][T14773] direct_splice_actor+0x80/0xa0 [ 155.049996][T14773] splice_direct_to_actor+0x345/0x650 [ 155.055354][T14773] ? do_splice_direct+0x190/0x190 [ 155.060360][T14773] do_splice_direct+0x106/0x190 [ 155.065199][T14773] do_sendfile+0x63e/0xbb0 [ 155.069604][T14773] __x64_sys_sendfile64+0x102/0x140 [ 155.074793][T14773] do_syscall_64+0x44/0xa0 [ 155.079291][T14773] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 155.085232][T14773] RIP: 0033:0x7fc9483818d9 [ 155.089675][T14773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 155.109416][T14773] RSP: 002b:00007fc9460f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 155.117808][T14773] RAX: ffffffffffffffda RBX: 00007fc948485f60 RCX: 00007fc9483818d9 [ 155.125762][T14773] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 155.133800][T14773] RBP: 00007fc9460f91d0 R08: 0000000000000000 R09: 0000000000000000 00:07:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 2) [ 155.141802][T14773] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 155.149754][T14773] R13: 00007fff8d573acf R14: 00007fc9460f9300 R15: 0000000000022000 [ 155.203201][T14809] FAULT_INJECTION: forcing a failure. [ 155.203201][T14809] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 155.216282][T14809] CPU: 0 PID: 14809 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 155.225036][T14809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 155.235074][T14809] Call Trace: [ 155.238354][T14809] dump_stack_lvl+0xd6/0x122 [ 155.242986][T14809] dump_stack+0x11/0x1b [ 155.247126][T14809] should_fail+0x23c/0x250 [ 155.251524][T14809] should_fail_usercopy+0x16/0x20 [ 155.256651][T14809] _copy_from_user+0x1c/0xd0 [ 155.261224][T14809] __se_sys_memfd_create+0x137/0x390 [ 155.266502][T14809] __x64_sys_memfd_create+0x2d/0x40 [ 155.271681][T14809] do_syscall_64+0x44/0xa0 [ 155.276084][T14809] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 155.281965][T14809] RIP: 0033:0x7fd8966838d9 [ 155.286358][T14809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 155.306005][T14809] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 155.314450][T14809] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 [ 155.322402][T14809] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 155.330358][T14809] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 155.338427][T14809] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 155.346378][T14809] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:09 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, 0x0) 00:07:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 3) 00:07:09 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 00:07:09 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007000) 00:07:09 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x31030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 155.466391][T14824] FAULT_INJECTION: forcing a failure. [ 155.466391][T14824] name failslab, interval 1, probability 0, space 0, times 0 [ 155.475631][T14826] loop3: detected capacity change from 0 to 264192 [ 155.479030][T14824] CPU: 0 PID: 14824 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 155.494217][T14824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 155.504396][T14824] Call Trace: [ 155.507660][T14824] dump_stack_lvl+0xd6/0x122 [ 155.512353][T14824] dump_stack+0x11/0x1b [ 155.516493][T14824] should_fail+0x23c/0x250 [ 155.520936][T14824] ? shmem_alloc_inode+0x22/0x30 [ 155.525877][T14824] __should_failslab+0x81/0x90 [ 155.530623][T14824] ? shmem_match+0xa0/0xa0 [ 155.535057][T14824] should_failslab+0x5/0x20 [ 155.539545][T14824] kmem_cache_alloc+0x4f/0x300 [ 155.544361][T14824] ? shmem_match+0xa0/0xa0 [ 155.548758][T14824] shmem_alloc_inode+0x22/0x30 [ 155.553527][T14824] new_inode_pseudo+0x38/0x1c0 [ 155.558278][T14824] new_inode+0x21/0x120 [ 155.562433][T14824] shmem_get_inode+0xb7/0x4a0 [ 155.567100][T14824] __shmem_file_setup+0xf1/0x1d0 [ 155.572028][T14824] shmem_file_setup+0x37/0x40 [ 155.576762][T14824] __se_sys_memfd_create+0x1eb/0x390 [ 155.582112][T14824] __x64_sys_memfd_create+0x2d/0x40 [ 155.587301][T14824] do_syscall_64+0x44/0xa0 [ 155.591703][T14824] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 155.597602][T14824] RIP: 0033:0x7fd8966838d9 [ 155.602013][T14824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 155.621601][T14824] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 155.629994][T14824] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 [ 155.637947][T14824] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 155.645960][T14824] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 155.653991][T14824] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 00:07:09 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x32030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 155.661945][T14824] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:09 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7ffff000) 00:07:09 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x33030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:09 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, 0x0) 00:07:09 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3f000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 155.814570][T14858] loop3: detected capacity change from 0 to 264192 00:07:09 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c743400040000000000001748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c4822652eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2d458dc4729ba04a64c623ee3d0e4bfbbbac66f774d9a5d98f927606a0d7ead91d01b97c5305f57c95fc547c335f31d26c80778a5c44cf3636349bbae79f2e4298d042cfaf59ec56bb266f5d6eb6834456ac5fd489477010bc3545db9193fa98a48545d71837f5e49128935dd7df2383c0afae3f64bbc955499580ab1", @ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRESDEC], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:09 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x40000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:09 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 4) 00:07:09 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007100) 00:07:09 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 1) 00:07:09 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0xffffffffffffffff) [ 156.060412][T14885] FAULT_INJECTION: forcing a failure. [ 156.060412][T14885] name failslab, interval 1, probability 0, space 0, times 0 [ 156.073056][T14885] CPU: 0 PID: 14885 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 156.081833][T14885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.091992][T14885] Call Trace: [ 156.095299][T14885] dump_stack_lvl+0xd6/0x122 [ 156.099891][T14885] dump_stack+0x11/0x1b [ 156.104032][T14885] should_fail+0x23c/0x250 [ 156.108453][T14885] ? security_inode_alloc+0x30/0x180 [ 156.113728][T14885] __should_failslab+0x81/0x90 [ 156.118476][T14885] should_failslab+0x5/0x20 [ 156.122963][T14885] kmem_cache_alloc+0x4f/0x300 [ 156.128028][T14885] security_inode_alloc+0x30/0x180 [ 156.133222][T14885] inode_init_always+0x20b/0x430 [ 156.138241][T14885] ? shmem_match+0xa0/0xa0 [ 156.142644][T14885] new_inode_pseudo+0x73/0x1c0 [ 156.147419][T14885] new_inode+0x21/0x120 [ 156.151729][T14885] shmem_get_inode+0xb7/0x4a0 [ 156.156402][T14885] __shmem_file_setup+0xf1/0x1d0 [ 156.161382][T14885] shmem_file_setup+0x37/0x40 [ 156.166049][T14885] __se_sys_memfd_create+0x1eb/0x390 [ 156.171326][T14885] __x64_sys_memfd_create+0x2d/0x40 [ 156.176520][T14885] do_syscall_64+0x44/0xa0 [ 156.180930][T14885] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.186821][T14885] RIP: 0033:0x7fd8966838d9 [ 156.191221][T14885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:10 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x6158f3fa, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 156.210826][T14885] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 156.219222][T14885] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 [ 156.227175][T14885] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 156.235157][T14885] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 156.243280][T14885] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 156.251242][T14885] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 [ 156.284579][T14893] FAULT_INJECTION: forcing a failure. [ 156.284579][T14893] name failslab, interval 1, probability 0, space 0, times 0 [ 156.297210][T14893] CPU: 0 PID: 14893 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 156.305969][T14893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.316020][T14893] Call Trace: [ 156.319333][T14893] dump_stack_lvl+0xd6/0x122 [ 156.323931][T14893] dump_stack+0x11/0x1b [ 156.328149][T14893] should_fail+0x23c/0x250 [ 156.332571][T14893] ? __se_sys_memfd_create+0xfb/0x390 [ 156.337946][T14893] __should_failslab+0x81/0x90 [ 156.342748][T14893] should_failslab+0x5/0x20 [ 156.347251][T14893] __kmalloc+0x6f/0x350 [ 156.351443][T14893] ? strnlen_user+0x137/0x1c0 [ 156.356124][T14893] __se_sys_memfd_create+0xfb/0x390 [ 156.361338][T14893] __x64_sys_memfd_create+0x2d/0x40 [ 156.366528][T14893] do_syscall_64+0x44/0xa0 [ 156.371012][T14893] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.376914][T14893] RIP: 0033:0x7fe6b5d0c8d9 [ 156.381387][T14893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 156.401095][T14893] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 156.409500][T14893] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 [ 156.417466][T14893] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 156.425510][T14893] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff 00:07:10 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000040)={&(0x7f0000000400)=""/4096, 0x1000, 0x10000, 0x3}) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) 00:07:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 5) 00:07:10 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x8cffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:10 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x97ffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 156.433509][T14893] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 156.441475][T14893] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:10 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 2) [ 156.492640][T14921] FAULT_INJECTION: forcing a failure. [ 156.492640][T14921] name failslab, interval 1, probability 0, space 0, times 0 [ 156.505352][T14921] CPU: 1 PID: 14921 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 156.514113][T14921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.524162][T14921] Call Trace: [ 156.527435][T14921] dump_stack_lvl+0xd6/0x122 [ 156.532022][T14921] dump_stack+0x11/0x1b [ 156.536189][T14921] should_fail+0x23c/0x250 [ 156.540608][T14921] ? __d_alloc+0x36/0x370 [ 156.544937][T14921] __should_failslab+0x81/0x90 [ 156.549822][T14921] should_failslab+0x5/0x20 [ 156.554389][T14921] kmem_cache_alloc+0x4f/0x300 [ 156.559139][T14921] ? security_inode_alloc+0x138/0x180 [ 156.564496][T14921] ? __init_rwsem+0x59/0x70 [ 156.569052][T14921] __d_alloc+0x36/0x370 [ 156.573277][T14921] d_alloc_pseudo+0x1a/0x50 [ 156.577808][T14921] alloc_file_pseudo+0x77/0x150 [ 156.582643][T14921] __shmem_file_setup+0x14c/0x1d0 [ 156.587650][T14921] shmem_file_setup+0x37/0x40 [ 156.592344][T14921] __se_sys_memfd_create+0x1eb/0x390 [ 156.597612][T14921] __x64_sys_memfd_create+0x2d/0x40 [ 156.602792][T14921] do_syscall_64+0x44/0xa0 [ 156.607205][T14921] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.613085][T14921] RIP: 0033:0x7fd8966838d9 [ 156.617483][T14921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 156.637094][T14921] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 156.645487][T14921] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 [ 156.653447][T14921] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 156.661398][T14921] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 156.669369][T14921] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 156.677384][T14921] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 [ 156.728758][T14931] FAULT_INJECTION: forcing a failure. [ 156.728758][T14931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 156.741875][T14931] CPU: 1 PID: 14931 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 156.750813][T14931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.760858][T14931] Call Trace: [ 156.764128][T14931] dump_stack_lvl+0xd6/0x122 [ 156.768756][T14931] dump_stack+0x11/0x1b [ 156.772929][T14931] should_fail+0x23c/0x250 [ 156.777353][T14931] should_fail_usercopy+0x16/0x20 [ 156.782404][T14931] _copy_from_user+0x1c/0xd0 [ 156.786989][T14931] __se_sys_memfd_create+0x137/0x390 [ 156.792284][T14931] __x64_sys_memfd_create+0x2d/0x40 [ 156.797564][T14931] do_syscall_64+0x44/0xa0 [ 156.801983][T14931] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.807977][T14931] RIP: 0033:0x7fe6b5d0c8d9 [ 156.812382][T14931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 156.831982][T14931] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 156.840392][T14931] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 [ 156.848383][T14931] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 156.856347][T14931] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 156.864330][T14931] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 156.872283][T14931] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:10 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000040)) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) mlockall(0x2) 00:07:10 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xc0ed0000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 6) 00:07:10 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007200) 00:07:10 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 3) 00:07:10 executing program 2: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x85, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x84ca, 0x0) pipe(0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = syz_io_uring_complete(0x0) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x93fe1ba6bae0496e, 0x0) sendfile(r2, r3, &(0x7f0000000080)=0x41, 0x82) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x80000001) [ 156.964362][T14950] FAULT_INJECTION: forcing a failure. [ 156.964362][T14950] name failslab, interval 1, probability 0, space 0, times 0 [ 156.977093][T14950] CPU: 1 PID: 14950 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 156.985854][T14950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.995894][T14950] Call Trace: [ 156.999159][T14950] dump_stack_lvl+0xd6/0x122 [ 157.003755][T14950] dump_stack+0x11/0x1b [ 157.007915][T14950] should_fail+0x23c/0x250 [ 157.012324][T14950] ? __alloc_file+0x2e/0x1a0 [ 157.016951][T14950] __should_failslab+0x81/0x90 [ 157.021745][T14950] should_failslab+0x5/0x20 [ 157.026250][T14950] kmem_cache_alloc+0x4f/0x300 [ 157.031036][T14950] __alloc_file+0x2e/0x1a0 [ 157.035506][T14950] alloc_empty_file+0xcd/0x1c0 [ 157.040254][T14950] alloc_file+0x3a/0x280 [ 157.044482][T14950] alloc_file_pseudo+0xfa/0x150 [ 157.049355][T14950] __shmem_file_setup+0x14c/0x1d0 [ 157.054364][T14950] shmem_file_setup+0x37/0x40 [ 157.059029][T14950] __se_sys_memfd_create+0x1eb/0x390 [ 157.064302][T14950] __x64_sys_memfd_create+0x2d/0x40 [ 157.069516][T14950] do_syscall_64+0x44/0xa0 [ 157.073920][T14950] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.079801][T14950] RIP: 0033:0x7fd8966838d9 [ 157.084283][T14950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 157.104091][T14950] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 157.112559][T14950] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 [ 157.120513][T14950] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 157.128743][T14950] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 157.137044][T14950] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 157.145097][T14950] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 [ 157.161664][T14958] FAULT_INJECTION: forcing a failure. [ 157.161664][T14958] name failslab, interval 1, probability 0, space 0, times 0 [ 157.174312][T14958] CPU: 1 PID: 14958 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 157.183085][T14958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.193212][T14958] Call Trace: [ 157.196484][T14958] dump_stack_lvl+0xd6/0x122 [ 157.201071][T14958] dump_stack+0x11/0x1b [ 157.205280][T14958] should_fail+0x23c/0x250 [ 157.209811][T14958] ? shmem_alloc_inode+0x22/0x30 [ 157.215094][T14958] __should_failslab+0x81/0x90 [ 157.219854][T14958] ? shmem_match+0xa0/0xa0 [ 157.224271][T14958] should_failslab+0x5/0x20 [ 157.228977][T14958] kmem_cache_alloc+0x4f/0x300 [ 157.233788][T14958] ? shmem_match+0xa0/0xa0 [ 157.238260][T14958] shmem_alloc_inode+0x22/0x30 [ 157.243017][T14958] new_inode_pseudo+0x38/0x1c0 [ 157.247778][T14958] new_inode+0x21/0x120 [ 157.251930][T14958] shmem_get_inode+0xb7/0x4a0 [ 157.256629][T14958] __shmem_file_setup+0xf1/0x1d0 [ 157.261564][T14958] shmem_file_setup+0x37/0x40 [ 157.266332][T14958] __se_sys_memfd_create+0x1eb/0x390 [ 157.271608][T14958] __x64_sys_memfd_create+0x2d/0x40 [ 157.276852][T14958] do_syscall_64+0x44/0xa0 [ 157.281348][T14958] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.287253][T14958] RIP: 0033:0x7fe6b5d0c8d9 [ 157.291663][T14958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:11 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcc000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:11 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcd000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 157.311544][T14958] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 157.319954][T14958] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 [ 157.327918][T14958] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 157.335977][T14958] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 157.343946][T14958] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 157.351981][T14958] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:11 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 4) 00:07:11 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xce000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 7) [ 157.465414][T14981] FAULT_INJECTION: forcing a failure. [ 157.465414][T14981] name failslab, interval 1, probability 0, space 0, times 0 [ 157.478098][T14981] CPU: 1 PID: 14981 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 157.486853][T14981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.496901][T14981] Call Trace: [ 157.500174][T14981] dump_stack_lvl+0xd6/0x122 [ 157.504793][T14981] dump_stack+0x11/0x1b [ 157.508943][T14981] should_fail+0x23c/0x250 00:07:11 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcf000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 157.513443][T14981] ? security_inode_alloc+0x30/0x180 [ 157.518731][T14981] __should_failslab+0x81/0x90 [ 157.523534][T14981] should_failslab+0x5/0x20 [ 157.528037][T14981] kmem_cache_alloc+0x4f/0x300 [ 157.532798][T14981] security_inode_alloc+0x30/0x180 [ 157.537915][T14981] inode_init_always+0x20b/0x430 [ 157.542854][T14981] ? shmem_match+0xa0/0xa0 [ 157.547361][T14981] new_inode_pseudo+0x73/0x1c0 [ 157.552146][T14981] new_inode+0x21/0x120 [ 157.556343][T14981] shmem_get_inode+0xb7/0x4a0 [ 157.561019][T14981] __shmem_file_setup+0xf1/0x1d0 [ 157.565956][T14981] shmem_file_setup+0x37/0x40 [ 157.570632][T14981] __se_sys_memfd_create+0x1eb/0x390 [ 157.575924][T14981] __x64_sys_memfd_create+0x2d/0x40 [ 157.581116][T14981] do_syscall_64+0x44/0xa0 [ 157.585528][T14981] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.591485][T14981] RIP: 0033:0x7fe6b5d0c8d9 [ 157.595922][T14981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 157.608434][T14993] FAULT_INJECTION: forcing a failure. [ 157.608434][T14993] name failslab, interval 1, probability 0, space 0, times 0 [ 157.615599][T14981] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 157.615622][T14981] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 [ 157.644543][T14981] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 157.652499][T14981] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 157.660448][T14981] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 157.668398][T14981] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 [ 157.676361][T14993] CPU: 0 PID: 14993 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 157.685115][T14993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.695161][T14993] Call Trace: [ 157.698429][T14993] dump_stack_lvl+0xd6/0x122 [ 157.703062][T14993] dump_stack+0x11/0x1b [ 157.707204][T14993] should_fail+0x23c/0x250 [ 157.711604][T14993] ? security_file_alloc+0x30/0x190 [ 157.716920][T14993] __should_failslab+0x81/0x90 [ 157.721681][T14993] should_failslab+0x5/0x20 [ 157.726181][T14993] kmem_cache_alloc+0x4f/0x300 [ 157.730939][T14993] security_file_alloc+0x30/0x190 [ 157.735956][T14993] __alloc_file+0x83/0x1a0 [ 157.740369][T14993] alloc_empty_file+0xcd/0x1c0 [ 157.744911][T15001] FAULT_INJECTION: forcing a failure. [ 157.744911][T15001] name failslab, interval 1, probability 0, space 0, times 0 [ 157.745131][T14993] alloc_file+0x3a/0x280 [ 157.761913][T14993] alloc_file_pseudo+0xfa/0x150 [ 157.766757][T14993] __shmem_file_setup+0x14c/0x1d0 [ 157.771770][T14993] shmem_file_setup+0x37/0x40 [ 157.776432][T14993] __se_sys_memfd_create+0x1eb/0x390 [ 157.781700][T14993] __x64_sys_memfd_create+0x2d/0x40 [ 157.786891][T14993] do_syscall_64+0x44/0xa0 [ 157.791298][T14993] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.797193][T14993] RIP: 0033:0x7fd8966838d9 [ 157.801590][T14993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 157.821213][T14993] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 157.829604][T14993] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fd8966838d9 [ 157.837554][T14993] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fd8966dce76 [ 157.845505][T14993] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 157.853488][T14993] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 00:07:11 executing program 0: pipe(&(0x7f00000001c0)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x4240a2a0) setrlimit(0x2, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) mlockall(0x5) 00:07:11 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 5) [ 157.861612][T14993] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 [ 157.869740][T15001] CPU: 1 PID: 15001 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 157.878552][T15001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.888831][T15001] Call Trace: [ 157.892095][T15001] dump_stack_lvl+0xd6/0x122 [ 157.896688][T15001] dump_stack+0x11/0x1b [ 157.900836][T15001] should_fail+0x23c/0x250 [ 157.905246][T15001] ? __d_alloc+0x36/0x370 [ 157.909574][T15001] __should_failslab+0x81/0x90 [ 157.914325][T15001] should_failslab+0x5/0x20 [ 157.918860][T15001] kmem_cache_alloc+0x4f/0x300 [ 157.923617][T15001] ? security_inode_alloc+0x138/0x180 [ 157.929042][T15001] ? __init_rwsem+0x59/0x70 [ 157.933541][T15001] __d_alloc+0x36/0x370 [ 157.937692][T15001] d_alloc_pseudo+0x1a/0x50 [ 157.942191][T15001] alloc_file_pseudo+0x77/0x150 [ 157.947040][T15001] __shmem_file_setup+0x14c/0x1d0 [ 157.952114][T15001] shmem_file_setup+0x37/0x40 [ 157.956777][T15001] __se_sys_memfd_create+0x1eb/0x390 [ 157.962060][T15001] __x64_sys_memfd_create+0x2d/0x40 [ 157.967310][T15001] do_syscall_64+0x44/0xa0 [ 157.971728][T15001] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.977630][T15001] RIP: 0033:0x7fe6b5d0c8d9 [ 157.982031][T15001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.001626][T15001] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 158.010061][T15001] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 00:07:11 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd0000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:11 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007300) 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd1000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 158.018032][T15001] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 158.026095][T15001] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 158.034142][T15001] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 158.042103][T15001] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd2000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xdaffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xe7ff0100, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xea2b9c2a, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:12 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 8) 00:07:12 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 6) [ 158.272242][T15054] FAULT_INJECTION: forcing a failure. [ 158.272242][T15054] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 158.285489][T15054] CPU: 1 PID: 15054 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 158.294244][T15054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.304295][T15054] Call Trace: [ 158.307561][T15054] dump_stack_lvl+0xd6/0x122 [ 158.312221][T15054] dump_stack+0x11/0x1b [ 158.316377][T15054] should_fail+0x23c/0x250 00:07:12 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007400) [ 158.320787][T15054] __alloc_pages+0x102/0x320 [ 158.325382][T15054] alloc_pages_vma+0x5ee/0x770 [ 158.330194][T15054] shmem_getpage_gfp+0x96d/0x13d0 [ 158.335225][T15054] ? policydb_context_isvalid+0x135/0x230 [ 158.340946][T15054] shmem_write_begin+0x7e/0x100 [ 158.345794][T15054] generic_perform_write+0x1b8/0x3e0 [ 158.351319][T15054] __generic_file_write_iter+0x174/0x310 [ 158.357015][T15054] ? generic_write_checks+0x250/0x290 [ 158.362491][T15054] generic_file_write_iter+0x75/0x130 [ 158.367892][T15054] vfs_write+0x7bc/0x900 [ 158.372143][T15054] __x64_sys_pwrite64+0xf5/0x150 [ 158.377095][T15054] do_syscall_64+0x44/0xa0 [ 158.381517][T15054] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.387415][T15054] RIP: 0033:0x7fd8966368a7 [ 158.391825][T15054] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 158.411428][T15054] RSP: 002b:00007fd8943faf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 158.419841][T15054] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966368a7 [ 158.427862][T15054] RDX: 0000000000000062 RSI: 0000000020010000 RDI: 0000000000000004 [ 158.435819][T15054] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 158.443801][T15054] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 158.451765][T15054] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 158.464473][T15054] loop5: detected capacity change from 0 to 264192 [ 158.472349][T15054] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 158.483028][T15065] FAULT_INJECTION: forcing a failure. [ 158.483028][T15065] name failslab, interval 1, probability 0, space 0, times 0 [ 158.495735][T15065] CPU: 0 PID: 15065 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 158.504576][T15065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.514623][T15065] Call Trace: [ 158.517884][T15065] dump_stack_lvl+0xd6/0x122 [ 158.522462][T15065] dump_stack+0x11/0x1b [ 158.526629][T15065] should_fail+0x23c/0x250 [ 158.531027][T15065] ? __alloc_file+0x2e/0x1a0 [ 158.535605][T15065] __should_failslab+0x81/0x90 [ 158.540368][T15065] should_failslab+0x5/0x20 [ 158.544855][T15065] kmem_cache_alloc+0x4f/0x300 [ 158.549621][T15065] __alloc_file+0x2e/0x1a0 [ 158.554102][T15065] alloc_empty_file+0xcd/0x1c0 [ 158.558910][T15065] alloc_file+0x3a/0x280 [ 158.563140][T15065] alloc_file_pseudo+0xfa/0x150 [ 158.567999][T15065] __shmem_file_setup+0x14c/0x1d0 [ 158.573138][T15065] shmem_file_setup+0x37/0x40 [ 158.577866][T15065] __se_sys_memfd_create+0x1eb/0x390 [ 158.583180][T15065] __x64_sys_memfd_create+0x2d/0x40 [ 158.588360][T15065] do_syscall_64+0x44/0xa0 [ 158.592800][T15065] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.598694][T15065] RIP: 0033:0x7fe6b5d0c8d9 [ 158.603101][T15065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.622700][T15065] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 158.631108][T15065] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 [ 158.639070][T15065] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 158.647145][T15065] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 158.655097][T15065] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 158.663122][T15065] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:12 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f4477118974b1413cbddfbc496e0b3c7434a60fc8c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa205e14aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980135710bb1cd001b72f0000000000000004f8cb715772992f7da2eb163f272805dda6f08d744eb1307468a2ee389f46021495e6a10bffbf2e058fcd8e5f772d76afd98752b492c67db200000000000000", @ANYRESOCT=r0], 0x4240a2a0) close(r0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000100)) setrlimit(0x40000000000008, &(0x7f0000000140)={0x0, 0xfffffffffffffffc}) mlockall(0x1) prlimit64(0x0, 0x0, &(0x7f0000000080)={0x57, 0x7f}, &(0x7f00000000c0)) mlockall(0x5) prlimit64(0xffffffffffffffff, 0xc, &(0x7f0000000000)={0x100000000, 0x4}, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x6, 0x1c, 0x2000000, 0xfffffff8, 0x3}, 0x14) mlockall(0x3) 00:07:12 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x16) open(0x0, 0x0, 0x0) renameat2(r1, 0x0, 0xffffffffffffffff, &(0x7f0000000140)='./bus/file0\x00', 0x1) syz_open_dev$vcsa(0x0, 0x0, 0x2) fsmount(r0, 0x1, 0x70) r2 = open$dir(&(0x7f0000000000)='./bus/file0\x00', 0x2a0040, 0x100) r3 = openat(r2, &(0x7f0000000180)='./bus/file0\x00', 0x589143, 0xc4) sendfile(r0, r3, 0x0, 0x5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(r5, 0x0, r5) r6 = getpid() sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@cred={{0x1c, 0x1, 0x2, {r6, r4, r5}}}], 0x20}, 0x0) r7 = socket$netlink(0x10, 0x3, 0xb) r8 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r10) r11 = getpid() sendmsg$netlink(r7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c, 0x1, 0x2, {r11, r9, r10}}}], 0x20}, 0x68054) fsetxattr$system_posix_acl(r3, &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="02db00000100020000000000020001005cd9cca37ad51a497e5edadfc66ffdc7cd8ad1e09e5e49f175a8f51dfd76ad006efe29347c584c272485628b04183187c94445cc64c3daac13822e37d0aa8a539be08a1deddc32e9511513ff2733ba193fdd180dddd116a30ae610250d87001b708cdd76d496209395829424da2bc95b5abc93958d3475799949a4bf303cf90ac9d5cfaec685b47059cabce0076f164d7fdd30005781c7d36454e900e1dfadeebe530cab84c5eb22891c49cb8df495", @ANYRES32=0xee00, @ANYBLOB="a359694f", @ANYRES32, @ANYBLOB="ff", @ANYRES32=0xee01, @ANYBLOB="02000100c98e6a7b94318385982f8ca1e389eeeda5bd3ed247b700e62fdafdc7e1740f8086d98cbd2fa3c814d63549974ae20631f8ce1411b58e337c5200bf9a2e7fa76ec00428639f7ff6801bae77160a7f71b45922470428692500000000000001ff84b4a34570f408551939f4bbc4a9049efabd049341a481e976effb78aa470b7a70039e5aed927d4004b7dabb366d7c470da7956d7eb436ec16354d8c7b68bc298f9a6bb809dd8283a354fcbedde21405809e9d9fe7ee4f60ccebc87a071b40d195b50b80134d78688531a812a3673d6e2192ae8b79836729015cacff1b9a05dd5eb84d95023b2338407bae27cc8c92001d4ee0e962581db77edbf6c084fde5b18670189fb9ba964feb78c809efd02bf91cc3c4e4fae7c1436dfa9d1e971f9c8c2557ec295bc60ad63bc332d0ed954e7dc8f450a1ea33047827155c31d8d152130e14213952854df669af60c82b818c5124d282bd0f2082da7620ca4d25ab254c37e13fe4498cfe521a386e9efa15a4c5df9ce51e57ae0ed5428bfbdf992dcfe6c4d546fe486dab42cdb735386f169f27d6843fc6294ccab8b83f730232ee2fc99de2007936cac4b00327e3d964bc170a84efc42f194ffd869d8a6f9b2e32aa215ce399ccf2809d4c9a8aa72bf7a7848a27a129e795731b4712930a5ad27f9a61b5b36d8ea43b8e29746b6d33c8a16bfa727e08d2297a", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES16, @ANYBLOB="02ff32dae4071630d3", @ANYRES32, @ANYBLOB="02000700", @ANYRES32=0x0, @ANYBLOB="ba961865006f190000ce0300", @ANYRES32=0xee00, @ANYBLOB="88fa0300", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0xee01, @ANYBLOB='\b\x00\a\x00', @ANYRES32, @ANYBLOB="010000007a3b1661b0f89b4e453faeb022ccea53c9908750d486811b4913ed26d40cc4feca0cc47c8b858e9e104610cff6b323148590c0", @ANYRES32=0x0, @ANYBLOB='\b\x00\a\x00', @ANYRES32=r10, @ANYBLOB="100000000000000020000000000000007ca9f5f676a907db08a379d5c498e6462878df78dc3f6566a0f206af8fe10cfa8bc7060063352521c8babbdfb211a036b34bc08fa1291ed4baf9556bac26"], 0x8c, 0x3) 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xf4000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:12 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 9) 00:07:12 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) r2 = signalfd4(r1, &(0x7f0000000040)={[0xffffffffffffff07]}, 0x8, 0x80800) sendmsg$TIPC_NL_PUBL_GET(r2, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000400)={0x1bc, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e20, @local}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x4, @remote, 0x3}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x33, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xff}}}}]}, @TIPC_NLA_LINK={0x44, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_LINK={0x98, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd9f7}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffffffff}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xc3e}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xec5}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfff}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4000080}, 0x4008048) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) [ 158.773347][T15080] FAULT_INJECTION: forcing a failure. [ 158.773347][T15080] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.786416][T15080] CPU: 1 PID: 15080 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 158.795200][T15080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.805253][T15080] Call Trace: [ 158.808509][T15080] dump_stack_lvl+0xd6/0x122 [ 158.813162][T15080] dump_stack+0x11/0x1b [ 158.817300][T15080] should_fail+0x23c/0x250 [ 158.821714][T15080] should_fail_usercopy+0x16/0x20 [ 158.826726][T15080] copy_page_from_iter_atomic+0x2c1/0xbb0 [ 158.832442][T15080] ? shmem_write_begin+0x7e/0x100 [ 158.837456][T15080] generic_perform_write+0x201/0x3e0 [ 158.842756][T15080] __generic_file_write_iter+0x174/0x310 [ 158.848380][T15080] ? generic_write_checks+0x250/0x290 [ 158.853882][T15080] generic_file_write_iter+0x75/0x130 [ 158.859318][T15080] vfs_write+0x7bc/0x900 [ 158.863546][T15080] __x64_sys_pwrite64+0xf5/0x150 [ 158.868476][T15080] do_syscall_64+0x44/0xa0 [ 158.872877][T15080] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.878787][T15080] RIP: 0033:0x7fd8966368a7 [ 158.883202][T15080] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 158.902813][T15080] RSP: 002b:00007fd8943faf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 158.911295][T15080] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966368a7 00:07:12 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 7) 00:07:12 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xf6ffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 158.919247][T15080] RDX: 0000000000000062 RSI: 0000000020010000 RDI: 0000000000000004 [ 158.927344][T15080] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 158.935341][T15080] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 158.943397][T15080] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 158.965423][T15080] loop5: detected capacity change from 0 to 264192 [ 158.980117][T15080] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 158.991140][T15097] FAULT_INJECTION: forcing a failure. [ 158.991140][T15097] name failslab, interval 1, probability 0, space 0, times 0 [ 159.003797][T15097] CPU: 0 PID: 15097 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 159.012550][T15097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.022694][T15097] Call Trace: [ 159.025969][T15097] dump_stack_lvl+0xd6/0x122 [ 159.030563][T15097] dump_stack+0x11/0x1b [ 159.034751][T15097] should_fail+0x23c/0x250 [ 159.039166][T15097] ? security_file_alloc+0x30/0x190 [ 159.044405][T15097] __should_failslab+0x81/0x90 [ 159.049215][T15097] should_failslab+0x5/0x20 [ 159.053764][T15097] kmem_cache_alloc+0x4f/0x300 [ 159.058551][T15097] security_file_alloc+0x30/0x190 [ 159.063565][T15097] __alloc_file+0x83/0x1a0 [ 159.067977][T15097] alloc_empty_file+0xcd/0x1c0 [ 159.072744][T15097] alloc_file+0x3a/0x280 [ 159.077099][T15097] alloc_file_pseudo+0xfa/0x150 [ 159.081955][T15097] __shmem_file_setup+0x14c/0x1d0 [ 159.087033][T15097] shmem_file_setup+0x37/0x40 [ 159.091705][T15097] __se_sys_memfd_create+0x1eb/0x390 [ 159.097041][T15097] __x64_sys_memfd_create+0x2d/0x40 [ 159.102270][T15097] do_syscall_64+0x44/0xa0 [ 159.106770][T15097] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 159.112695][T15097] RIP: 0033:0x7fe6b5d0c8d9 [ 159.117535][T15097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 159.137141][T15097] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 159.145550][T15097] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0c8d9 [ 159.153548][T15097] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 00007fe6b5d65e76 [ 159.161514][T15097] RBP: 0000000000000003 R08: 0000000000000800 R09: ffffffffffffffff [ 159.169470][T15097] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 00:07:13 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 10) 00:07:13 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 8) [ 159.177485][T15097] R13: 0000000020000100 R14: 0000000008100000 R15: 00000000200000c0 00:07:13 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007500) [ 159.225262][T15107] FAULT_INJECTION: forcing a failure. [ 159.225262][T15107] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 159.238513][T15107] CPU: 0 PID: 15107 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 159.244170][T15104] FAULT_INJECTION: forcing a failure. [ 159.244170][T15104] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.247270][T15107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.247282][T15107] Call Trace: [ 159.247289][T15107] dump_stack_lvl+0xd6/0x122 [ 159.247312][T15107] dump_stack+0x11/0x1b [ 159.282271][T15107] should_fail+0x23c/0x250 [ 159.286674][T15107] __alloc_pages+0x102/0x320 [ 159.291247][T15107] alloc_pages_vma+0x5ee/0x770 [ 159.296000][T15107] shmem_getpage_gfp+0x96d/0x13d0 [ 159.301007][T15107] ? policydb_context_isvalid+0x135/0x230 [ 159.306712][T15107] shmem_write_begin+0x7e/0x100 [ 159.311551][T15107] generic_perform_write+0x1b8/0x3e0 [ 159.316821][T15107] __generic_file_write_iter+0x174/0x310 [ 159.322441][T15107] ? generic_write_checks+0x250/0x290 [ 159.327800][T15107] generic_file_write_iter+0x75/0x130 [ 159.333159][T15107] vfs_write+0x7bc/0x900 [ 159.337385][T15107] __x64_sys_pwrite64+0xf5/0x150 [ 159.342309][T15107] do_syscall_64+0x44/0xa0 [ 159.346715][T15107] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 159.352605][T15107] RIP: 0033:0x7fe6b5cbf8a7 [ 159.357135][T15107] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 159.376728][T15107] RSP: 002b:00007fe6b3a83f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 159.385218][T15107] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf8a7 [ 159.393259][T15107] RDX: 0000000000000062 RSI: 0000000020010000 RDI: 0000000000000004 [ 159.401211][T15107] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 159.409162][T15107] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 159.417114][T15107] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 00:07:13 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfaf35861, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 159.425145][T15104] CPU: 1 PID: 15104 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 159.433900][T15104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.443941][T15104] Call Trace: [ 159.447206][T15104] dump_stack_lvl+0xd6/0x122 [ 159.451787][T15104] dump_stack+0x11/0x1b [ 159.455924][T15104] should_fail+0x23c/0x250 [ 159.460328][T15104] should_fail_usercopy+0x16/0x20 [ 159.465331][T15104] copy_page_from_iter_atomic+0x2c1/0xbb0 [ 159.471033][T15104] ? shmem_write_begin+0x7e/0x100 [ 159.476064][T15104] generic_perform_write+0x201/0x3e0 [ 159.481336][T15104] __generic_file_write_iter+0x174/0x310 [ 159.486980][T15104] ? generic_write_checks+0x250/0x290 [ 159.492442][T15104] generic_file_write_iter+0x75/0x130 [ 159.497800][T15104] vfs_write+0x7bc/0x900 [ 159.502136][T15104] __x64_sys_pwrite64+0xf5/0x150 [ 159.507060][T15104] do_syscall_64+0x44/0xa0 [ 159.511541][T15104] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 159.517421][T15104] RIP: 0033:0x7fd8966368a7 [ 159.521892][T15104] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 159.541481][T15104] RSP: 002b:00007fd8943faf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 159.549971][T15104] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966368a7 [ 159.557922][T15104] RDX: 000000000000000a RSI: 0000000020000080 RDI: 0000000000000004 [ 159.565875][T15104] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff 00:07:13 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfdffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 159.573825][T15104] R10: 0000000000000560 R11: 0000000000000293 R12: 0000000000000004 [ 159.581781][T15104] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 159.639825][T15104] loop5: detected capacity change from 0 to 264192 [ 159.647399][T15107] loop3: detected capacity change from 0 to 264192 [ 159.668947][T15107] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 159.686241][T15104] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:13 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r1, r2) dup3(r2, r0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r4, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r3, r4) preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000100)=""/241, 0xf1}, {&(0x7f0000000240)=""/130, 0x82}, {&(0x7f0000000040)=""/121, 0x79}, {&(0x7f0000001400)=""/244, 0xf4}], 0x5, 0x8001, 0x4) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r5, 0x0, 0x80000001) 00:07:13 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeff0000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:13 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 9) 00:07:13 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 11) 00:07:13 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007600) 00:07:13 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0) sendmsg$AUDIT_USER_TTY(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0xec, 0x464, 0x20, 0x70bd2a, 0x25dfdbfd, "44a80a59b6690df2f2fc2901f0725def9557e3bf9e72ff53494c3b0cc9bb2b890e30159e39e2d85b6c0bc712add6167b3d6b590bfbe05698b43a5c91a659985214a00fe4d79e202f465b4deede89703a9350ee92091adacefdccc6018983155f6d2211fdceaa780d81bf59698f8fa74ea271cdcbbca7b93c6dc623edbc6648f89159358fb98fe34f62c9e68499d7fca394b3aee23ac2113883ca2baec6e049e04ba0b833786c3ec275f64b82c1bd65bd513dba41a1d50d29496a70a906ab7ada3765b5c0164e198ca57530d6f03020ee2d6d7e00545718ea89c3da06", ["", "", "", "", "", "", ""]}, 0xec}, 0x1, 0x0, 0x0, 0x2000c000}, 0x44490) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER(r2, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, 0x3ed, 0x8, 0x70bd26, 0x25dfdbfb, "33f26de27ec1faa43d875c8ca826865b15c4e5ea913390fa691d85d7e31b86e06a480282c1012421cebf222bb7ec8d043e70eb7605437f22ae8b673c462791f7e99869c29f6002b4791c6164b289538941c65f08a1", ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x400001c}, 0x4c001) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRES16=r2], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) setrlimit(0x5, &(0x7f00000000c0)={0x7, 0x60}) mlockall(0x1) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r4 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @desc1}, &(0x7f00000004c0)={0x0, "e4c4700377c376bc932f5c32bade4236769b89849370aee90550bda048474e6eb54b1fdb18a0681823c59c1987735ca2cb6d851c96b285bf429a2a8fdb70b880", 0x2a}, 0x48, 0xffffffffffffffff) keyctl$unlink(0x9, r4, r3) r5 = geteuid() keyctl$chown(0x4, r3, r5, 0xee01) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000023c0), 0x208000, &(0x7f0000000100)=ANY=[@ANYRESOCT=r5, @ANYRESDEC=0x0]) mlockall(0x5) lseek(r1, 0x5, 0x3) [ 159.932064][T15145] FAULT_INJECTION: forcing a failure. [ 159.932064][T15145] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.945145][T15145] CPU: 0 PID: 15145 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 159.953948][T15145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.963998][T15145] Call Trace: [ 159.967270][T15145] dump_stack_lvl+0xd6/0x122 [ 159.971862][T15149] FAULT_INJECTION: forcing a failure. [ 159.971862][T15149] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.971867][T15145] dump_stack+0x11/0x1b [ 159.971890][T15145] should_fail+0x23c/0x250 [ 159.971908][T15145] should_fail_usercopy+0x16/0x20 [ 159.998429][T15145] copy_page_from_iter_atomic+0x2c1/0xbb0 [ 160.004162][T15145] ? shmem_write_begin+0x7e/0x100 [ 160.009265][T15145] generic_perform_write+0x201/0x3e0 [ 160.014646][T15145] __generic_file_write_iter+0x174/0x310 [ 160.020319][T15145] ? generic_write_checks+0x250/0x290 [ 160.025678][T15145] generic_file_write_iter+0x75/0x130 [ 160.031044][T15145] vfs_write+0x7bc/0x900 [ 160.035367][T15145] __x64_sys_pwrite64+0xf5/0x150 [ 160.040300][T15145] do_syscall_64+0x44/0xa0 [ 160.044710][T15145] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.050671][T15145] RIP: 0033:0x7fd8966368a7 [ 160.055070][T15145] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b 00:07:14 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 160.074744][T15145] RSP: 002b:00007fd8943faf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 160.083142][T15145] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966368a7 [ 160.091111][T15145] RDX: 0000000000000009 RSI: 0000000020010400 RDI: 0000000000000004 [ 160.099075][T15145] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 160.107212][T15145] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004 [ 160.115178][T15145] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 160.123135][T15149] CPU: 1 PID: 15149 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 160.131889][T15149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.141932][T15149] Call Trace: [ 160.145205][T15149] dump_stack_lvl+0xd6/0x122 [ 160.148714][T15145] loop5: detected capacity change from 0 to 264192 [ 160.149790][T15149] dump_stack+0x11/0x1b [ 160.160406][T15149] should_fail+0x23c/0x250 [ 160.164824][T15149] should_fail_usercopy+0x16/0x20 [ 160.169833][T15149] copy_page_from_iter_atomic+0x2c1/0xbb0 [ 160.175540][T15149] ? shmem_write_begin+0x7e/0x100 [ 160.180545][T15149] generic_perform_write+0x201/0x3e0 [ 160.185818][T15149] __generic_file_write_iter+0x174/0x310 [ 160.191503][T15149] ? generic_write_checks+0x250/0x290 [ 160.196882][T15149] generic_file_write_iter+0x75/0x130 [ 160.202243][T15149] vfs_write+0x7bc/0x900 [ 160.206498][T15149] __x64_sys_pwrite64+0xf5/0x150 [ 160.211487][T15149] do_syscall_64+0x44/0xa0 [ 160.215888][T15149] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.221888][T15149] RIP: 0033:0x7fe6b5cbf8a7 [ 160.226283][T15149] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 160.245873][T15149] RSP: 002b:00007fe6b3a83f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 160.254304][T15149] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf8a7 [ 160.262254][T15149] RDX: 0000000000000062 RSI: 0000000020010000 RDI: 0000000000000004 [ 160.270214][T15149] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff 00:07:14 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xff030000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:14 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007700) [ 160.278301][T15149] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 160.286251][T15149] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 160.307553][T15149] loop3: detected capacity change from 0 to 264192 [ 160.314949][T15145] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:14 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffff0000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 12) [ 160.376584][T15149] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:14 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfffffe00, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:14 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x8000, 0x1c1000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 160.438511][T15191] FAULT_INJECTION: forcing a failure. [ 160.438511][T15191] name failslab, interval 1, probability 0, space 0, times 0 [ 160.451315][T15191] CPU: 1 PID: 15191 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 160.460075][T15191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.470210][T15191] Call Trace: [ 160.473483][T15191] dump_stack_lvl+0xd6/0x122 [ 160.478251][T15191] dump_stack+0x11/0x1b [ 160.482454][T15191] should_fail+0x23c/0x250 00:07:14 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 10) [ 160.486860][T15191] ? getname_flags+0x84/0x3f0 [ 160.491608][T15191] __should_failslab+0x81/0x90 [ 160.496368][T15191] should_failslab+0x5/0x20 [ 160.500885][T15191] kmem_cache_alloc+0x4f/0x300 [ 160.505642][T15191] getname_flags+0x84/0x3f0 [ 160.510140][T15191] getname+0x15/0x20 [ 160.514029][T15191] do_sys_openat2+0x6d/0x2b0 [ 160.518660][T15191] __x64_sys_openat+0xef/0x110 [ 160.523518][T15191] do_syscall_64+0x44/0xa0 [ 160.527933][T15191] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.533827][T15191] RIP: 0033:0x7fd8966367f4 [ 160.538234][T15191] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 160.557839][T15191] RSP: 002b:00007fd8943faed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 160.566307][T15191] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966367f4 [ 160.574269][T15191] RDX: 0000000000000002 RSI: 00007fd8943fb000 RDI: 00000000ffffff9c 00:07:14 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffff7f, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 160.582236][T15191] RBP: 00007fd8943fb000 R08: 0000000000000000 R09: ffffffffffffffff [ 160.590208][T15191] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 160.598205][T15191] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 13) [ 160.664981][T15210] FAULT_INJECTION: forcing a failure. [ 160.664981][T15210] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.678230][T15210] CPU: 0 PID: 15210 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 160.681985][T15216] FAULT_INJECTION: forcing a failure. [ 160.681985][T15216] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.686984][T15210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.686996][T15210] Call Trace: [ 160.687003][T15210] dump_stack_lvl+0xd6/0x122 [ 160.687026][T15210] dump_stack+0x11/0x1b [ 160.722080][T15210] should_fail+0x23c/0x250 [ 160.726482][T15210] should_fail_usercopy+0x16/0x20 [ 160.731662][T15210] copy_page_from_iter_atomic+0x2c1/0xbb0 [ 160.737437][T15210] ? shmem_write_begin+0x7e/0x100 [ 160.742441][T15210] generic_perform_write+0x201/0x3e0 [ 160.747757][T15210] __generic_file_write_iter+0x174/0x310 [ 160.753426][T15210] ? generic_write_checks+0x250/0x290 [ 160.758783][T15210] generic_file_write_iter+0x75/0x130 [ 160.764147][T15210] vfs_write+0x7bc/0x900 [ 160.768469][T15210] __x64_sys_pwrite64+0xf5/0x150 [ 160.773391][T15210] do_syscall_64+0x44/0xa0 [ 160.777804][T15210] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.783699][T15210] RIP: 0033:0x7fe6b5cbf8a7 [ 160.788094][T15210] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 160.807766][T15210] RSP: 002b:00007fe6b3a83f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 160.816158][T15210] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf8a7 [ 160.824218][T15210] RDX: 000000000000000a RSI: 0000000020000080 RDI: 0000000000000004 [ 160.832265][T15210] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 160.840218][T15210] R10: 0000000000000560 R11: 0000000000000293 R12: 0000000000000004 [ 160.848175][T15210] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 160.856215][T15216] CPU: 1 PID: 15216 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 160.864972][T15216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.875030][T15216] Call Trace: [ 160.878293][T15216] dump_stack_lvl+0xd6/0x122 [ 160.883018][T15216] dump_stack+0x11/0x1b [ 160.887171][T15216] should_fail+0x23c/0x250 [ 160.891721][T15216] should_fail_usercopy+0x16/0x20 [ 160.896730][T15216] strncpy_from_user+0x21/0x250 [ 160.901571][T15216] getname_flags+0xb8/0x3f0 [ 160.906121][T15216] getname+0x15/0x20 [ 160.910007][T15216] do_sys_openat2+0x6d/0x2b0 [ 160.914644][T15216] __x64_sys_openat+0xef/0x110 [ 160.919464][T15216] do_syscall_64+0x44/0xa0 [ 160.923993][T15216] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.929943][T15216] RIP: 0033:0x7fd8966367f4 [ 160.934337][T15216] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 160.954461][T15216] RSP: 002b:00007fd8943faed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 00:07:14 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffff8c, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 160.962851][T15216] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966367f4 [ 160.970812][T15216] RDX: 0000000000000002 RSI: 00007fd8943fb000 RDI: 00000000ffffff9c [ 160.978770][T15216] RBP: 00007fd8943fb000 R08: 0000000000000000 R09: ffffffffffffffff [ 160.986722][T15216] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 160.994677][T15216] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 161.065472][T15210] loop3: detected capacity change from 0 to 264192 [ 161.078962][T15210] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:15 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007800) 00:07:15 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 14) 00:07:15 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffff97, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:15 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 11) 00:07:15 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) sendmsg(r0, &(0x7f00000007c0)={&(0x7f0000000040)=@ax25={{0x3, @default, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x80, &(0x7f0000000380)=[{&(0x7f00000000c0)="532f8f584511818db769a768f4f11e9187554701a656ae23d9e9ff567c32d55f982502b63e72c4d9c009b1d6add1b4cae99ca73f2143b32f12b46e8c9d3cd2df2ce97cb974728c1f99247297f8ee0fe1c4bec28114312032c76ffa2f15c915edaa49d22a2ee2228cc58922ac682745e46d650420fe2556b4d304088134643ab7b9b20450355751e4375626f7a6febb1ddd79aa56ce80f09ebcf61bf16e8efcf3c3334871dae3d9ac2e153f7eedfe5cf44eb99bbdd0", 0xb5}, {&(0x7f0000000180)="9469fa3ed98d02db30f09d249fce1a631a620aee89c00b262daa0a996260b8680ffc98391391", 0x26}, {&(0x7f0000000300)="72dbf10626fed8256f420b20365c2728dfbd12d0a7f13c234dae16d2e3d2acc51e81f09637aa37236b8398d4900d36823e6148f09b9d8186f2f336ad11f24292d03780eba39092e74aed7719f2ef698ef557bc9480a93a74498e44475cbbb91ba63cef876fb2697a3290872d0654f5a4c803042cd114588d1f4009", 0x7b}], 0x3, &(0x7f00000003c0)=[{0xa8, 0x112, 0x40, "95503a06a84907eff3d967934766fe16c41ad8c3f3ad22160d3fdd49781a45c7765647c922aaef12176f32df788824d60786c7691151d0e68cd4907b94dc4352a79a95145809871932020d73d3164b9a176108843d5e97bb1d7ed10240f4548c26f5c61b0719a0dc1429e34d3d11a5c94734b051020fc514cd38c3626de12b5dfdec9ce57aa841d1e3934e9f52015542b3c29f54"}, {0x20, 0x6, 0xfffffff8, "0e5190e93abc967ab709"}, {0x50, 0xff, 0xfff, "65e8dc5323870ea3c50d908b96ed82b321369ea21494bca018a3ce77f2db5f19110ee0bf53b66bea0bc63c20cbaa07cec05cd53a26641404de64c46af417"}, {0x48, 0x11, 0xfff, "8735fb670f35a7c3f0f4f4a0f08be8369310c8269a9fcd4cbd2e659d41535017d4c496cea3ac8f54623751f20d5c2d88d264b22926"}, {0xd0, 0x29, 0x8000, "cef695a92ed01352fbbef5c34303d7736771af82bea1dcb14715259a395c38f8033fa7edf2a363b7ba43d585d545fdd6c08a307dd5ba1ef0116c7ac78594389d7046f0ce2f7cba1be34d28621e63fc1dcc8be990a8adf0b2acc66cfbce6740d330b11f93a2f96f725e8923b052c3dd48e7df93c46aad349f56d848de1d036e4e02c4d09995e96f823eb3dbef1ea05e47a41d8654fd25fc28a4c9126ce10f5aafefad4f0388f8ce21b16644f38e38b9dd0e049e56cded424d6b71d1"}, {0x50, 0xff, 0x4, "e6867b11e5b32ee4bfb56b3447eea9a106de44db988432d7d5d6adad03b78f2994250851af0fd8b59dde5c1b215188be52cb44e9a6035b878ebd10ff6b07"}, {0xa8, 0x10a, 0xffffffff, "de04054da4e7251d1eb144c86ff4fa80976dc4a27758ccc590cf8bafa86c003773fd12dc029a9a14b970f7978c4d9f1a0c742d08535227c4cc3660444bf350aa6b402338b00220ff6246f073c8bd3f62b6a4b7619f429930c623b5ba3940111902583538365df23ab58cf1308b64a5a64f043eadfa9ade0a8949c8392686f0c3cdb682b315d3a85bfd3cba011649d149fd5b33410300fc"}, {0x68, 0x107, 0x3, "0e718e018fd63d877a253a249ed698460b6df83e5bed48a44b7be67472fe98e866c20b6440b326c3d99f99f357f4f150410222c9a1cbd8a481586f55244a7ba44da08862d1a03775e55c081afae37cdaff"}, {0x60, 0x111, 0x5, "bb083aec5228041726af43fee0594182b66b16151f14ff6c5cda8fe80d13a5e4b8fbdc3014a835ea3c16261883be3529f0fcbd180c3893e17fae2aef77f0c2eaa4e87a28ec7126562e495f4d6d"}], 0x3f0}, 0x4000080) mlockall(0x1) mlockall(0x5) 00:07:15 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) write$P9_RREADLINK(r1, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) open$dir(&(0x7f0000000040)='./file0\x00', 0x400000, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) [ 161.203057][T15249] FAULT_INJECTION: forcing a failure. [ 161.203057][T15249] name failslab, interval 1, probability 0, space 0, times 0 [ 161.215809][T15249] CPU: 1 PID: 15249 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 161.224599][T15249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.234732][T15249] Call Trace: [ 161.238088][T15249] dump_stack_lvl+0xd6/0x122 [ 161.242673][T15249] dump_stack+0x11/0x1b [ 161.246991][T15249] should_fail+0x23c/0x250 [ 161.251406][T15249] ? __alloc_file+0x2e/0x1a0 [ 161.255991][T15249] __should_failslab+0x81/0x90 [ 161.260842][T15249] should_failslab+0x5/0x20 [ 161.265392][T15249] kmem_cache_alloc+0x4f/0x300 [ 161.270146][T15249] __alloc_file+0x2e/0x1a0 [ 161.274420][T15255] FAULT_INJECTION: forcing a failure. [ 161.274420][T15255] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.274560][T15249] alloc_empty_file+0xcd/0x1c0 [ 161.292322][T15249] path_openat+0x6a/0x1ec0 [ 161.296749][T15249] ? copy_page_from_iter_atomic+0x44b/0xbb0 [ 161.302630][T15249] ? set_page_dirty+0xf4/0x1a0 [ 161.307455][T15249] ? shmem_write_end+0x37d/0x3d0 [ 161.312373][T15249] ? balance_dirty_pages_ratelimited+0xc4/0x2a0 [ 161.318601][T15249] ? generic_perform_write+0x377/0x3e0 [ 161.324047][T15249] do_filp_open+0x105/0x220 [ 161.328588][T15249] do_sys_openat2+0xb5/0x2b0 [ 161.333160][T15249] __x64_sys_openat+0xef/0x110 [ 161.337904][T15249] do_syscall_64+0x44/0xa0 [ 161.342307][T15249] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.348198][T15249] RIP: 0033:0x7fd8966367f4 [ 161.352618][T15249] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 161.372292][T15249] RSP: 002b:00007fd8943faed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 161.380691][T15249] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966367f4 [ 161.388648][T15249] RDX: 0000000000000002 RSI: 00007fd8943fb000 RDI: 00000000ffffff9c [ 161.396613][T15249] RBP: 00007fd8943fb000 R08: 0000000000000000 R09: ffffffffffffffff [ 161.404709][T15249] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 161.412725][T15249] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 161.420687][T15255] CPU: 0 PID: 15255 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 161.429444][T15255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.439496][T15255] Call Trace: [ 161.442880][T15255] dump_stack_lvl+0xd6/0x122 [ 161.447463][T15255] dump_stack+0x11/0x1b [ 161.451613][T15255] should_fail+0x23c/0x250 [ 161.456020][T15255] should_fail_usercopy+0x16/0x20 [ 161.461090][T15255] copy_page_from_iter_atomic+0x2c1/0xbb0 [ 161.466805][T15255] ? shmem_write_begin+0x7e/0x100 [ 161.471825][T15255] generic_perform_write+0x201/0x3e0 [ 161.477114][T15255] __generic_file_write_iter+0x174/0x310 [ 161.482749][T15255] ? generic_write_checks+0x250/0x290 [ 161.488123][T15255] generic_file_write_iter+0x75/0x130 [ 161.493531][T15255] vfs_write+0x7bc/0x900 [ 161.497773][T15255] __x64_sys_pwrite64+0xf5/0x150 [ 161.502744][T15255] do_syscall_64+0x44/0xa0 [ 161.507163][T15255] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.513058][T15255] RIP: 0033:0x7fe6b5cbf8a7 [ 161.517462][T15255] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 161.537064][T15255] RSP: 002b:00007fe6b3a83f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 161.545474][T15255] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf8a7 00:07:15 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 15) 00:07:15 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffffda, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 161.553467][T15255] RDX: 0000000000000009 RSI: 0000000020010400 RDI: 0000000000000004 [ 161.561428][T15255] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff [ 161.569385][T15255] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004 [ 161.577348][T15255] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 161.609277][T15263] FAULT_INJECTION: forcing a failure. [ 161.609277][T15263] name failslab, interval 1, probability 0, space 0, times 0 [ 161.621937][T15255] loop3: detected capacity change from 0 to 264192 [ 161.622006][T15263] CPU: 1 PID: 15263 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 161.637216][T15263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.647263][T15263] Call Trace: [ 161.650527][T15263] dump_stack_lvl+0xd6/0x122 [ 161.655187][T15263] dump_stack+0x11/0x1b [ 161.659385][T15263] should_fail+0x23c/0x250 [ 161.663793][T15263] ? security_file_alloc+0x30/0x190 [ 161.668974][T15263] __should_failslab+0x81/0x90 [ 161.673777][T15263] should_failslab+0x5/0x20 [ 161.678263][T15263] kmem_cache_alloc+0x4f/0x300 [ 161.683005][T15263] security_file_alloc+0x30/0x190 [ 161.688013][T15263] __alloc_file+0x83/0x1a0 [ 161.692418][T15263] alloc_empty_file+0xcd/0x1c0 [ 161.697167][T15263] path_openat+0x6a/0x1ec0 [ 161.701642][T15263] ? copy_page_from_iter_atomic+0x44b/0xbb0 [ 161.707584][T15263] ? set_page_dirty+0xf4/0x1a0 [ 161.712340][T15263] ? shmem_write_end+0x37d/0x3d0 [ 161.717258][T15263] ? balance_dirty_pages_ratelimited+0xc4/0x2a0 [ 161.723482][T15263] ? generic_perform_write+0x377/0x3e0 [ 161.728926][T15263] do_filp_open+0x105/0x220 [ 161.733419][T15263] do_sys_openat2+0xb5/0x2b0 [ 161.737993][T15263] __x64_sys_openat+0xef/0x110 [ 161.742816][T15263] do_syscall_64+0x44/0xa0 [ 161.747230][T15263] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.753133][T15263] RIP: 0033:0x7fd8966367f4 [ 161.757530][T15263] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 161.777160][T15263] RSP: 002b:00007fd8943faed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 161.785631][T15263] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd8966367f4 [ 161.793581][T15263] RDX: 0000000000000002 RSI: 00007fd8943fb000 RDI: 00000000ffffff9c [ 161.801532][T15263] RBP: 00007fd8943fb000 R08: 0000000000000000 R09: ffffffffffffffff 00:07:15 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfffffff6, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 161.809488][T15263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 161.817442][T15263] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 161.839497][T15255] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:15 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 16) 00:07:15 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfffffffd, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:15 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) r3 = openat(r2, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4001, 0x4) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x19408, 0x0) ioctl$BTRFS_IOC_QUOTA_CTL(r5, 0xc0109428, &(0x7f0000000000)={0x1, 0x3b}) tee(0xffffffffffffffff, r1, 0x5, 0x4) sendfile(r0, r3, 0x0, 0x80000001) [ 161.902445][T15280] FAULT_INJECTION: forcing a failure. [ 161.902445][T15280] name failslab, interval 1, probability 0, space 0, times 0 [ 161.915075][T15280] CPU: 1 PID: 15280 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 161.923833][T15280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.933882][T15280] Call Trace: [ 161.937182][T15280] dump_stack_lvl+0xd6/0x122 [ 161.941774][T15280] dump_stack+0x11/0x1b [ 161.945997][T15280] should_fail+0x23c/0x250 [ 161.950414][T15280] ? kzalloc+0x16/0x20 [ 161.954489][T15280] __should_failslab+0x81/0x90 [ 161.959370][T15280] should_failslab+0x5/0x20 [ 161.963873][T15280] __kmalloc+0x6f/0x350 [ 161.968026][T15280] ? _atomic_dec_and_lock+0x60/0xd0 [ 161.973297][T15280] kzalloc+0x16/0x20 [ 161.977195][T15280] alloc_workqueue+0x12f/0xad0 [ 161.982014][T15280] ? disk_unblock_events+0x35/0x40 [ 161.987209][T15280] ? bd_prepare_to_claim+0x1e6/0x270 [ 161.992508][T15280] ? loop_attr_do_show_dio+0x70/0x70 [ 161.997791][T15280] ? loop_set_status_from_info+0x35e/0x3a0 [ 162.003596][T15280] loop_configure+0x681/0xeb0 [ 162.008273][T15280] lo_ioctl+0x618/0x13e0 [ 162.012520][T15280] ? path_openat+0x18d4/0x1ec0 [ 162.017351][T15280] ? blkdev_common_ioctl+0x438/0x1110 [ 162.022722][T15280] ? selinux_file_ioctl+0x981/0xa10 [ 162.027921][T15280] ? lo_release+0x120/0x120 [ 162.032431][T15280] blkdev_ioctl+0x1d0/0x3f0 [ 162.036959][T15280] block_ioctl+0x6e/0x80 [ 162.041263][T15280] ? blkdev_iopoll+0x80/0x80 [ 162.045847][T15280] __se_sys_ioctl+0xcb/0x140 [ 162.050452][T15280] __x64_sys_ioctl+0x3f/0x50 [ 162.055186][T15280] do_syscall_64+0x44/0xa0 [ 162.059666][T15280] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.065557][T15280] RIP: 0033:0x7fd896683697 [ 162.069960][T15280] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 162.089726][T15280] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 00:07:16 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007900) 00:07:16 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfffffffe, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:16 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 12) [ 162.098154][T15280] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 162.106117][T15280] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 162.114087][T15280] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 162.122055][T15280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 162.130033][T15280] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 162.163551][T15304] FAULT_INJECTION: forcing a failure. [ 162.163551][T15304] name failslab, interval 1, probability 0, space 0, times 0 [ 162.176175][T15304] CPU: 1 PID: 15304 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 162.185022][T15304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.195069][T15304] Call Trace: [ 162.198335][T15304] dump_stack_lvl+0xd6/0x122 [ 162.202919][T15304] dump_stack+0x11/0x1b [ 162.207056][T15304] should_fail+0x23c/0x250 [ 162.211464][T15304] ? getname_flags+0x84/0x3f0 [ 162.216132][T15304] __should_failslab+0x81/0x90 [ 162.220879][T15304] should_failslab+0x5/0x20 [ 162.225365][T15304] kmem_cache_alloc+0x4f/0x300 [ 162.230220][T15304] getname_flags+0x84/0x3f0 [ 162.234840][T15304] getname+0x15/0x20 [ 162.238778][T15304] do_sys_openat2+0x6d/0x2b0 [ 162.243526][T15304] __x64_sys_openat+0xef/0x110 [ 162.248448][T15304] do_syscall_64+0x44/0xa0 [ 162.252850][T15304] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.258777][T15304] RIP: 0033:0x7fe6b5cbf7f4 [ 162.263220][T15304] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 162.283308][T15304] RSP: 002b:00007fe6b3a83ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 162.291774][T15304] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf7f4 [ 162.299727][T15304] RDX: 0000000000000002 RSI: 00007fe6b3a84000 RDI: 00000000ffffff9c 00:07:16 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 13) [ 162.307675][T15304] RBP: 00007fe6b3a84000 R08: 0000000000000000 R09: ffffffffffffffff [ 162.315630][T15304] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 162.323753][T15304] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 162.361576][T15314] FAULT_INJECTION: forcing a failure. [ 162.361576][T15314] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 162.374672][T15314] CPU: 0 PID: 15314 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 162.383473][T15314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.393528][T15314] Call Trace: [ 162.396803][T15314] dump_stack_lvl+0xd6/0x122 [ 162.401393][T15314] dump_stack+0x11/0x1b [ 162.405560][T15314] should_fail+0x23c/0x250 00:07:16 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x6, 0x3, 0x6, 0x95, 0x0, 0xebe3, 0x8, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x101, 0x2, @perf_config_ext={0x7, 0x7a85d93b}, 0x102, 0x6, 0x73e, 0x5, 0xbb94, 0x6, 0x4, 0x0, 0x2, 0x0, 0x567}, 0x0, 0x2, r0, 0x2) fsetxattr$security_ima(r2, &(0x7f00000000c0), &(0x7f0000000100)=@ng={0x4, 0xf, "b2b81fdce59b9bb3926bb0354a4ab55443"}, 0x13, 0x2) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xe4e4233}) mlockall(0x1) mlockall(0x5) 00:07:16 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 17) 00:07:16 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x8000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 162.410004][T15314] should_fail_usercopy+0x16/0x20 [ 162.415138][T15314] strncpy_from_user+0x21/0x250 [ 162.420014][T15314] getname_flags+0xb8/0x3f0 [ 162.424517][T15314] getname+0x15/0x20 [ 162.428486][T15314] do_sys_openat2+0x6d/0x2b0 [ 162.433076][T15314] __x64_sys_openat+0xef/0x110 [ 162.437845][T15314] do_syscall_64+0x44/0xa0 [ 162.442400][T15314] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.448353][T15314] RIP: 0033:0x7fe6b5cbf7f4 [ 162.452780][T15314] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 162.472465][T15314] RSP: 002b:00007fe6b3a83ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 162.481068][T15314] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf7f4 [ 162.489033][T15314] RDX: 0000000000000002 RSI: 00007fe6b3a84000 RDI: 00000000ffffff9c [ 162.497024][T15314] RBP: 00007fe6b3a84000 R08: 0000000000000000 R09: ffffffffffffffff [ 162.504988][T15314] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 162.512949][T15314] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 162.530512][T15327] FAULT_INJECTION: forcing a failure. [ 162.530512][T15327] name failslab, interval 1, probability 0, space 0, times 0 [ 162.543130][T15327] CPU: 0 PID: 15327 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 162.551929][T15327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.561976][T15327] Call Trace: [ 162.565243][T15327] dump_stack_lvl+0xd6/0x122 [ 162.569912][T15327] dump_stack+0x11/0x1b [ 162.574055][T15327] should_fail+0x23c/0x250 [ 162.578458][T15327] __should_failslab+0x81/0x90 [ 162.583219][T15327] ? alloc_workqueue+0x15d/0xad0 [ 162.588171][T15327] should_failslab+0x5/0x20 [ 162.592675][T15327] kmem_cache_alloc_trace+0x52/0x320 [ 162.598232][T15327] alloc_workqueue+0x15d/0xad0 [ 162.603000][T15327] ? disk_unblock_events+0x35/0x40 [ 162.608110][T15327] ? bd_prepare_to_claim+0x1e6/0x270 [ 162.613476][T15327] ? loop_attr_do_show_dio+0x70/0x70 [ 162.618758][T15327] ? loop_set_status_from_info+0x35e/0x3a0 [ 162.624567][T15327] loop_configure+0x681/0xeb0 [ 162.629241][T15327] lo_ioctl+0x618/0x13e0 [ 162.633596][T15327] ? path_openat+0x18d4/0x1ec0 [ 162.638418][T15327] ? blkdev_common_ioctl+0x438/0x1110 [ 162.643787][T15327] ? selinux_file_ioctl+0x981/0xa10 [ 162.648986][T15327] ? lo_release+0x120/0x120 [ 162.653486][T15327] blkdev_ioctl+0x1d0/0x3f0 [ 162.657978][T15327] block_ioctl+0x6e/0x80 [ 162.662207][T15327] ? blkdev_iopoll+0x80/0x80 [ 162.666811][T15327] __se_sys_ioctl+0xcb/0x140 [ 162.671424][T15327] __x64_sys_ioctl+0x3f/0x50 [ 162.676060][T15327] do_syscall_64+0x44/0xa0 [ 162.680474][T15327] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.686374][T15327] RIP: 0033:0x7fd896683697 [ 162.690865][T15327] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:16 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x80000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 162.710483][T15327] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 162.718884][T15327] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 162.726907][T15327] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 162.734870][T15327] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 162.742831][T15327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 162.751062][T15327] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:16 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007a00) 00:07:16 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) open$dir(&(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x101000, 0x10) r2 = dup(r1) r3 = syz_mount_image$nfs4(&(0x7f0000000080), &(0x7f00000001c0)='./file0\x00', 0x1, 0x1, &(0x7f0000000300)=[{&(0x7f0000000240)="8dbf551035c98767818726e0c04d3a38c76cf22ff754d92f54e50a96405adf2fbe45d44ef67ce39ca06b5da41c1f5d635f3c69725db9f37d2339cefb9d5f2b7ee0782ba9e9c4076049cf69c03123f8d89f7e9da770766e96def526c139fe6cefb155bd33fb6104308db4fe91130b2a37a9bb0a40cbd62df32b276bf766b355ffa75df70a225abec39f3597dc1cb7176e1861e9f3eefdc3e40766400f4001466402486a9269", 0xa5}], 0x54020, &(0x7f0000000400)={[], [{@subj_user}, {@euid_lt={'euid<', 0xee01}}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x34, 0x0, 0x38, 0x63, 0x62, 0x34], 0x2d, [0x30, 0x36, 0x36, 0x66], 0x2d, [0x63, 0x62, 0x36, 0x32], 0x2d, [0x61, 0x32, 0x32, 0x61], 0x2d, [0x36, 0x61, 0x39, 0x33, 0x64, 0x37, 0x32, 0x62]}}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fsmagic={'fsmagic', 0x3d, 0x800}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}]}) renameat2(r3, &(0x7f0000000040)='./bus\x00', r2, &(0x7f0000000180)='./bus/file0\x00', 0x1) 00:07:16 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 18) 00:07:16 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x100000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:16 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xedc000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 162.848841][T15349] FAULT_INJECTION: forcing a failure. [ 162.848841][T15349] name failslab, interval 1, probability 0, space 0, times 0 [ 162.861583][T15349] CPU: 0 PID: 15349 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 162.870349][T15349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.880475][T15349] Call Trace: [ 162.883836][T15349] dump_stack_lvl+0xd6/0x122 [ 162.888429][T15349] dump_stack+0x11/0x1b [ 162.892594][T15349] should_fail+0x23c/0x250 [ 162.897000][T15349] ? kzalloc+0x16/0x20 [ 162.901110][T15349] __should_failslab+0x81/0x90 [ 162.905950][T15349] should_failslab+0x5/0x20 [ 162.910508][T15349] __kmalloc+0x6f/0x350 [ 162.914656][T15349] ? number+0xa13/0xb60 [ 162.918799][T15349] kzalloc+0x16/0x20 [ 162.922782][T15349] apply_wqattrs_prepare+0x3a/0x630 [ 162.927960][T15349] ? vsnprintf+0xe8f/0xed0 [ 162.932360][T15349] apply_workqueue_attrs+0x9e/0x100 [ 162.937630][T15349] alloc_workqueue+0x777/0xad0 [ 162.942381][T15349] ? disk_unblock_events+0x35/0x40 [ 162.947480][T15349] ? bd_prepare_to_claim+0x1e6/0x270 [ 162.952807][T15349] ? loop_attr_do_show_dio+0x70/0x70 [ 162.958086][T15349] ? loop_set_status_from_info+0x35e/0x3a0 [ 162.963890][T15349] loop_configure+0x681/0xeb0 [ 162.968556][T15349] lo_ioctl+0x618/0x13e0 [ 162.972780][T15349] ? path_openat+0x18d4/0x1ec0 [ 162.977659][T15349] ? blkdev_common_ioctl+0x438/0x1110 [ 162.983034][T15349] ? selinux_file_ioctl+0x981/0xa10 [ 162.988228][T15349] ? lo_release+0x120/0x120 [ 162.992719][T15349] blkdev_ioctl+0x1d0/0x3f0 [ 162.997223][T15349] block_ioctl+0x6e/0x80 [ 163.001455][T15349] ? blkdev_iopoll+0x80/0x80 [ 163.006095][T15349] __se_sys_ioctl+0xcb/0x140 [ 163.010674][T15349] __x64_sys_ioctl+0x3f/0x50 [ 163.015245][T15349] do_syscall_64+0x44/0xa0 [ 163.019657][T15349] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.025709][T15349] RIP: 0033:0x7fd896683697 [ 163.030103][T15349] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:17 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 163.049768][T15349] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.058342][T15349] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 163.066295][T15349] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 163.074508][T15349] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 163.082523][T15349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 163.090492][T15349] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:17 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007b00) 00:07:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 14) 00:07:17 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:17 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8) r2 = geteuid() keyctl$chown(0x4, r1, r2, 0xee01) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x19408, 0x0) write$binfmt_misc(r3, &(0x7f00000005c0)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224ccd5f87d270a38adc3ffc01d907790c94a40ea68f8cb774ba9263f859604d21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f77af3470cfea8b54b2b8e6db1b27364c3fd1a219b35c58f889445c5cef357c8b5a3f3a8cc1a4834ba69f71c939ce335ce2662b0a477558e1cb6aa37bb04e75e75acf676bcb9c76af2831fdf8f4d9a7328afca0986c122f34414c293018d857017a138462e935694c2c3c0673d16318ea64d86b95e68dea020495564c4763e4b43824d285a577123dbab5d1a6d8471763dcf1452974053e56e777a561a39b635cdd591b8879ea0a2091d16ce529c440124cef8249dc02309e1264856f19c0c8283b63bae829f9aa53943c04eb31b6b6e4ec5e194cb5897644d8a9bf11ef1e230a433b9991cde4a04a0b1a8d02805b5b4f5a5ffe64b2a3c888a7b2cd781c1a38ba614c168bc6632c5b8f3bf0912beea40457856074386cc1d08c6402df6ad2ddf80362d64112fcf4d04abb2254dfc1a5f3be83446a5029951bf4af785a9b52862e7faf82b8461e9dd5b2f12868c9fca913eea4f092aa493134408cdf3025f6373dadabed44402cef7834304d21d92f523f1b03e80295f713b19821a0653514", @ANYRESOCT=r0, @ANYRES32=r1, @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) close(r0) 00:07:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 19) [ 163.210320][T15387] FAULT_INJECTION: forcing a failure. [ 163.210320][T15387] name failslab, interval 1, probability 0, space 0, times 0 [ 163.222992][T15387] CPU: 1 PID: 15387 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 163.231822][T15387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 163.241960][T15387] Call Trace: [ 163.245230][T15387] dump_stack_lvl+0xd6/0x122 [ 163.249822][T15387] dump_stack+0x11/0x1b [ 163.253973][T15387] should_fail+0x23c/0x250 [ 163.258389][T15387] ? __alloc_file+0x2e/0x1a0 [ 163.259177][T15396] FAULT_INJECTION: forcing a failure. [ 163.259177][T15396] name failslab, interval 1, probability 0, space 0, times 0 [ 163.263005][T15387] __should_failslab+0x81/0x90 [ 163.263027][T15387] should_failslab+0x5/0x20 [ 163.263048][T15387] kmem_cache_alloc+0x4f/0x300 [ 163.263066][T15387] ? common_interrupt+0xf/0x90 [ 163.294367][T15387] __alloc_file+0x2e/0x1a0 [ 163.298827][T15387] alloc_empty_file+0xcd/0x1c0 [ 163.303594][T15387] path_openat+0x6a/0x1ec0 [ 163.308051][T15387] ? balance_dirty_pages_ratelimited+0xc4/0x2a0 [ 163.314360][T15387] ? generic_perform_write+0x377/0x3e0 [ 163.319814][T15387] do_filp_open+0x105/0x220 [ 163.324307][T15387] do_sys_openat2+0xb5/0x2b0 [ 163.328926][T15387] ? __schedule+0x435/0x680 [ 163.333418][T15387] __x64_sys_openat+0xef/0x110 [ 163.338166][T15387] do_syscall_64+0x44/0xa0 [ 163.342623][T15387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.348576][T15387] RIP: 0033:0x7fe6b5cbf7f4 [ 163.352973][T15387] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 163.372560][T15387] RSP: 002b:00007fe6b3a83ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 163.380984][T15387] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf7f4 [ 163.388960][T15387] RDX: 0000000000000002 RSI: 00007fe6b3a84000 RDI: 00000000ffffff9c [ 163.396969][T15387] RBP: 00007fe6b3a84000 R08: 0000000000000000 R09: ffffffffffffffff 00:07:17 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xee000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 163.404918][T15387] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 163.412869][T15387] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 163.420828][T15396] CPU: 0 PID: 15396 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 163.429612][T15396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 163.439660][T15396] Call Trace: [ 163.442925][T15396] dump_stack_lvl+0xd6/0x122 [ 163.447517][T15396] dump_stack+0x11/0x1b [ 163.451667][T15396] should_fail+0x23c/0x250 [ 163.456079][T15396] __should_failslab+0x81/0x90 [ 163.460845][T15396] ? apply_wqattrs_prepare+0x5f/0x630 [ 163.466214][T15396] should_failslab+0x5/0x20 [ 163.470711][T15396] kmem_cache_alloc_trace+0x52/0x320 [ 163.475993][T15396] apply_wqattrs_prepare+0x5f/0x630 [ 163.481276][T15396] ? vsnprintf+0xe8f/0xed0 [ 163.485784][T15396] apply_workqueue_attrs+0x9e/0x100 [ 163.490979][T15396] alloc_workqueue+0x777/0xad0 [ 163.495788][T15396] ? disk_unblock_events+0x35/0x40 [ 163.500935][T15396] ? bd_prepare_to_claim+0x1e6/0x270 [ 163.506243][T15396] ? loop_attr_do_show_dio+0x70/0x70 [ 163.511530][T15396] ? loop_set_status_from_info+0x35e/0x3a0 [ 163.517323][T15396] loop_configure+0x681/0xeb0 [ 163.522025][T15396] lo_ioctl+0x618/0x13e0 [ 163.526250][T15396] ? path_openat+0x18d4/0x1ec0 [ 163.531034][T15396] ? blkdev_common_ioctl+0x438/0x1110 [ 163.536386][T15396] ? selinux_file_ioctl+0x981/0xa10 [ 163.541565][T15396] ? lo_release+0x120/0x120 [ 163.546052][T15396] blkdev_ioctl+0x1d0/0x3f0 [ 163.550537][T15396] block_ioctl+0x6e/0x80 [ 163.554760][T15396] ? blkdev_iopoll+0x80/0x80 [ 163.559332][T15396] __se_sys_ioctl+0xcb/0x140 [ 163.563904][T15396] __x64_sys_ioctl+0x3f/0x50 [ 163.568505][T15396] do_syscall_64+0x44/0xa0 [ 163.572904][T15396] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.578847][T15396] RIP: 0033:0x7fd896683697 [ 163.583243][T15396] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 163.603100][T15396] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 00:07:17 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 163.611497][T15396] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 163.619449][T15396] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 163.627471][T15396] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 163.635424][T15396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 163.643376][T15396] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:17 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) write$P9_RWSTAT(r0, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r2 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x19408, 0x0) splice(r1, &(0x7f0000000140)=0xffffffffffffd15d, r2, &(0x7f0000000180)=0x80000001, 0x0, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r6, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r5, r6) sendfile(r3, r6, &(0x7f0000000080)=0x244f423a, 0x334b) syz_open_dev$vcsa(0x0, 0x0, 0x2) r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r7, 0x0, 0x80000001) 00:07:17 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x100000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:17 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 15) 00:07:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 20) [ 163.730752][T15422] FAULT_INJECTION: forcing a failure. [ 163.730752][T15422] name failslab, interval 1, probability 0, space 0, times 0 [ 163.743481][T15422] CPU: 1 PID: 15422 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 163.744369][T15423] FAULT_INJECTION: forcing a failure. [ 163.744369][T15423] name failslab, interval 1, probability 0, space 0, times 0 [ 163.752238][T15422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 163.752250][T15422] Call Trace: [ 163.752257][T15422] dump_stack_lvl+0xd6/0x122 [ 163.782853][T15422] dump_stack+0x11/0x1b [ 163.787014][T15422] should_fail+0x23c/0x250 [ 163.791450][T15422] __should_failslab+0x81/0x90 [ 163.796194][T15422] ? apply_wqattrs_prepare+0xbe/0x630 [ 163.801545][T15422] should_failslab+0x5/0x20 [ 163.806045][T15422] kmem_cache_alloc_trace+0x52/0x320 [ 163.811376][T15422] ? apply_wqattrs_prepare+0x5f/0x630 [ 163.817078][T15422] apply_wqattrs_prepare+0xbe/0x630 [ 163.822255][T15422] ? vsnprintf+0xe8f/0xed0 [ 163.826786][T15422] apply_workqueue_attrs+0x9e/0x100 [ 163.832049][T15422] alloc_workqueue+0x777/0xad0 [ 163.836799][T15422] ? disk_unblock_events+0x35/0x40 [ 163.841897][T15422] ? bd_prepare_to_claim+0x1e6/0x270 [ 163.847241][T15422] ? loop_attr_do_show_dio+0x70/0x70 [ 163.852511][T15422] ? loop_set_status_from_info+0x35e/0x3a0 [ 163.858307][T15422] loop_configure+0x681/0xeb0 [ 163.863048][T15422] lo_ioctl+0x618/0x13e0 [ 163.867271][T15422] ? path_openat+0x18d4/0x1ec0 [ 163.872035][T15422] ? blkdev_common_ioctl+0x438/0x1110 [ 163.877502][T15422] ? selinux_file_ioctl+0x981/0xa10 [ 163.882687][T15422] ? lo_release+0x120/0x120 [ 163.887175][T15422] blkdev_ioctl+0x1d0/0x3f0 [ 163.891689][T15422] block_ioctl+0x6e/0x80 [ 163.896018][T15422] ? blkdev_iopoll+0x80/0x80 [ 163.900598][T15422] __se_sys_ioctl+0xcb/0x140 [ 163.905222][T15422] __x64_sys_ioctl+0x3f/0x50 [ 163.909804][T15422] do_syscall_64+0x44/0xa0 [ 163.914207][T15422] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.920100][T15422] RIP: 0033:0x7fd896683697 [ 163.924495][T15422] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 163.944145][T15422] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.952552][T15422] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 163.960569][T15422] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 163.968531][T15422] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 163.976482][T15422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 163.984432][T15422] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 163.992446][T15423] CPU: 0 PID: 15423 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 164.001213][T15423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.011280][T15423] Call Trace: [ 164.014551][T15423] dump_stack_lvl+0xd6/0x122 [ 164.019214][T15423] dump_stack+0x11/0x1b [ 164.023386][T15423] should_fail+0x23c/0x250 [ 164.027796][T15423] ? security_file_alloc+0x30/0x190 [ 164.033110][T15423] __should_failslab+0x81/0x90 [ 164.037865][T15423] should_failslab+0x5/0x20 [ 164.042364][T15423] kmem_cache_alloc+0x4f/0x300 [ 164.047123][T15423] security_file_alloc+0x30/0x190 [ 164.052236][T15423] __alloc_file+0x83/0x1a0 [ 164.056659][T15423] alloc_empty_file+0xcd/0x1c0 [ 164.061420][T15423] path_openat+0x6a/0x1ec0 [ 164.065852][T15423] ? copy_page_from_iter_atomic+0x44b/0xbb0 [ 164.071750][T15423] ? set_page_dirty+0xf4/0x1a0 [ 164.076589][T15423] ? shmem_write_end+0x37d/0x3d0 00:07:17 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x200000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 164.081577][T15423] ? balance_dirty_pages_ratelimited+0xc4/0x2a0 [ 164.087967][T15423] ? generic_perform_write+0x377/0x3e0 [ 164.093681][T15423] do_filp_open+0x105/0x220 [ 164.098190][T15423] do_sys_openat2+0xb5/0x2b0 [ 164.102787][T15423] __x64_sys_openat+0xef/0x110 [ 164.107550][T15423] do_syscall_64+0x44/0xa0 [ 164.112025][T15423] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 164.117956][T15423] RIP: 0033:0x7fe6b5cbf7f4 [ 164.122363][T15423] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 164.142013][T15423] RSP: 002b:00007fe6b3a83ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 164.150423][T15423] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5cbf7f4 [ 164.158384][T15423] RDX: 0000000000000002 RSI: 00007fe6b3a84000 RDI: 00000000ffffff9c [ 164.166418][T15423] RBP: 00007fe6b3a84000 R08: 0000000000000000 R09: ffffffffffffffff [ 164.174390][T15423] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 00:07:18 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007c00) 00:07:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 21) 00:07:18 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x300000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 164.182355][T15423] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 164.252500][T15450] FAULT_INJECTION: forcing a failure. [ 164.252500][T15450] name failslab, interval 1, probability 0, space 0, times 0 [ 164.265157][T15450] CPU: 0 PID: 15450 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 164.273919][T15450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.284070][T15450] Call Trace: [ 164.287332][T15450] dump_stack_lvl+0xd6/0x122 [ 164.291910][T15450] dump_stack+0x11/0x1b [ 164.296048][T15450] should_fail+0x23c/0x250 [ 164.300445][T15450] __should_failslab+0x81/0x90 [ 164.305194][T15450] should_failslab+0x5/0x20 [ 164.309716][T15450] kmem_cache_alloc_node+0x61/0x2c0 [ 164.314898][T15450] ? alloc_unbound_pwq+0x3e6/0x780 [ 164.319992][T15450] alloc_unbound_pwq+0x3e6/0x780 [ 164.324938][T15450] apply_wqattrs_prepare+0x1ed/0x630 [ 164.330212][T15450] ? vsnprintf+0xe8f/0xed0 [ 164.334734][T15450] apply_workqueue_attrs+0x9e/0x100 [ 164.339964][T15450] alloc_workqueue+0x777/0xad0 [ 164.344713][T15450] ? disk_unblock_events+0x35/0x40 [ 164.349809][T15450] ? bd_prepare_to_claim+0x1e6/0x270 [ 164.355082][T15450] ? loop_attr_do_show_dio+0x70/0x70 [ 164.360429][T15450] ? loop_set_status_from_info+0x35e/0x3a0 [ 164.366281][T15450] loop_configure+0x681/0xeb0 [ 164.371024][T15450] lo_ioctl+0x618/0x13e0 [ 164.375314][T15450] ? path_openat+0x18d4/0x1ec0 [ 164.380369][T15450] ? blkdev_common_ioctl+0x438/0x1110 [ 164.385722][T15450] ? selinux_file_ioctl+0x981/0xa10 [ 164.390937][T15450] ? lo_release+0x120/0x120 [ 164.395431][T15450] blkdev_ioctl+0x1d0/0x3f0 [ 164.399919][T15450] block_ioctl+0x6e/0x80 [ 164.404204][T15450] ? blkdev_iopoll+0x80/0x80 [ 164.408776][T15450] __se_sys_ioctl+0xcb/0x140 [ 164.413365][T15450] __x64_sys_ioctl+0x3f/0x50 [ 164.418007][T15450] do_syscall_64+0x44/0xa0 [ 164.422411][T15450] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 164.428294][T15450] RIP: 0033:0x7fd896683697 [ 164.432801][T15450] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 164.452505][T15450] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 164.460942][T15450] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 164.469019][T15450] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 164.476972][T15450] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 164.485034][T15450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 164.492990][T15450] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:18 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x400000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:18 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 16) 00:07:18 executing program 0: write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc84db960b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b1b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67d", @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 22) 00:07:18 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r2 = open(0x0, 0x0, 0x0) r3 = open_tree(r2, &(0x7f0000000040)='./bus\x00', 0x81400) connect(r3, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e21, @loopback}, 0x3, 0x4, 0x3}}, 0x80) r4 = dup2(r2, r1) io_uring_enter(r4, 0x72d1, 0x482a, 0x2, &(0x7f0000000080)={[0x1]}, 0x8) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r5, 0x0, 0x80000001) [ 164.637314][T15467] FAULT_INJECTION: forcing a failure. [ 164.637314][T15467] name failslab, interval 1, probability 0, space 0, times 0 [ 164.650100][T15467] CPU: 0 PID: 15467 Comm: syz-executor.5 Not tainted 5.15.0-rc3-syzkaller #0 [ 164.658865][T15467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.669119][T15467] Call Trace: [ 164.672387][T15467] dump_stack_lvl+0xd6/0x122 [ 164.676986][T15467] dump_stack+0x11/0x1b [ 164.681172][T15467] should_fail+0x23c/0x250 [ 164.685581][T15467] __should_failslab+0x81/0x90 [ 164.690336][T15467] ? kobject_uevent_env+0x1a7/0xc40 [ 164.695564][T15467] should_failslab+0x5/0x20 [ 164.700135][T15467] kmem_cache_alloc_trace+0x52/0x320 [ 164.705527][T15467] ? pwq_adjust_max_active+0x491/0x4b0 [ 164.710975][T15467] ? dev_uevent_filter+0x70/0x70 [ 164.715941][T15467] kobject_uevent_env+0x1a7/0xc40 [ 164.721162][T15467] ? __list_add_valid+0x28/0x90 [ 164.726009][T15467] ? alloc_workqueue+0xa18/0xad0 [ 164.730935][T15467] disk_force_media_change+0xe3/0x170 [ 164.736409][T15467] loop_configure+0x6c0/0xeb0 [ 164.741113][T15467] lo_ioctl+0x618/0x13e0 [ 164.745353][T15467] ? path_openat+0x18d4/0x1ec0 [ 164.750157][T15467] ? blkdev_common_ioctl+0x438/0x1110 [ 164.755678][T15467] ? selinux_file_ioctl+0x981/0xa10 [ 164.760899][T15467] ? lo_release+0x120/0x120 [ 164.765470][T15467] blkdev_ioctl+0x1d0/0x3f0 [ 164.770035][T15467] block_ioctl+0x6e/0x80 [ 164.774265][T15467] ? blkdev_iopoll+0x80/0x80 [ 164.778866][T15467] __se_sys_ioctl+0xcb/0x140 [ 164.783480][T15467] __x64_sys_ioctl+0x3f/0x50 [ 164.788060][T15467] do_syscall_64+0x44/0xa0 [ 164.792491][T15467] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 164.798383][T15467] RIP: 0033:0x7fd896683697 [ 164.802891][T15467] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 164.822491][T15467] RSP: 002b:00007fd8943faf48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 164.830899][T15467] RAX: ffffffffffffffda RBX: 00007fd8966cdcc0 RCX: 00007fd896683697 [ 164.838866][T15467] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 164.846955][T15467] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 164.855035][T15467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 164.862995][T15467] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 164.875925][T15469] FAULT_INJECTION: forcing a failure. [ 164.875925][T15469] name failslab, interval 1, probability 0, space 0, times 0 [ 164.888655][T15469] CPU: 1 PID: 15469 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 164.897448][T15469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.907499][T15469] Call Trace: [ 164.910839][T15469] dump_stack_lvl+0xd6/0x122 [ 164.915431][T15469] dump_stack+0x11/0x1b [ 164.919580][T15469] should_fail+0x23c/0x250 [ 164.924007][T15469] ? kzalloc+0x16/0x20 [ 164.928079][T15469] __should_failslab+0x81/0x90 [ 164.932858][T15469] should_failslab+0x5/0x20 00:07:18 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x500000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:18 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x600000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 164.937383][T15469] __kmalloc+0x6f/0x350 [ 164.941573][T15469] ? _atomic_dec_and_lock+0x60/0xd0 [ 164.946785][T15469] kzalloc+0x16/0x20 [ 164.950687][T15469] alloc_workqueue+0x12f/0xad0 [ 164.955524][T15469] ? disk_unblock_events+0x35/0x40 [ 164.960642][T15469] ? bd_prepare_to_claim+0x1e6/0x270 [ 164.965937][T15469] ? loop_attr_do_show_dio+0x70/0x70 [ 164.971254][T15469] ? loop_set_status_from_info+0x35e/0x3a0 [ 164.977143][T15469] loop_configure+0x681/0xeb0 [ 164.981881][T15469] lo_ioctl+0x618/0x13e0 00:07:18 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x700000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 164.986123][T15469] ? path_openat+0x18d4/0x1ec0 [ 164.990896][T15469] ? blkdev_common_ioctl+0x438/0x1110 [ 164.996271][T15469] ? selinux_file_ioctl+0x981/0xa10 [ 165.001468][T15469] ? lo_release+0x120/0x120 [ 165.005999][T15469] blkdev_ioctl+0x1d0/0x3f0 [ 165.010499][T15469] block_ioctl+0x6e/0x80 [ 165.014733][T15469] ? blkdev_iopoll+0x80/0x80 [ 165.019334][T15469] __se_sys_ioctl+0xcb/0x140 [ 165.023922][T15469] __x64_sys_ioctl+0x3f/0x50 [ 165.028510][T15469] do_syscall_64+0x44/0xa0 [ 165.032939][T15469] entry_SYSCALL_64_after_hwframe+0x44/0xae 00:07:18 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x800000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 165.038890][T15469] RIP: 0033:0x7fe6b5d0c697 [ 165.043294][T15469] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 165.062896][T15469] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 165.071354][T15469] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 165.079323][T15469] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 165.087290][T15469] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 165.095260][T15469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 165.103232][T15469] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:19 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80007d00) 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x900000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:19 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 17) 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xa00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 165.197280][T15519] FAULT_INJECTION: forcing a failure. [ 165.197280][T15519] name failslab, interval 1, probability 0, space 0, times 0 [ 165.209912][T15519] CPU: 0 PID: 15519 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 165.218658][T15519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 165.228739][T15519] Call Trace: [ 165.232008][T15519] dump_stack_lvl+0xd6/0x122 [ 165.236732][T15519] dump_stack+0x11/0x1b [ 165.240978][T15519] should_fail+0x23c/0x250 [ 165.245387][T15519] __should_failslab+0x81/0x90 [ 165.250153][T15519] ? alloc_workqueue+0x15d/0xad0 [ 165.255098][T15519] should_failslab+0x5/0x20 [ 165.259672][T15519] kmem_cache_alloc_trace+0x52/0x320 [ 165.265003][T15519] alloc_workqueue+0x15d/0xad0 [ 165.269811][T15519] ? disk_unblock_events+0x35/0x40 [ 165.274929][T15519] ? bd_prepare_to_claim+0x1e6/0x270 [ 165.280239][T15519] ? loop_attr_do_show_dio+0x70/0x70 [ 165.285606][T15519] ? loop_set_status_from_info+0x35e/0x3a0 [ 165.291505][T15519] loop_configure+0x681/0xeb0 [ 165.296265][T15519] lo_ioctl+0x618/0x13e0 [ 165.300504][T15519] ? path_openat+0x18d4/0x1ec0 [ 165.305263][T15519] ? blkdev_common_ioctl+0x438/0x1110 [ 165.311487][T15519] ? selinux_file_ioctl+0x981/0xa10 [ 165.316797][T15519] ? lo_release+0x120/0x120 [ 165.321288][T15519] blkdev_ioctl+0x1d0/0x3f0 [ 165.325774][T15519] block_ioctl+0x6e/0x80 [ 165.329999][T15519] ? blkdev_iopoll+0x80/0x80 [ 165.334571][T15519] __se_sys_ioctl+0xcb/0x140 [ 165.339199][T15519] __x64_sys_ioctl+0x3f/0x50 [ 165.343776][T15519] do_syscall_64+0x44/0xa0 [ 165.348179][T15519] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 165.354068][T15519] RIP: 0033:0x7fe6b5d0c697 [ 165.358469][T15519] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 165.378607][T15519] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 165.387151][T15519] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 00:07:19 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) write$P9_RWALK(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="160000006f0100010080020000000100000000000000"], 0x16) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) [ 165.395117][T15519] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 165.403071][T15519] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 165.411110][T15519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 165.419064][T15519] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 165.448088][T15467] loop5: detected capacity change from 0 to 264192 [ 165.464745][T15467] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:19 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b263174ced1385c03ea3c2d0002c63e9425c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48292a92b9352eae731e09224cc478b595c0bd9467cffc00e927790c9dbfdac5a8bc8c9a580138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6e08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db24284062c59cfd57a9df1ce7930f3a3bc85b4f63f795f352f57ce7bc0f40e7fbb407cd04f249586317ee98900"/257, @ANYRESOCT=r0], 0x4240a2a0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x19408, 0x0) write(r1, &(0x7f0000000240)="e957d337ef58587c4a2723217fc2837626a866cd8200151687bfe115ea4ac9367c4289a92adfc50a9d381cb4b7838bafa9861d2267e60a08a857590d48465372784b071c478690064d1fe76060ea145cf2d1e92b90a7eac2575d9193d0bea7e39f5530926a8d54f427c9310d9db05d6ced068594e883879c56019e08dea142eb793b7dafa264add8cfcba4ebd2ab7dea11d02308c7090aaa3d2427b32bb520a515e8814c1cc943b35c93e8d5fabea7d162533f4efa74e72d7d396ba180c413604e", 0xc1) ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000200)) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x8102, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r3, 0x942e, 0x0) mlockall(0x1) mlockall(0x5) 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xb00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:19 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 18) 00:07:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:19 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008203) 00:07:19 executing program 2: r0 = open(&(0x7f0000000040)='./file0\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0xa580, 0x92a997d7b941dc2d) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 165.646700][T15551] loop5: detected capacity change from 0 to 264192 [ 165.652295][T15554] FAULT_INJECTION: forcing a failure. [ 165.652295][T15554] name failslab, interval 1, probability 0, space 0, times 0 [ 165.666017][T15554] CPU: 0 PID: 15554 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 165.674776][T15554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 165.684816][T15554] Call Trace: [ 165.688180][T15554] dump_stack_lvl+0xd6/0x122 [ 165.692761][T15554] dump_stack+0x11/0x1b [ 165.696908][T15554] should_fail+0x23c/0x250 [ 165.701311][T15554] ? kzalloc+0x16/0x20 [ 165.705375][T15554] __should_failslab+0x81/0x90 [ 165.710126][T15554] should_failslab+0x5/0x20 [ 165.714615][T15554] __kmalloc+0x6f/0x350 [ 165.718756][T15554] ? number+0xa13/0xb60 [ 165.722897][T15554] kzalloc+0x16/0x20 [ 165.726777][T15554] apply_wqattrs_prepare+0x3a/0x630 [ 165.731958][T15554] ? vsnprintf+0xe8f/0xed0 [ 165.736364][T15554] apply_workqueue_attrs+0x9e/0x100 [ 165.741548][T15554] alloc_workqueue+0x777/0xad0 [ 165.746376][T15554] ? disk_unblock_events+0x35/0x40 [ 165.751661][T15554] ? bd_prepare_to_claim+0x1e6/0x270 [ 165.756950][T15554] ? loop_attr_do_show_dio+0x70/0x70 [ 165.762248][T15554] ? loop_set_status_from_info+0x35e/0x3a0 [ 165.768046][T15554] loop_configure+0x681/0xeb0 [ 165.772727][T15554] lo_ioctl+0x618/0x13e0 [ 165.776978][T15554] ? path_openat+0x18d4/0x1ec0 [ 165.781761][T15554] ? blkdev_common_ioctl+0x438/0x1110 [ 165.787216][T15554] ? selinux_file_ioctl+0x981/0xa10 [ 165.792399][T15554] ? lo_release+0x120/0x120 [ 165.796942][T15554] blkdev_ioctl+0x1d0/0x3f0 [ 165.801440][T15554] block_ioctl+0x6e/0x80 [ 165.805709][T15554] ? blkdev_iopoll+0x80/0x80 [ 165.810286][T15554] __se_sys_ioctl+0xcb/0x140 [ 165.814858][T15554] __x64_sys_ioctl+0x3f/0x50 [ 165.819567][T15554] do_syscall_64+0x44/0xa0 [ 165.823990][T15554] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 165.829893][T15554] RIP: 0033:0x7fe6b5d0c697 [ 165.834291][T15554] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 165.854172][T15554] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 165.862707][T15554] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 165.871192][T15554] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 165.879152][T15554] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 165.887249][T15554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xc00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 165.895206][T15554] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:19 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc010008, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xe00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 165.939351][T15551] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:19 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfffffffffffffff, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:19 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008873) [ 166.065996][T15589] loop5: detected capacity change from 0 to 264192 [ 166.089196][T15589] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:20 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa080600009a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x19408, 0x0) write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x1f, 0x3f, 0x2, 0x81, 0x0, 0x3, 0x3, 0xeb, 0x201, 0x40, 0x1d0, 0x401, 0x6, 0x38, 0x2, 0x8001, 0x1, 0x2}, [{0x2, 0x2, 0x3f, 0x8, 0x56, 0x1, 0xfffffffffffffffb, 0x9}], "636462433c01b50404e98488b511c5b044affdd0489ed73c53eb1820bd031b0b2f00947862db0c1d4d502f2926a1160842a9ff11db33bdbbd03bb2069829f293ac79932cbb4e8ff8e3384fa0f8b488000142ec868ecbf78fd0ceec444f74263c5375dba955dde10a83ee8c61d9f4b68c613134af60c423ce8d0bac6cfd8158cb6ecaf2e9339c920844db7ccf77b23a2d495e0855b398c1396e5fe6bb75e7de7b2d9a28919dbce8aa3fac26e6e68c15aed3e07173b35103f1b4ef85c1ca49f0dab3c88346e612c21ac62b062c0931ee2ee76396b8d6e0ecbe81770b9466e54dc7c8d4ee77abffa0e944627278d8d93e194acc68dc660c08ef7722be0cddc5a3709a5823372155df8c944ddcb61f9f87ae8199999c88cafe405c43df9ab119de58975fecad9fc0589caee2a71492d590a403ad4cafe2c7a9683023f243c7a2738b126315fe8b7ea8d1650eef48f92a62b9cc7123ceffb1cde41396da024fe953d4bbbd782bbb740ea70b77de56c3e36c596de4ad9e05771d1b6ac2709bdc7422796612e907472b12846f87b376e8764050a6267741e2c2be20c94cdd6414fd8259346786fccd445dbefe6582ab4d4109ea06f8d810530ed4ee053cff56bb6efc98080036d9bf7b798e9a08f49cba647811eaabad86f53a8cd4be2e596ecca5732741750c76fa8122b9fcd0a04b010a43e0c5079127fc5d7fc9862f55196844ae8189438309f8f8312cbd350634657dc8a4fb62e5f290e6d0ff63abe878922e834121ee66c0abafdfb3eac864281caa53fe96bad8606710e979a97a6a5c56fb80c96191e84ae2c710401cb8ef74e7bee8621feafaf02944c0f6e1c89d88beffd9c51e2fb45fd0b5b6d2cd981e8f14149a9783b98ec0c993b0619324989b5adeef9c5a015c107a11946b6c9aec973cf37d65226523c43b04e7e3c0228e4c9fdb0aecca3a53338f72baa25919ecd6189cfd839b21ed14c8c4d42d8ceaa9d220747d5c5fe2a12dee341857dd919ed84a72fb5dca3cb0979de24a069a4775f21d1230e6dcdc95e1228843d0af3bfdd12107d2bc8649cbc00fbcba9119e38b1532e086707bee992fe4e508be76ac163ba67df28261fbb7365afbe9e61c42f7d17e56577b6d7ea9cb055300972b69d8f1a9805d6aa4b7a63ca0986e612bf55dca0d6a711cd38532846007f92edb1bf243369515cb96c96d4f57eab78862dac4cd398b2f83bb42211b4609d05443be7ebc2845ae5b5fb8cb3c29cef51215ad32d0a8f36c31f770662d8122305e433b382b70ea83f249a7b13fd7237ac58e5fdeb339b07f90c83864af43e4d54df1af6b88770294d75eee0852e55d56ce38331c3bbf6c70b941144da988d66ce0a56b406db58dcdeb400d81a6a50c50831a4d2c7b4d6dec6170b344f7c2b066b98e4ebd5d695e63d60d531e77a3e1a90d1d8d9f11cea36007230c4698046c7ab8f69c8fd8563bca8c6953ffed3db8d30dfb7503d2aaa216fb8398d476b1d48a83ee10dfb235f66742271a059e069127bec685d7a5971da89ee0b12da1bdc3516b31cb405ed5514b372465ac2ee1dfd07f5e31355b87e4169f0e1ad26647891774be680e2a4b02302ae5a135b201170833002b3610ebab87cf49c57877ec0982dfdb7ad64f7afcf103eccfd0cd3d6a9cd9d8ad988f26f1b4e48431f29307e864977e7ed3c57121129e7ac3298df303dab7158f37298750c7b206124dd9079b2f246757c330505a03f372cfd4163c3938ff043e069b4ba42928ed9d1dfbb83a78bd1d06e4696ecbd30ec6937880fbaa9326dc1c9a5d38734b2e116087aeea5e8403260963b8aecc27fc2811210e5dd99a07a39f6eaf4cd498296f0a81ed225610b09f994e4e45a500e038332f7258fcdb25cb6402fdc565dd431fbcfc28274a61d7f9c356f9ac69d92ee7ac723d5d77546b4ebce0733e5bc2c626be959013e99d472c746ddbd97a67789ac5502d61306f33b6b53a8d81a27e9da98e6d3a0502ae349dd81ddf9148162b86ef0219105a6aadd43845e4baec19c5881e5330d4379977f5cbf1ce243cbc4badf280497dbe70c671424c0d50a1a5cee19cde7097c3571d75944c606f35ab276ad24f77a7fdae44d19a286b24bc8bfa63d9fd56396c977b3a3d697786cf9773cf9eddf51f33ff071cfbba1d19ed5b9c472b42bb64d1f785d647a5115fcc4ba91c1ab36c0b402dbd37434523241e85681076bba9e5cab94072e40c233d1abfd936f0b127fa72d92afecc149bbb310670947d2af222bfb5697488c26c5b283cea973d34a00ad1577e6499d5249c0d71fd3b2e4576a9d7304a07de9537af08e82b1a25abd349e7f799bd3046177def75ea106f3b0202ecb45e4495676f83e8e4a6b8ae2d73cb2dc074b9747eb4fc39e6f7ddb491bfdd62c59c7815971a3505243d2a354d350fa5b7f7a92a2778b33adbcb658058c8d394322f2f806d970f80cc8b6f174fe0879ff75749aba5370cf605f5ede34a3b812adc8abfa8e9a26816bf77ca34a73bc0d5467029d2cc90683ab41ba5c131e4de83ca7d86efc02c3f2c8cd65f71b936be3e880d140e712c62267f51bc6af3bb083a659415fa73957d2812f738e58cf7e31dc9be7e797f58c86742ac7754ec6a617230f731e23583678f3fcd040cfd269cb6e692860fe5fadfa6574d4b1eeb1fff8ed47e88c75183f1c30a9a0f5c3da25044ded3ea758ee20b473257369c12cd29599896320b7e8bbd7dd0ae1d40e294fedd117fc246922dd5612c0462b5d755bd2d04ba380f6e2b1ed668cea34ff1ee3731cd14595989d676f7cc4afbbfc5611fadede46c160500f31ab27690b6aeb9f842c7e9e5690dee3a8e1e7519dc5154e235d39430668b368022218be5effd5a96ecd7b1c2048ca38e81db48951e647c725a4d3c3c1ba1f1cc2585620d260baea24f4a3cc0d2fd11cde5fa6e723ee150fa165cfda2616ee0620e4eea240ce29ab8b77f372e3d669851082276d0353bc6647b9904fbe7f005285fda114a54490c9d60794cf2ec004f70c22b87f846c861f7943bbcda2b2144c72a507467fe8af7602d4c0bc1cdea75a1762c1b10ca06226c098451b7f699cbfccb216848e7c30c400384966247a73abcc4ee642b48320453b447850785b3ee55114bc3419755e12615ac68530e340a398fd3a4fce8c69bc5687bd4f2ee9038de5e22e66fa7920e481646aa14b22e83f06905c3e5ccb8b0a6aca00b7e4dd991d71f34d62447501d82a3aa8d09af1a8770671aff4076afdabc5b8850c75a1ec1a9b2be057de35374212951f6666394542ba8f0ebe365eede43d47e7abd2d690d9299706a85c21e68f0f16ea5a947997bd668043bce6e4763c595413edf18dfceae1180edaa7870fc9babebc3d7c8775940dc7b7fd37c38278f68deff3cb318407cfc998af8b17c87a080a250ca4c58836b477c0dde5aba9331c5c161063562679db46e64019dc1e94036c703ca374f61323e7798bc3552247f70fab57998ca0ec9fc91f271286ecfbb3a47ce94ed7f9295ad5f97e22db6556ffa933430a59125ce4329e2003a8b16e0a43b654a80d09c8010b658828274bc68e0ac79b6923eeb01c0172203c761b78eb72b6352117aaef20323978bfb9c0e4b865de29c77da395ed835bd4e3164e60b8a70e1a9503095b975fcbac4424472210f0dbe0c6c64876fde1e81a1911fe6200bbd63e4ca1ca39bb00f8946d716019ec4869f0c347e199df8f3e92acbc9dd4f9c4704426bbc6e508959160b0ef4e357e8e728de78b9447fc53e89a5de2adb76daa59ed239c4e625776a0bc8d901779dfd7e44b2392cbb92ba31a119c1f5734ab0fcf09e6ccdb470c02a3f9a3d632664da3bc2eaba3c77c00c50c2ed0641f085f8bceca17ae83bd1f4848a383a8a6664f6f621fab53247bde521c6956d241682bb0654021a1b339bfa5f39ad065df81f64f6f35ce34ccd67a279ff40458eb5bfec770fc15eccfbafef25436b36ccb56cd63d33e805ffcfc03ec7642fe1dcc323f7efb1f0d08213c8327c32a615cd2a4e875f62d03a890ff3dc5b6c6157518c8968ba21703bef54f074a2034e5a42c593c1173cb0bd5cf3c2d08634d197f599a449518f4e27bcee80b8f8335fd9a68639d8ed0e5e612d65200e8ed6f95f83160ca9df4d8c72cde5ec70b121ee93bc6eaff55462cc3b46578095e1f0cde742f1680ca2278b4bb4032396f5ff106024ba088befdc087e3b7bc5f0aed4b70a3affd1509d138b62147c543c8c243e252ed15863f8f8a0baba64376a7f7c3cb5c12ae70647c16d53399e8f3af20021500056dc441c0d896482b9e70a5f60d66ef09e2fe767c02aac447e0cdf3a363492690e25b9a1f1a88b6c95f841e1976bd90687efb3a4d2216898947d1fd5aa92e6364cbeb62c205782f65057f1157d6c312badcf8aeda9e3a0d60920aa35deeed613b96d36e170b4af26f1150897a6cbb011d07dbf25694e2a6c4ff7e56711306ea54020022ced0728601ac7b6754665c4c0b210aab9965e8ef6e7da1dc953193dd2a4251a67ecbaf0f93cc40af252b30e7add796d58392de9dfe207901f28c8e4e9e1b6eeabaf5b0a6452fc177f20cbd93e74574f8f3148c4ec8b041f06bae3abed91e8b8787c8c44a7934293c531026900a5abfe02ca3265a0e0dba27648563e2c5f27654af9fb9a0ecb58c0db0bc117c34a06d934bb795619f27a1149f99e3a9554786aa9527b6623058b5da1273c7583ef06e2a6436b90c73e8a7ccc1ad2f5406a7ee6d49e8853b0567a9fe56b17b7fdb908c40a2e3a72b6924bb62bc284ca2a4b12c57d4a8d2f6e3eab99a975247d8bd2a6e545a3ce80abd6e03a4b02dd98657da6bbf20e6f4efa2c8dbf4a96f20d31c83710b41dbe893c284d44e91c5c33ef0f396f0d8ad1e89deac336892baa6bca5b0ddf3cd827aa45eab0660e40acf5d40d9f90aa09f789dca2b28dc4f0bfbd7e8e2a077ef9d618f8e50af44bdffa715f784c445eee93752a0d9a93f6001966c1fa3ac70604ee592a9303f3b5b4c5bfd7b09a0060ce0679bc2075bd93442f9930956cca8dd644b09e32624dc0ec6ce6d1cbd6f5b53d3ab5d2dee328e60004d83966a5167d35b58fe378421781e04d6b46db52ffdb46fe26f4fea809f908d094202771c6a742f2c2f13f906d9f07bb180dd9fd25d29493bd2c9e9caa170231746859327a85a8f6d2ae7a1de6cfdd088e8bb18c48d6ee2f3b16a417c2d2b7dce31f54304b8e137608e3774b626add7c295aef7e64300c9fb5da931a62c2564d87e1be992719f02ba8f1be94f8157701bd253891ef50f0874d9b5af2480cdaf1bdc552cdc4faf83363d8d4881a9ff55f64fd9e9157f585223633c09b803bb1a4ba23702206dbbd7c8a5c052b63e6103deb0be615a1b4c0f5e895ee9ef64668c2409c511ef3398db7e55bc3b095e55b29197ae6841779e8e1a9029a49e16d8bc6ab5a291b6627fe012740d6fee9e2c9abf269211f1d9209795c23260b074983494e10f1d954ca0dac9f06d0a11e514f46fdf4478cbcbfa3dd008e4a006c79611e7f6314b331e04cebacafa6b0e5a4b63cc6c9e0c3dccc010e1ad83ad7be0e0c528b7d9293328b417ef679a020e4dda4ac1c4e9e3b05ea1767275e5d1731ce81947ae262b489936b7f5647264a4624462077d2f3831771a62099e69d573d6e39f48c90cb1dd7921f7033247c953e4aea72563b6c0ebfd26a472e8f6694d3b09203902c34ae4674b30f5f5f8005849c97e493c95ddf2f90aca51a75203bb48f917b084718c65179db6a3ad24655ad37f2", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x1578) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 19) 00:07:20 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0) r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r3, r4, 0x0, 0x9) sendfile(r4, r1, 0x0, 0xfffffffffffffffb) 00:07:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1000000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:20 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000b, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:20 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80009000) [ 166.369181][T15620] FAULT_INJECTION: forcing a failure. [ 166.369181][T15620] name failslab, interval 1, probability 0, space 0, times 0 [ 166.381827][T15620] CPU: 0 PID: 15620 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 166.390737][T15620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 166.400824][T15620] Call Trace: [ 166.404118][T15620] dump_stack_lvl+0xd6/0x122 [ 166.408727][T15620] dump_stack+0x11/0x1b [ 166.412880][T15620] should_fail+0x23c/0x250 [ 166.417324][T15620] __should_failslab+0x81/0x90 [ 166.422091][T15620] ? apply_wqattrs_prepare+0x5f/0x630 [ 166.427462][T15620] should_failslab+0x5/0x20 [ 166.432071][T15620] kmem_cache_alloc_trace+0x52/0x320 [ 166.437357][T15620] apply_wqattrs_prepare+0x5f/0x630 [ 166.442554][T15620] ? vsnprintf+0xe8f/0xed0 [ 166.447019][T15620] apply_workqueue_attrs+0x9e/0x100 [ 166.452219][T15620] alloc_workqueue+0x777/0xad0 [ 166.457004][T15620] ? disk_unblock_events+0x35/0x40 [ 166.462117][T15620] ? bd_prepare_to_claim+0x1e6/0x270 [ 166.467482][T15620] ? loop_attr_do_show_dio+0x70/0x70 [ 166.472842][T15620] ? loop_set_status_from_info+0x35e/0x3a0 [ 166.478635][T15620] loop_configure+0x681/0xeb0 [ 166.483314][T15620] lo_ioctl+0x618/0x13e0 [ 166.487598][T15620] ? path_openat+0x18d4/0x1ec0 [ 166.492378][T15620] ? blkdev_common_ioctl+0x438/0x1110 [ 166.497734][T15620] ? selinux_file_ioctl+0x981/0xa10 [ 166.502918][T15620] ? lo_release+0x120/0x120 [ 166.507496][T15620] blkdev_ioctl+0x1d0/0x3f0 [ 166.511993][T15620] block_ioctl+0x6e/0x80 [ 166.516307][T15620] ? blkdev_iopoll+0x80/0x80 [ 166.520880][T15620] __se_sys_ioctl+0xcb/0x140 [ 166.525549][T15620] __x64_sys_ioctl+0x3f/0x50 [ 166.530144][T15620] do_syscall_64+0x44/0xa0 [ 166.534549][T15620] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 166.540484][T15620] RIP: 0033:0x7fe6b5d0c697 [ 166.544882][T15620] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1100000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 166.564470][T15620] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 166.572898][T15620] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 166.580923][T15620] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 166.588911][T15620] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 166.596947][T15620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 166.604899][T15620] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1200000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:20 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 20) [ 166.638468][T15632] loop5: detected capacity change from 0 to 264192 00:07:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x1400000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 166.688636][T15632] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 166.729986][T15652] FAULT_INJECTION: forcing a failure. [ 166.729986][T15652] name failslab, interval 1, probability 0, space 0, times 0 [ 166.742693][T15652] CPU: 0 PID: 15652 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 166.751486][T15652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 166.761618][T15652] Call Trace: [ 166.764891][T15652] dump_stack_lvl+0xd6/0x122 [ 166.769491][T15652] dump_stack+0x11/0x1b [ 166.773642][T15652] should_fail+0x23c/0x250 [ 166.778048][T15652] __should_failslab+0x81/0x90 [ 166.782897][T15652] ? apply_wqattrs_prepare+0xbe/0x630 [ 166.788263][T15652] should_failslab+0x5/0x20 [ 166.792787][T15652] kmem_cache_alloc_trace+0x52/0x320 [ 166.798123][T15652] ? apply_wqattrs_prepare+0x5f/0x630 [ 166.803514][T15652] apply_wqattrs_prepare+0xbe/0x630 [ 166.808717][T15652] ? vsnprintf+0xe8f/0xed0 [ 166.813131][T15652] apply_workqueue_attrs+0x9e/0x100 [ 166.818327][T15652] alloc_workqueue+0x777/0xad0 [ 166.823337][T15652] ? disk_unblock_events+0x35/0x40 [ 166.828496][T15652] ? bd_prepare_to_claim+0x1e6/0x270 [ 166.833852][T15652] ? loop_attr_do_show_dio+0x70/0x70 [ 166.839137][T15652] ? loop_set_status_from_info+0x35e/0x3a0 [ 166.844950][T15652] loop_configure+0x681/0xeb0 [ 166.849666][T15652] lo_ioctl+0x618/0x13e0 [ 166.853915][T15652] ? path_openat+0x18d4/0x1ec0 [ 166.858855][T15652] ? blkdev_common_ioctl+0x438/0x1110 [ 166.864271][T15652] ? selinux_file_ioctl+0x981/0xa10 [ 166.869478][T15652] ? lo_release+0x120/0x120 [ 166.874069][T15652] blkdev_ioctl+0x1d0/0x3f0 [ 166.878556][T15652] block_ioctl+0x6e/0x80 [ 166.882827][T15652] ? blkdev_iopoll+0x80/0x80 [ 166.887401][T15652] __se_sys_ioctl+0xcb/0x140 [ 166.891979][T15652] __x64_sys_ioctl+0x3f/0x50 [ 166.896548][T15652] do_syscall_64+0x44/0xa0 [ 166.900951][T15652] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 166.906858][T15652] RIP: 0033:0x7fe6b5d0c697 [ 166.911270][T15652] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2000000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2010000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 166.930930][T15652] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 166.939372][T15652] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 166.947346][T15652] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 166.955307][T15652] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 166.963257][T15652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 166.971210][T15652] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 167.020732][T15632] loop5: detected capacity change from 0 to 264192 [ 167.035005][T15632] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2200000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:21 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r2 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) r4 = socket$packet(0x11, 0x3, 0x300) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004b40), 0x8000, 0x0) pipe(&(0x7f0000004b80)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000004bc0)='/sys/module/sky2', 0x200, 0xc) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000008300)={0x0, 0x0}, &(0x7f0000008340)=0xc) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r12) r13 = getpid() sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@cred={{0x1c, 0x1, 0x2, {r13, r11, r12}}}], 0x20}, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f000000b040)=[{{0x0, 0x0, &(0x7f0000008780)=[{&(0x7f0000008680)=""/239, 0xef}], 0x1}}, {{&(0x7f00000087c0), 0x6e, &(0x7f0000008940)=[{&(0x7f0000008840)=""/42, 0x2a}, {&(0x7f0000008880)=""/139, 0x8b}], 0x2, &(0x7f0000008980)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000009e40)=[{&(0x7f00000089c0)=""/77, 0x4d}, {&(0x7f0000008a40)=""/4096, 0x1000}, {&(0x7f0000009a40)=""/101, 0x65}, {&(0x7f0000009ac0)=""/165, 0xa5}, {&(0x7f0000009b80)=""/128, 0x80}, {&(0x7f0000009c00)=""/159, 0x9f}, {&(0x7f0000009cc0)=""/65, 0x41}, {&(0x7f0000009d40)=""/215, 0xd7}], 0x8, &(0x7f0000009ec0)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}], 0xc0}}, {{&(0x7f0000009f80), 0x6e, &(0x7f000000b000)=[{&(0x7f000000a000)=""/4096, 0x1000}], 0x1}}], 0x4, 0x60, &(0x7f000000b140)={0x0, 0x989680}) sendmmsg$unix(r1, &(0x7f000000b200)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000100)="183f8685e9c6e45b4fc52680481d4a678883d0796b55b57149f70ee8c04f1adc4f2f5c589eeb57bca2656014934b7f538a839d45d3f0dc81cdf9ac12e6c2054ea5bf3804ef3860fb6f0d9a2e1c25b2c6868c96aa16c39150b4324fc416ad2a193e426e6b13bd0315520aedf842ced536c5e17418801ee5976cc2cc1ed18ca24fc69acfe6a8d02f34caa2a8ec2e62e2a6de2cf65f985821be3ae2d88642781f1d6b6f15e23de97b8ed748f80707cf26a015d33886c2bdc7c7f6637f789a17c3df9a58ea4a19c383da5529", 0xca}, {&(0x7f0000000240)="30110a27204a2e9e2ae043c374739b3da8692e9826601eab5c7d1d861c9ec10fe698c79d3df9a106029c9c75246c2bf4d4c56891f4f036bc704fabfc60efaf7db6d22dd47f4bca6534172e174121a7d630ca5545da7e8e443f81274ae1177feeed31616a32db1302cb455cda742187fa541bca0045a0be1eaf45cc2e70624e59dabbbc2225e042bfeebb154fbe6fa4d675ca5bc9b0337f76d883a485b0024202dc8618cbd8c8a76395f2d23b6f3435495a5e6acaf7427192927f24d8f0170bbe853a6869d89356830d517e3c72c822e89fddf8bb88", 0xd5}, {&(0x7f0000000040)="4149dbbd99cb44a58fe9c2a4ecaecd534b3e85e1e1cae4cdc6", 0x19}, {&(0x7f0000000400)="9702d13b8f041ab2f826291f91c346314feefed587bac0615015099795bfb5b9accfba5ae240175c2372c6f1f0449e7d9096de8af9b44cff12f206362d8b706d6e9045783af1ad9a293aa840c49e5c3aeafd2eaade7e3b919c73612628892f4f4bbe5be544d2a05702eeee7a", 0x6c}, {&(0x7f0000000480)="59e969606a63936161e997c633f925691ced0f53bfc37f209693081d5b4f168efa097a7474ef05ed91dbea297ce9a5d4fba8abc908a4490adb753eb7c221dd52de992a9fd52b49cc9b9498c2911db9d64727316792ba5195389c84c781c9ade8ed683d16616e134c1d8502fdcdc4d3df27a1dd828fe308c18bd6a1e4489a6563845233b9", 0x84}, {&(0x7f0000000540)="fd0e0c5de1f2cfa927051357c18b57609190cfda0db2a3fc4b20e0b083ef202670dc7f17f7b6c2e08ae1013597ce05bc84620a3c436b793b9ee2b00b67137ba07bf934aab53f110eb00d9373d3c805888c94f819fad55ccda043a6f552033f02e7111aa1d5c004a338b4253517f22eb9d3640eb749923833b14f99795c85c6889515ca9d2b96e3aa3cabb90815bde78019", 0x91}, {&(0x7f0000000600)="a6adcbc1c2a7158f15555c5ff44503befdf120b8a883ea3f37e4c49a024d808b67df4e177953477310fe20d2614cfd1d15e88c76232d5c286fdf575294adb21386afc37f2408233b3433d8172c0959247e1b9d93ad2d8e275bc5a63b41bd7fd35bd88980f60507e39d704af9577ffb7a775a12f62f14b8d2a991a64e17ae104f60be78e87400cebabb567e2a9c00c4052368110ec743635242156f45ff60f48ad57cf02b49627458b8a420", 0xab}, {&(0x7f00000006c0)="2b2d24e34872f726840f25a95d575d14c479504528d4b39dbb60c61f068b6a6e5fdce7c05c9c3a38457730e1075ab5e03843c166844bd587a3230b9facee1b237a174ede51eded5d1e53d43ec5dee4b988908f1cdb8127cc4198920f7134802c7006e2d4383b2e31375b0850470afa1e80abffc18f7df2938019ea1562ff2b9fc0e2b290697e67c512a25955d0c12a643aeb97918c11cf0d97bd92d272b8b47e44794780d42c9b111776faf7b2f9aebf12777fce322c8db7a8029c4bcb94cd1da7a94f457d5e7c9fb0d1eb41ba55d5cdbeb23d993865d5c83e57a7d4db72eaab47d2e17e774e309b31364c75a8136239848c87ec15f9", 0xf6}], 0x8, &(0x7f0000001ec0)=[@rights={{0x28, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [r3, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8, 0x20000004}}, {{&(0x7f0000001f80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002180)=[{&(0x7f0000002000)="422db4bf26f9bbe4e7193b1641b69698740d359f737bbc129d992641715337a9b12313aa6a508364eea3e0e1d3247c6a89f039967318a38e36f17a6c4e5cfd15655d47972326ff00cb7087830f89405d9d77c05a9812753995bbf2244db336fbaee06a16b4a49bbe20698e5538957c871e61890434d7a15ec0b1955e069db26e25ca9604dc0a", 0x86}, {&(0x7f00000020c0)="0ca85503cfd280492477d2d471b475a0095fe9d08e7bb7430265d9d73e38bff8e26a70732df32f7b9f27ecb91cdf57d2fdd60bdc31a2ef5d8d0d3d940dfb70fdaad9fa4c348c25daf15c0b3a01878478b81f26e444d9597dd61ecae99468a9ee27bd813588ae908514cf8dc71b33ed2d23da3d69122e287838cb53cadada2471a7559cb1cbd5ad508d774c57dc372c7f49", 0x91}], 0x2, &(0x7f0000004540)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x30, 0x1, 0x1, [r3, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}], 0x130, 0x40}}, {{0x0, 0x0, &(0x7f0000004ac0)=[{&(0x7f0000004680)="2b1e122db72d0cd63ae5b8e7930c8c7ca6f67a", 0x13}, {&(0x7f00000046c0)="8904e3dcb4d2c24defb73c638c708e7c045854f9a410d15345a1aa80ec30f95ad8a31f6411d61f5d48832020845b4bb4da6e3829039c96d6b9afec80e67147af4b7c34038c3cb2ec29b890f4a50497fedde896f8a6098ff007cbc83b9b4f86adc71e44c79db3380d60d35708b46b9980303c10964bd4a162c2137ac0784bebe087817840ffe63976d098f1658653b5a7cc1b9b96d9290d4516f8b754f3", 0x9d}, {&(0x7f0000004780)="c361eb71bc260e998693c6bc13784fc929dffb787a342d2e4d4a6a8ab9de76fcb994dbc9e87ce1bc7e0483caca802b650fec9fd89a00c403e544ea4201ca57f60cc32e8558daed8ccd247995f95c23dae506990853a11e36f5e72f706f3c4ea3e30bea0cae70dcde9871c95232fb4ff5bb877fcea244813e104e95d680904c1b921116efa7acb226345e1f332e678ff9660131ebc6a7f7a586820b57b35649de7f92ed5e6e483af086", 0xa9}, {&(0x7f0000004840)="24260a23dafb98ee954816f926ec95ac1ae415a43846ab08c82dbdfa0af9a791819a0865bb452e7ef6a52eb789e27858f4aba22d2d61a01c83dbd765ca692f3fb9851b5e56a546f697e9322ea5c9f00eb0cafc5e0e2a72e7128f9cea8ac86d2fdc9de5a4f628877786495a53e7da47b9beaef1e567b2437395abcb00d6b0cc41941a124d2233dbf0d1234e1413e49a1a47ea5c72beadb553f7ab64cc6e6b754e834fc70dfa8e6287ccec021147af118a38f1b525a0fba29a8b3a8d25287ce17ac06df6a843f53c1a154467026074fe01", 0xd0}, {&(0x7f0000004940)="c3a5bef0d2dfe1c11fca07fa0d7736e86f98996540ac56cb7629209f1fb2872ca2254a081805ec922db9b1a01e846a8355b5b978a6450154c66c2ce4700355c49328bdd84cc1579506b06250211ca86119fd8d3f50189a80029bb47994c27af5e008daa93f541602773ba903fdb4405f7d9c668ba4b91ab29115b7ea16b1003567da8ba9d23349d65be735be951248c9da47a42219f1a27fa4b55304087f624bacc23af0252bbf56bb263ee2fc24572f212277498e48370e8e145171458d80fb99cf9a73dbd60a9a1eac044a206e", 0xce}, {&(0x7f0000004a40)="8d5a438e7d04f17bc425c069c22ff88a6ee5ff1eaddb8688a50d6c240287badf049c731cceb869db", 0x28}, {&(0x7f0000004a80)="9b58366aaf3d", 0x6}], 0x7, &(0x7f0000004c00)=ANY=[@ANYBLOB="30000000000095cd50f34ef900000100", @ANYRES32=r4, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r7], 0x30, 0x10}}, {{&(0x7f0000004c40)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000004fc0)=[{&(0x7f0000004cc0)="2b137ce7fdcac1b461bbe8a8fb51735ce239c570e74cbb89f94601b653fd1edf0f89c4f9edf30a387f0a870f3cbb240f6372793e1a4942fc487ce2d87a28ec0220f3adeb46ae9c8a9d5de485a287c706f2f1b8e6cb5a77df9d9e97d7a7c7855c83c394cc6a209cd8f744902acba8de523f15910ac508393fe89c12faeb6a5ca0520041561e1aee7b4431559c06a7d4eeb3f65d8667082f6d63ecc62ad2f36d2191481009c79ab93f8c3cd49ab66b848ce2190e9048e50b14caa1ff86b2dea30e8b65988e3638715411d902cd4b9edc2683944eecaa1cab2b48ac2dee8932fb020d4b58dd9648494b04f662e27d507b515c9dba", 0xf3}, {&(0x7f0000004dc0)="244061363784003a16f03e0c7a6c5d526260ad4f53b0069bd85c8d9153293ec941ead400db9b3027f498a6ea52cb5c7a79743b9a658621d653d498872f09fb41ba7764637b8b64014f4ccd3bbf3a96b04ff35f989efe80db41ea8f6044c585c7b1383f17f1a7009867cfe09c310dfdcdd1b289a19b4c17074421c30e674e", 0x7e}, {&(0x7f0000004e40)="b18fe25a422b0010b8dde8e7c4549b642075a6322542b444a344751a32f89ebea4ce483ad4ff52549628a31b8845bec355ac46e9eb8201148f99dbd65840d528cd90fd81611ab104532756f4e59be204b81815c26d8344073168cef4159328b3367ad143c4fd43294a0c83b3fbc830a55038b5d030764411009f81672796ff23b8de0a91bb19e7ffb9701cc251d26c642b249ffebab54f18c636d5974d1142f9c614f64b2a7f33900b23ad4f6ec32162dc", 0xb1}, {&(0x7f0000004f00)="5871923a9e57f9460cef7f028e5d5daabf59303db4745eae462cda2ff2ade379e7deaf806af459b6507d2c56a4399769516744cf6dfe0c484190467b12f428bfecf974f44909a60d195ab857cbf98a58ef4936e654ab87085442f15531bc17f197fd5010732a5727020e9798ad9d577ead4d2fb66596f26060e094285b01b3cedd5bc6584787e18ae6e3bc9e61f4441d90b3085e98522ea7", 0x98}], 0x4, 0x0, 0x0, 0x4004091}}, {{0x0, 0x0, &(0x7f0000008280)=[{&(0x7f0000005000)="d7dfe45a31aa24123082a3f868cf6e4a6cd131dc4069091b04f79e083dffe0a323e366a348af8a2ec14f3eaff4b2a548269d74e2d27eac0b36de802fcc2325b199585ea32ccf63ce8582960ba017c396c95b5914a0719afa8a6f4cab88bc79228b6d9547e9b0d7dc5438ca0684c0402710d5829a522f3a19c4511b9028e5687921f5a0be776ec513a3e08c03f38d4770ec40a15cfe5135860bd1315013d0c3f014ee0c9b345b726a93d42d9265", 0xad}, {&(0x7f00000050c0)="c59c0a7fdcda910396fc68ba9437a355984c9cddafe992bdb25e8af7453b56ff898e1a45c6dab7e62892cc6872f35acf75c39639e3b9ef87b4b56f270290903497f82922a7ba7c8f5e2a8e3d026c63534d1ab0e12c507eb55553f49893884f52621c8329cf4bdc1db0ee267241a2a36d9cc0675a805cf24fd9", 0x79}, {&(0x7f0000005140)="4e26eb63a53873ff7e1f08cb04ea1dcfad7613c0fa2bf19b38c76447ed3b9698448f90a9f6a189c77220e5f6f639b811dde3dcc1daf3a66698536d622b30c0856159ecf0669d6e34c950d86ddc78f0a911167b590f108ef2b615800d85297d3f30269f1dc93abcd7940fbbd6569da6a1fa3fb8c6a37d4bc40a4ec0f9a76eadc0dbac2835824f8c64947a6761e995628af00f1e6aaa03517edd8a21bedec6ee169e0e1f820519b79036653a0fe90902c48faf8cbe4458fc18520e1c482ca3a4c19032e054436a0d9fe0f1d249400c8068b25a7fda6a7e4cd4a9af0fbe81b35b4b55f30360a45d8edb3954538c4cee0092f011359c821882191b30acbdb2d9492826107ffe34f507ef3c0a42d50c7729418f6bb79e6b03d0c52d266181a8b20a2ff0d5c31db9fe6f5a559a81531c1027ecc3543c6889dbfbbb71973315799a3120e04b2d48920cd0e7cfa26e7159c938fd8441fc0fd3cc41b7e3547f9abd1b28e55bb75fa2f783f260716320b7eb0658496356d8397528dee9a6f7de4158eda846b9bed58222fd92eb35a4494b68f41a367c55ceb4a2179675156b57bb99b49ce74b31372e3f2c9ea3ae18a4e50ffa5716fb06884177a6d72efffc79def0760df651d61f79ffe5b5fb6a879428195ef4b7915423f442500541fb525b651d6d9ee6c6c3d4457775fd28af3bb3a6baea6ef083f9499bad403b3dc4cb1106ebd7e546cd4711be2b9c5e49f4d316d54f7e41bc1b81dff4c2cb2eeba82b92f78a7b9f2cd11fa04f9694257780aab6bfab37f00c9b542910386ae09cabd350d7a611a8ba7413a69f850c05cb074db4e4039f0d73c283b9c909fa665043c1f1483aa61487246fa4a14847ccc0d7ec1f8484dbead55c6f7859cde81f2b28d5ab0df2829f9cd9f400cedaffef500a8beed47a11fe8529957fb075c8632a3fa306747b287a7b8f69453552114c60c6edd934348a5daefec68a463ecd1e54b82e252a0f8c39883d9a23527b347d6c3dbad2d07b961807350a9dc2f64baabf4a2a803c96c71ecf63ba89a543ceb49abc62b344fb7ff88ff6e52d7f48c8f4dbb3d0f9926ca9000cffa27b4eb464d172a3ffdbfb0fee9c74f55a05561728b4b157111b4378f340d2effcd5225ecf6b0fdc7b74d2030ae3528750fa0bcde369cf278f683773078246ff9eb4cd6ec74519f0fe609cc5a7a398cca9b029b8082620fbb40a66bd4dc833834182eebe11e9a25b8696febf63e7a3f3dc0e0fa5180dfae7386dc8368e0adbab1f8c31583c4274c5a928c71e1a6e62f1155d8aa9d5bb60e83da1676fab31ded157de11bc45b032ccae155f3eb426ffbd8c78190293c830b44587964f5c70b9665d6881ca312e8fb8d8e6113067d69dde15d3997a591d24631bfb2bbd24ddd1c60b8cc0bf8837e0639375e931b0fd9b25326e2cbdda43ca06141e4df9986743c02d136dabe76ca2f358b6098cc3bffb1387e3f3f58c93d06e1dddcb711ce4ee4b14d4053bcc231e38ec3935a16cabd12712f017726411666138e09140a2f1aa155c967180ca0c180bdb352321e1f8063f483a620ea9040ae401044b74abed71dfde68dcc617511bf411895ae5ff09e4b5623645b9edfd92ceee7d21795f90b9c3932ba4a4cb908da59df719ff279ba62fd530c59c38d9ed471681cfd8c6d5e37697b5e396aea0c2ae9d21a4077c1ff4628a20e70b2396f3f4bdf64f06523b4b6e612dc160ce539f1cd4c90c713931cd28deb73669e95c566563e6d994d004af92dfe3ae9869a927b052f0753cbcaa076745bc018822b276836a08f011ab2c8d046b67c03d0a3a09b7df4852d85747660a4b74523aca3c25d01982c596c64cfc9536d95f2773f8d18b41ed59618a241af8e9d7ca50e68c6e49b928cffcc03c0f8bb0b834e627fecdc8157ddc113831e78f43dbdf3a74a5bfe9056ea2cc21eef7a8ba97efc6e01ba80abffc14391020e3cce5347f047bc8a92c0f55024d25d1f9e08a84951424fcda0d42c1802c5db11809bd9ff8870d9bb81d0dd46b20826d9a45e4a29e8ce151c9eba7b247767c5ea28c26c16debbdcf9c76b904dff2d0b0a235e578dff9f5c6f2798bbbb6b3edf62f277d71d3da6dc93bd7899c009b7c14ddecb5100f72ab5e22008e2b04f30333f5c5ef698d8353ca926551ba60216e9b7b5e4557784738557f2498ca46a538aae9197d846954053aef4f3f7597ae4910adc373cc3e836859f4feb72bb32d6c642a1269d054b845975ced876dab7e3f5bea2684a9965387c6ef01bea35a80fa5b6241fadd750f29f104e1e7637675797bf215a3b086c6a6169918a00ffb668c1c017e8cae8c7c59b18ac5e78b6e311eff6bf7a0ea704c289a00956545f76ff9f7f80bd1a2f7f9258b5e12eed401221d08c774a02f1fc39426a6945231f54c1988ade38046b14891ec36caf0f327f264ed3e80f50287843dd8c3ae0013e9defcb565046c2a32ccf68894e1f6ac351543a6b9c35221169e6afb6ed8cfa29b27362244b21d7aac484b99a538815d03cbc8e6a98d7ad2003b2416782f87f6c2dd4062fe067e2d639bde2c4a3c1be7d098e083194b473ee537a8a556c3184ce7d1e016388c7ba93628dfbfbf58e490c084311cf60af61768be626d48afddfda9682846c330e28631b906fd495a0aafb406ac8860cda8ba1a804a33a9e42a393bcebcdf863d89f5eb5002cbe7b39b65a5c1b289b23858ebd600752a3ccbb341edf85639f754ce6b3b56d896e3babd3541b7ac0882a9c306881ef8f354738fcbe6395404980b4f7f699469540fac02f5fe163b1031687a6f0d926439f6f6c7052c381347b924b57407024ce605d30302610fb0f595f089013f57c9d095d7a277d893c75bb077624aa9233923187cad3ac31d95d0672854bb078e9915844debc8d47f2a6a73cf4ee7bebe0bc08d313366e9938de397e37e5e275862d1a5d5f8d19bbe8e0faa97bc1a185301e37ce06019e763e6bd03ee9d8b1ce28602bf4d83e983c3b727e2e673839bbc88f4d29a6a3e1f1703a3a409875ace6a0e8522e2245054edb195a2dd52110f20ba3982e859c2e885de6aa3f90ac77853aaf7c99fdf4f931226dd9b1b08aca41c98d118c4385fbf2c54415f7cfd65bec21dc898a15d18b53c130e4a7c863916b210fdd53bd706405fb5471a3cbbd64510ab036cafbbfd5b8a333d8fbd1607eb6743eeffde8135374b377f3e590f25c02f9c4d7b6a19fa715a07a900679381fa65e227e384aca39af59c8fd050a7820e3d4adfb76baea287dca642b4e76f0604987ad0e0754113bb386d68eb68d2d66cfb96cf6e8d451d44e548f3e8040eb12a1de1f6b29c812ee7de6548d2fdb8d3b9834e70bb4b83fb401d852a6f206949d3687b2c3a41ab87b54caa60b45cb974bfbfd3012359912d1b607a01a92336ebf6ac9758c23dc9f5e83570cae0e91b3749b7c511fd9b344093c89b17f71ea241f058136a4fae2f9fd3c42e1ce79133716b0689e081f5c1e2c7e772177141022f1ec5c06622a251121e61c473dcf237a1b960e6b9e1ff7513d4fd3f3b85a331a62748dc93b6071560bf0e13e575e8a9ec08609180bab2206e2e8d842fd40dc44a7c98c67f07399f5ab11e638a52c46d1ba0f358379b724f93dceefa349a20d010167791598cb960acb9c2edd7aa2e577c9868d271c6a77b6e4bce7f268da0ddd9d8b8e19ca37290a62df4dadde372054e08f3ee77ce54145ac2ae3a15c0354762f6f2a666ed68864619d6eeed53c4dc70d76d7d007926097f07dfb71d3003447732ca80603357bf7ac0a94312e528815e43587e3c2ebb0f64b377451b629d04348a4b9a42f25db41ba47a869e0694aabe23765ad2b7d298b3628aec10035b15ce2ef3fb5c7beb34e0facb8b1720f99cd09a2d4be34847f2a5ffcff766502e0446c1749a68a13ac15d98b368e234906baafad23fa6329556a872e5ebae017e954e08a032aa44f311df9a82cee3abd273830d99605e2165515597c52cad07d9fd84ceb0f02d72727990f39236147055f71520c27afe0947b7bc36ec007d95c03643e3dc57d14f47ddb2b9834ebe809cc59e0975055d06bc6c0100349ddb4576f300b3eb1bd1fb7af7ae505e3d0a6667b756a041d25ed19b0b0d23c018a2d5c2cbe009523d5d76bb39c5b77448a28602d9b073c99aefed7874045f089c2b16f4d9ac7c254f30d9b0eaf64318c018181b70bdb8d8bb568d7559f5392aa5f5bf6fdd7d269fa2951463594dff0deaa06dbccfd48e01f51fb60c184f4074cc353b57e4937d31860d21123cdbda709ad8506c654efd86859804d67b552633cb5f01d7d15b020e3c8f556235296da102d24034ef00559281b4a005d6d9c70d994025ae019249ce00830172776fb75b3808a03e7ab7e4b469d12de8854d8d32cebbb8a2fc1e5efc5531051fa776ca4ad276653ead3ea3755c12846fb60c3f3eb222cb45e64237cff50d96a6171e1f64bef0a0b39293f30b22b6444b0ed49d4b92d82b3677cecd329a5e183247c5d01097c3d12d3e6349dcc30305f1298494379bd54264dcb26955653d617d1ea2f83ae6809d1b42e2a06a9c1e84ed0aaca47e2e804d607d67af5f3fa8be14bc73cc2817f8ba9be0b5eaa3a01cbb1de3602db72a1ba4b134029f0f6128767686d9f88486b25ebdb528ecfb6eb4c93077ef53208cfc7554a0ef9998c877f5b9f21fcfacd2d1f4ab95f5d15de1f461ed1597b459b1052e55031df450eefca0d4e6d0a45325ba39c17f9cbf94b149caf418773eaec28936a4853b2b7f1d0b0cee451e01f615034b234cf7f19da388c75cc71a5cb5f8d3f4fa8db6dfd61fa005954f508e0e225ef43fc9f4db982e1772e7fbaee34c12c5c99d376143e4389529bedc0167d360032e224c98904830a4a5cfee7eb2d08d2c830870213fa0ad134be2a3e308e2f51b710802e5286eb26cf9cd7f1fd696152bf6911bf5cdbc3c97997c9c5a0ae28994e804b61ea882bd1143ca21df33e4caedba857cea08270116d7f4e39ad57559b11d7e62a8cb39fe4ea0eb7ae6e194b09ca6386a314d3b2c4864b326bb081338a517e61259c855ee56ec4faf2b4a74a19240d128bc9574f2f557bb3b15a59ffa1ec2fe2a911ee970a508b9232645708860111d55fdce46a2d25c06cff3e8d98612f59cf283c2b11722e188446b52cc5516da1d7f4f052d2cf8eafc8635bb5e883908e3fbe249608abfa6db6f175e284e470df6d112c2dc1b2f89e957b30a1c55b20443551c16adb6657daf0b6a33358f18a62a41aa95e67a36c34d46b9c88446f36b314713969cb2318302eee321bb04c161584a39b41d7c481211ec9f839586b6de89240f00ef7281e3a75139a69dbab4cb60d3845143e0d5448b8ff2f0caa79c1af9e9c5c6cb2b0607017877d2704a9c15fa30cbfd317760ccbf8d7320c7144db8e81a0a9ce95ab0366f60cb3936948505954dc2b808fdad6aa9c27b53616d5c2e218713603590ad123a1b69cdd0ba9fd0f600caa07f11e61b8e921cabcb23e61ec74641f93dfb6b03d3f6231374d5fc67968b8c1b8a280ddbd4a81417259e49c2701351ade6228ee600943a8e6d64b68f0b01ef33385c2a938cac136a83e287098d9291a67425e623a2619661cca58c578a7e809b33b8c354c2cd0d604838db3cf2223248386f41938b68a26ec1583aedf8e826eab63cb8c7d3537df14319f8002a4c26d1e235ee300ebfcfec955b4f5316ea68f439849c3fbfa8b80d06a1e9d717f863cd82e786a5320942c27df72ba48b1b296674df77e9abe48059c78cbca5", 0x1000}, {&(0x7f0000006140)="3aaf9d712e4cde640936f30bdfd4dee8c6d881f32dd2ca6baec3cb7c8abcb3f644751941778c88f6601e4f28e1aa0b8f3a614b67a2f6d5f0de2681d81d339ecc039fceb2d2967573b15b68c91e88f8937d2585601f298ffe364b19ece279ef54e10ae1155c8afff289b9b7df1beb2ca8c59fdb7949211639da898b26b4b99c20d8a3dd64e3b7b3f184f3e4f4a55e8a61d7494781ecf395496fe8df9a28490e4031b2559a4c992e20d9b65f13f9bc4228607531593d19c02301f7fa601ee9db31867475e29436eab1a63f8b27efd13d0f02ed12bfd888c1caeb41485f92a9320015aa9f024c4b29dced9c1e471318c28e4a47b9abd4ebecd1c60971625deb9fb2c519a66279d88f053b5e88ed14f0519476b6f8b0821aec62f98fecd29504e4ded8395a659a7e0c7008697796dc5d410539244b5dcd077e78c108ba6a22cb70d25b666753681b6da76129c397d24eff9bfd7b009b716009953bc6a921b23992947dd7d6bbcf80f4c935cad11f822f3ba85cdeb74bbe1f065354f615e500a3fe8cdd554deeb4658be30995285c1cb5833d9fe98af9f375d35ebda7d902bbec9f839ed3b54a55e316a8be45e44731b4d529cb5ac0316ef4ad454578ff22830c0def0f8204175ad2544f9065ad896b20d80e69e29f086e414a553589c794b48263e48328d33561391e239790cd9fea112ace34ce6ef4c41a588a2526785b3a364b0bc7b9894c363c8e5a921f445f5b4512896801d26d35cc5580495557891861162376aba529be42e9d8f854df40e8806cd8185cd5992443361976a9524eaed5c10f8721abf190d64940f6b8335ff53df4d7463bdd50ff4d9bc76fede568afb1a7394b9bec2ee84fc413cb2ed188f59021596dffcb038e9aeba28c00475cdb3525801e76202ed847166672a41ff7900c3339ee29bdefe58a56690a8a6d4590bb8287dd6e9c5c8f68e984b92671f88ab47f1da82433d573e4e24df3d731c6c12008b734ac701cbc6ee737fffd571b0eb0b4d28febfc4d39710b2ed91c8b62430840b0b1474783c02133ce481a7d6df33ee33b2dcba9bf29f6838e0b762bf5e9f8515b818a68ba8ef23a3240843971177c5eab80f813c766f75f8f518d7f6248367798fedde466a4207efbc0d47c465b55701910896a7db1800cd51a40b472e91b818283b85e21e54e1f24b695f1666770630b5640cd7fdd7ca8104a671b914b94efb9f0ec9d57288e52d726f8dbf95800461df0444b6e48d4b2bea3b800678cd96ff992c86465819a0af30b049623b91d3a5fa469d4ed3656bfd76f2d0e41c201de8ea0567d260a5232b792ce2240938f568002dd0a0dbc99fe244b624723321d49fdf47ee0035568ad1718c5f6b4f6fcc86595ebf82f3cc2c23b2e14e257be0d3d9228dddab0b3c45414c40179a718c746e09a3c403bf8937ff176221c395993c2820ee215fea33f9e41d3f0be5ca9bf221db641bbd7ae3c387faa40a7bd7e256c6e2e840f6d99ba47f0f5ff17eb832044e07b9de653a8ee75b485886931c8be39f441e3bfccb6d0a4a366e8e09f8313e9b551f1ad233b3ed8444b2ef12b9cb27b2bc4e08c03bb6bd73a2f8ec676d65d1d58bbc35ad3247e0f9c2d7d81f35a6f23bcc9956e0ab032adaa1382f8e9e7f9b18856686289a9b8b4819d5d5244f87b2cc280505b64c37f97b590a28d037eb6d825c97da67d73a61aa1a57836d1f23ac9a21bef0bf25d81acca521dea3cb35377b6fcbf826e9d400b3a175f21d2e91c7ce6dbb61ad076522934e04d0b7364f1462bbce6cdbf3b0a2d5f9f314709629a4e244f3698cfa4e2183917e71ba7edd9b06ba742b789e3858c921805b67f7db27656c9275d78459673387c025bb56d33f8fc592ad248dfa5e9200c80625af4c3d0f627c320a775dbbdbdce02f65c70acf966c0eaa3e8c23a5faf1a91dec997d56f6a40baab3b16767119c984a008a8fb5efc23d8a7f2fb1afb29c8aef10ead4df61c369f29fff3a37ad070aac4dd48cb89334634131f8bbd08c7ebc7f4e104687b3540b58a47d7c8dd6a168fc3bab55c8783024dcf38e16b8fe11dab33d8986e6fc91267d5cf0bc67e409a80728fd23858bae7675d54c70f3f4f8252847716224d097e60250409a834173ead83dbef247b2150afa3502735299862ee8fcd744280e6813a0cd8126dc1c02dc171db98b91a510159435568a206649b5f0a4dc536d7a4ea87450cf2919ca5570fb9ad7c46170c41c256993a07d2a24c5f591ac2aac520da33db860c33baad2285277a223aa36b3267fe193af4cc33e0ea3b4fef322e0749d5e94628617b329fd8ee8789b9f226acfb915a774ff61c5970411e2e15698c81334641ad420af028df99742ef12e72ba1df3d1ed6957ff58d9db8c9b82c0ca170500caf02f606eb0cb6778f5ee1dcd26edd9c685b00d289907ba606c31884c638f518aa4b8a6be6fe3220a36b6c62b8c6c3bf94e1a62acbe1b73cdfff5f5224f55720e8774ba52d27a3c6b70c8aaa372e1e9cebcbd29d27491f27c561ce7fc71ab1467d0beebb93beff20e844d684a6428b7807f2c0e673964936316625c36400d4ba1d6156c5981869cbea03cedd3646cf6e34dfdcbb40479e2a3c9f82df2c25c92ccec643bb2f058d3be0c09d58207a7f216903a9359df698e8a15705ef3a1cb37a3fc532ee31afb9229299f9dd549005fcdccb5f4933856576b3aff10bb4d0973d6f0eb87721eb426ae512612c2b7547b25e6976217708b3a8d37ffe85535dac468adab2625024e364b3995e980b5baedc3044fdf7a008e95fe4d64585e87d229ef3cf7c9d7ac3910635bca2dab240b824da5a0e16e6d60f2cf582dd2fdcbb66c2f9dc8ead35782f8bc9888293b566275fdcb8f3ca519c75c40d3ecfdeb59fd28c19799284061384ba8d8dd9fe94a41e4f5d360a009656fc78b7cf4167ab13af8c247fe6da8e7abf4659c6f1c439d9e6213b01564efac05fdb2e0ee466c348970008b811409628754d2c8451a7da266adba0215fd9da07f2648008cf057bc147f048352fbc01b5145274430c2604ce520a04602b7c9432448585f0044875d8f0d525e685a4ca3f103d3b1510c517ea3a3aeddc28dd4d278cfe9591747ecf693da8859a144849c98065cc8db6b1bbd34f4ff5d79de07103d9e257e679c32569f0016247f827f53ee161fb83f8a045a182ca03f32132347ee583f78c557aedf6a4d2f8fb0900a4e07d521c1869f8c1abe885998f4c843ad330f943f58534040572c652c2cfdec71813f512ef1b924d932c3ae72a5c1c1471c99b7d9612903799bcb88ae7a1f10ec877afe41431fa3e7ed3446ddaaaa2cc45b78f35b91926b9810ace9876a673669e8706d7a8b91b84d1e582cbdb454899a5403aaeeaf418c29b6ce7d78eecf398d938daa9569d6557f7394fe3192b93424aeb45c89a067036e9886f7b5b35b384fdfe2e9944dd3a8f353725b4f2a1d5ec58595cdccde44cfae106f901319747d2ca636dbf22e994e93e8aa6bc3ecfa24ee2b231bcd27ce0ce6f5d7f0538b5cf802a267c7c51b3de633b56ccdcb1912bad5aa5a501ec8fbd80eceee1c8cc6a532d76e9da9658a880f035b8f34c6f2c7019588950d21a9dcd467de273505bf19ca92e37f482928d908fb2e1a30b50ca6fe7a077f8cb6874f40f6022100a53c7c6efb587ff582060c4e0ffbe971288fe98c71df57d22b1441ea59531cd10fc87d01afbd18107c84cce8ce0d0d7878c31081fdc52843597877eab576e0efc6e6f4b5c2e6fcdc888d998bcd0daba2dd19f734a8541e0a9eace3888f7736dbfc9f3ba0df181451cca5e305a1d1ab370c1aa2073e4c91c3d7dab908316453fedd64347fe619575d12e75ce6365bcb72a510b715fc53ee3767e285566213ed2dbdbeac16753452674c8f881bf207961df30b54a01d4bfbc7c709a39b764008ca362565b6abd97e0ca22a1a797bb27cccdf199b78aaa757f6c1ad767ea2dee3e9d50b77649a9be45ee88cc59a085cdd84aee3c629083009fdb0c65a2fa7fc443fb0378bf9ec902638cc418ca95822a36133b95fc45d5497f8badab5ecb85c2b7821b99a379446001859caa05ba9e1adb4c5d70b2b34be525769cfc50c40fb723aa476b082023d175735129c501c7924529588a83cd25b9dd53db29113279996591dfc29e4bc22535f4ebe4fca76c3be1385a7cbfffc570c6fe25e117c154eba32a274500befaeba0c4f69930726899111b231edced4eac4450c5473869d04d84460754944a98afd84a03e3805c9f7121ec076f2d1c52a91dc08b393f7b379fe4bd14f43a47f00348f149bb197eee89c57f553842a3b40a74aebe6fac88aeb4290e65496c71ee0824a255afc0a664c49a6d5d02f6590beb7b185b799ab90e04d300f0bdbc9cc6ff7cf19eead8ee514c90f58c2f161a447e04500c8199b77473f2f27d9eb3732fafdfd8342e9b8474891f26be9bb30c0295322c2359f0839d016b273dea19d0fb3077b7f42d8c03b5a2c28464b742a8a82c9cdde855392533e7aca8f11f6a395515120dc4a00a00e100abfe907899ac313f57e748fa9a81e9294cddc03a97abd146889f4ae47e08922c633f6b3f64ed118f21485c653497d067957f7a7e7b0b4d1c74cd3a6e0409449a7b65d57aaf299c7959c3083c7c77cffd30fbefb17d2ead97b5d81ecb834c85fb00b65735682f111c40c6acea3e3fb42e679bb29d26b44939eba3147cd3023555de8a19d6a931b0d18ea2dabb05e1d547a066581e6a49ae32603410dd38cb226fe403b64abf914c736bfd8bc8923ceeddfff35bd799d3a225383701a42954df4131f49c25195de8af1beabfac18c962a3166fde24e55cba5873cae87cfa8641755c4953a08a9ce18b1b742da7280bd7f99dc5fd24561bbb1ba960f6a2eabb5f79fad83efd654f72d4a0bfb9136b9fc3a892b78833e1de1c42c4e4914eb5389cb475aa4e82ede390f6bd259b9bb87dbfc5c6aa9a736f88be86f2827211770c3a2590fdfa0e4b90c52a605fe64b908da2aa2c4b2873c6715ed27e45b7f4e3d8a3a1359b68afb132af7485dbb9368cd828392537fb67e4630ab1e1375fed5ca6c8c5499aaa9f8a65508d8ab0fa4ce6b34fc9abe5debe2131e1991b82865b07a5630733a7d5853acce2bbf2eb6d4058705b071cf8f7f092af949574b5a8953780c6b44d452bae8b4dde26c3e696ae3cc809084f973e08a707660d41619a70428d9e0d107362d48de1483570df447325f88b24864cf7103d519c5e7caa5f0685794868ff29f5033e9a89cf6bb5e2806a6f3f427c7876f26094ef52bcd4ee54a7e028d2cf41534b3ff4635e6ee83e81d2423a07dba3946853e91408beb14327af6e10824a3b61ed1c07b55b64ead7ab46baf3d6ce921d643790b5d738350fe04c818e4ea8ccb3b22ff7a0a6b9b7304286cd01f08ef5c5f04b82892803c0b0273f2ef49b689067505505f23c0a3dac94753d1e6e44c419259ad771d55ac51efe562b4dcb2f71508dd7cdbb3b5c13cf02c2c7a293f3136952b3d854a88411b6f09cde6b6bcd742e601fa3cbd55c119fe6d4fbaf3e400fd24252d477c9c9e86379a0622de782597de73a67d8f4b01c2ca05227c53e737891dd2e2c13a86981ac7d3e58687f283c97b6b179c5085c0862f1337447385c4b018ed6e0cfc1f67d6a0bd539b0613708ad905059340b4d6c70f71e1a934f42ad7638a7fa4ce7194765391823c786413f541f0545743f8cdc586b238757be48375fb7f8c7236ecc5b9dc2669624eebf0d8f72a3ba755686e1586b801", 0x1000}, {&(0x7f0000007140)="63100a5903c4a759b5b05e57b238177a", 0x10}, {&(0x7f0000007180)="3e3ec79364daf6c7894fee4cb460303c6e9139cf4be7c5f1390bf52af5c4ec254b65ff1e2253110bf7bf8d56a1647f516ff369029810418b2eb7678d82f6bb31a95534cda744d4833c8c5078093c8ec12d32a65ad1cbbfefc9d9db0f8d8ea9f5cb7b362027ab4355a2cf02bd9cd6117af192bf0f47736672445c52ef8e6490dcc9a10d81693d6d204ed996f7568203d2a56460f39bdf4adaa720a28947d77f99cdcb50793b89d1b96d3de32000875015497b666757ce7dcc374ac17a3b2b571f419e02fbdb65dca9b3193484dd3485f8170a193f0d9ebd2ede47be046d84d4a8e4282868f14aeebf82195d8915735fff007931d223b7536005ba8e2e972597c30a9f38aa95dd9ecd837b52b5d2b3f35dc9d07e527f790c71bd6b5713f06a7e01fdeae7ef1df861795ce8496213169a309f56c273a1725215d310a477e36da0a151e9fed59e0b156af7fed76f7cdf55c0e9d1e7b50ab34647752cd5070110b294128d5566fdab9407439ac0bf5cce2003a242998bcd789b28b757acb5b4b2deeef7cc4675d08464939fbe859221c4fabb1a4feb96c284ac77ed348f52cf986905cde122b6b5b5deb7296213868a45fca5c61547ed17c2c06cc0901c5c469865c4bbc70bb169199883efb39ea9b2c448290203d88994f62db08e39a02608a6aff00fb35a9eff94cdd16523bb43c91d9cc117f12548d0c7ebab131e2071f9a04c640493bae5a8ebc6c541aeee82586e892143ae6daa3f0c302f4fbff3b7c9c7f5e3b1201377204400bfa933e63c966565fe8e6f20d3b5d7d488e3bf373552ec0ec56c46ac2be2b7f90a16d5b3b4dbf378f9a51690578a4e6a6c1c2f15511c546a93feb1644c90007ad09764788967314c20254b5ca04ec39dce1338c5b68348f46c69a261bbdede8493e845ae4d1a33044de160cfde85120f924a064c0888dcf6a3104f1c92da9708e9033ead988e5e5a9637733cf38175a5a7910571a115343ac721fc356e995a17633cc34db832571256567ad65325d08cdddf42a32c0d42a112ca108442c601167b892431f7a90b79555570a7f57e496f74f208ac031b49b66a8d676a60d1a28159e9f73e20f84ab596e06bfb11b325b7fd10032929adb08dcabf46a948101cb5e4498344d1eb4ebf0cedcb5f2115de72de06673854c06a0e4a26b7d8111da39657a140484da8b1eb0e3e9d18cfe23517fec4a5044ada72b78299ddc12634291beee76ee5e7040fb134637d04e3c69c72383bee7769f3e6334a0b0c3b7a99b03cfab75c9ad9cd1e7994c32b15032e30f357a48dbd91babad55537df366dea9b7c07912176c9e7de9ce074f804274521df7e15d846aea940f26c238dda399f167de84151c4cd6f3637dd0aba8703e73483cfbae878026a114509239cefa7d789632b9c65d4c4f108fdbb61b5a647c6737804b0197701901211463777275dab5d0199d6058e374818ee7d7fd4548122910f41e9055384b85d0e705eeb1d642b4ca8a7b1aeacdbeef6da90ce98cf3d3f3dcd431ee9aa4c789b3ecfc0486a5fb5e2afd802c2ab02715d2c253b4bffa8d9094faa75c1b242edf516f0a1f882c0bba9fb59acb2285db86394fa300788013265586baedb26afaefaf3635477f42428c65c1b6b222a0ece59e4c2b92bdff0516d3820b9ef91edc5dbe3e5da7057f7ba283b0a2d5741988433b47a6bc837c1bb55089837a673931d52729b91d9449528c0f176e28e62aee0f56118b77f2e28fd3ce590200708481664a3a07f6c7666e16bc76c14693592366e5e276af37b75bae61cae32e86d5ca1e8ab0d0a7e4881dece5c7c425eb2055feaa948ba736ba9d25004929e47a7a46b83e00f79b443eedc39f54b0537be86dbcbb464ea353e4234b72a87e954dbba1d8f09a4a053da963f55b956684fe15358f1f19440673de8a82556a1e0afc5c74b28c7b98da5acd04b5a6239a1b3e2aa8ca38bf65b9d0a36e673a70b5dd5dcd60d462e5341da50981de749a2eff2ac12fd6e06e12eb49809029ba56383a376ea79dda30b79923cfd94e8c4da61013c399eb0e92282f3403a2dd226ffb032a11b0b3cb54d582cef6bead743ef071c8e78a2cf86d61895bc0a329af82d6459f75694133f6c25f3fac7d83a369decbbe0d5678ff866cc946fa497d5c36cf9d1faf04d0bc49607a061651036eeadd0a8b2553b3dc81f050fa58da2bd4c7155890d5b465257ccd695ad0bbf4f3846e4631516dba260ebc901b82a225f08b0337d3a289821d5d801dadc16cc98e2c6ecbe19cdc21b4a6b5a479aa10ab8596a6fdf5071666938280c67c4e946aabe2da76fe60de039a5468ee227cf625a9c4c3ff5389b079a13eae2780135838e1a58b909b1cacde8d6fcec10188fd5ea2b678c9a3f25ad3c3dc62998134eebb274a7252fa5e847a603df57793b1607e4923a9c13442a2eb5a08b1b05b4fbe3282bd3b2d98f597f9f36e655e02d21d04343f2cb2dcb3d729632db4d0db9e5d18eb6634f8f68c6b079d6f99705e44b34115aef8c7da8a6b04a74d3d7238c2accd2e0f0c33b6a7f230185305e3e611dba18cf2554433bcfa7add959f84aa4cd4e94332f00b737ed50a86b0e4c04beaa47a5df594decab2b7b7e43df573f689996eacc1d1969107097f74940cb7c4f97fde94614af5a1bbab56e2855e9a2c8787066359cc821e5b05b0fb2f39b771097394a3c5c754e145191c0491ffbd1d0030858a5a183fd7c1466bcfffe1f21bb36ecad1504ad95c4cf5ad68c764fc7a758e48e4193b76dee97169ed07e2e6781bc7342535456eaf7f1100f5f9085044a8671691d33ee7ebdd0cdbaacfc28263c9a6e8a3488a98faf9da0adf378c0a5784b091ae533e5783fc9ab7878608fe516bc8076f13907c679e1a353844f8bd4037833f9ebbbf1c9b747569a6df6c6175dbafcf3d29023655775bbd84fdd5d4daa4cf5fe08d741e2bbde9e2d83f2efb554d66846c29889f70ecb019014900246cb97e47e42cb152ec212ba73e50f74c7e4ff6e5a56c5ee14595d7c5c8d50e02ce25fcdeb9616bd61af56f87d8e2e648f306b36bdd88a25d57c2b03b2dc88894883d0e6729121bf8a65eff4f1ac1321b3fcf3631108d91fbd2614353c9400d8fc3787cecf7402c3c76287eaa542e7bee969b1113df9b17208de54014fc6dce5f250c7663270fbc43df8d72bb655ee73add3ace00db65c282619c56be1a48e752a5bbf2888e3ed925a5a7d8576a9df89d9344d36358271cd249ded06e93fa2f8a334026ef51e1769adaec187a733dcc9c7eb0a5cc53387ce36f4e6fcf72689fc7a1241e328c78569b2bed614f2bfa5bd8b6f7b8f38f1d3040d202e75d108d0ffa99b25651eaa1227f1bdbe45d78aac96e692ffa83e6ecf49bed4735d2f46bc3301f1b0d14e4b1a0058937d5f028cec8f42499d789d10ea59f9315603d1d78778095d7e006aedd8425cc3cdd36fc1288d47f2ca75c6cbdf0e6bb6e06d37d10353894c93dd302f2242302ebd0b7f7c5f7d2793347014e3245cde8117f513fa2b8a8662d91846dac1d357b93a63b3436254f58a8a11a38fe549d88e899774d650c043b0db0486af3959a43b80816adfc3af3060486d3e8d9183572ab45412edf9a7303218dc77c839debbbcb48cd7676d097960a845c24a7401609ebfd1e737b8e0134d5c747af922068c06c2a0a8f44eaf381480cc17b1701419505e83076a804a36d67996746bd64c44d7cba7ed3198b616651c9c5758b1d8a1d36112c9271681995ec5f994f9609901052b0ecb250dd391bbeea4a4df6e7f58cd4e56afdfe9393a8e3e9b807452cd15d8d08386c4c73dcde0c6c4c20376d05028c55ee800c36f58dfd649b891e10dd07e7054524745ca3788bbed34f61d369c8daa1a99cf5d8c6087611f072ba1860c347a9483415fbbbaf29997f1d0ff975083bdec3f3cccabd7c670fca3c44f6fafc7837a4488f704bc3614ed0d5fcff77fb970bd166bb8c0e7b82f17e1415059e5de145996f9abe310e24356d5293b41bd10be0453b44d605a40c7dab5bd0eb1fa37c97626d5aa65b3c02e6a2ad62248205171a3453769780af83d09af0544cb6e97d5d52ce6f3597e830dae18e639fbea32deb5e68f2a3cea19d411ba6ec25e87635a0845a6f0dd6ca3bb8b2c1cc8968de7022334542187e5d29e176b2949203e2ee24115549d75a9b61d778d547960ed434da18c57c470d8f245e46ed42a688d0e6d9de99496a901588715b788db9fe244dca09a0e7a46bce85a0a384ef776ca19edaca6855f9fd6fd00fe30f2849bb762384c6c0bba691939f30484ca125c5b1e562cae68c9149da23c36c882d2ba258f34ba4b47db80505014451c30a1ff263dc4ef3a75e9df531b2844fb069d2edafcd42754c2843245eafb893197fc92fbf7747247b50942eae4526a699a07e74083cf3e4c7796ee168fc4b4196430c783a1d3dc8309e799d953657b9641889bf623ebe8c2258e248c9760857652c5f5b79ebeb51d5499a49d935f965b2e6f22fc46344240fe87032bc91736854e22549d5088ab1782035a9c669eb5c9dc3d63709db1e9ab959fd34b224c92e363a1be38b9ea3bd2250ddbd6f48f9c3d20adcc3bef2037c4ff152f08c7511c0e1821dca40d52a7c5a7e10b02ab8dfee9a6cd4f4419709d8c90bf9a2e1499817282c09a7388e6bf1033488749dffeb507fa9a6385207c3f2c72d822f374ecf4c8a990a33996e38702911213090c3d483b3a673e8dd1575dbf97024967b43b306f9c8caa6355915869b37d3e25df81ec5a312f4d16b8e4b3ae1460e1095be1f62fb90ab6aec3fe13c6437b52252b7dd213e95cb080f45ee9473bc9ce51086a47bce79a6d7a0a7c81e26e099e07cfee35aeb193820575a2116a6ab5f4e5646d14536ae0695ac6bd5b18eb643ac35933420ca79743a60ff3cde280fb0e52d96f4eba0da8acfa4672ded09fef1d5759d064791c5e8bf0166fd1cbfd61f8f4aa06490bff7f342f96f766deb5dd82d3c4537e39d7aeafc3a73086fbe72fc7dea0c2f82732c70b7d265a85f22a0568504c8c26d6ece2addec1297316d5a4207a8fc46d8a31632871f2bd66d3c21cda7a7b8aa37da34872e715367e957cd8cffc6316769632b131577a7dfee31f37d84667b36b22f437440c9ba1fe63241d977818e306b66d8d8a6b6de4921c7828fe844592a97802733046e37e4a5ba2c4cca339709a02b5e882ee45e4985f301b1de97a4d654d5a16756a4e32d14366a04e8802591fcdab448f7979e7eac773ada0d937cfd7af5a5121ed2a0409d2aed97bca880d4da63d6e1be47aeb77d6c919d561b755069042a99ecfe52e35045ec47bb5b7de47b73e111629aecb8c2565a1fe8b544161787a227c7b64d8386565b9084bebfad8cd5c2b4cff4b524809ff41cc2d7d568bd5659638a92e0f061b91fe518a9cdf6f8977aa1b67c8fdfc9824b07a15092c018d37fd9e17922a8265e9f224a1cb9799bc9e80ed8039bcfc267788da7a8962ff1c6481f54ac7170a8ea2ba65ecdfe926eee28eabccf35bb231abac677676ceea0151d012abe8ac1005f59a1b73703a5a5209a5adc7296a80db6eb5cdd8e081acd569f3755346a3a430617982d124abbc01d90479cafba69c84c1a5c52e0aefb350fcf85a475d2d96fe2754b6fbba2efe90ba10ffe4eb3eca4d4e01ffa7475b213602edef10426333b29f986bdecbff12ee2ab023a94c6710a30dfccb4ba3ed8df94bc0168cccc036f7db598663f96994cc58e47c4238bff123caa07d617e2d077f659fd15bf31935c8050d", 0x1000}, {&(0x7f0000008180)="cb11997d11907e1b0cdfa50aae56aa5b01588be8039b31d69ac8fafa1da4251b5337010c6c2d340ff90838436cc5e9f449d1706b4e4494b1c0b8e4563e677b3c828a32e470fe1ca54d0a35940a0ab17805bf12d1906c6df6667187d5cc27f63ae3591c64794105694e7fd321cf1496fd14b7fe9a7c8cc3fea800fcb43db231ef5718de869b4bf0d14486c46739c0ea8590cdb0391d11156bf90ac1a259", 0x9d}, {&(0x7f0000008240)="10a620de8763c72bf04a0e2626d8fb8d63", 0x11}], 0x8, &(0x7f000000b180)=[@cred={{0x1c, 0x1, 0x2, {0x0, r8, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, r12}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r14}}}], 0x60, 0x804}}], 0x5, 0x840) 00:07:21 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 21) [ 167.181858][T15688] loop5: detected capacity change from 0 to 264192 [ 167.200593][T15688] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 167.224946][T15698] FAULT_INJECTION: forcing a failure. 00:07:21 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000a000) [ 167.224946][T15698] name failslab, interval 1, probability 0, space 0, times 0 [ 167.237640][T15698] CPU: 0 PID: 15698 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 167.246395][T15698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 167.256544][T15698] Call Trace: [ 167.259830][T15698] dump_stack_lvl+0xd6/0x122 [ 167.264427][T15698] dump_stack+0x11/0x1b [ 167.268578][T15698] should_fail+0x23c/0x250 [ 167.272991][T15698] __should_failslab+0x81/0x90 [ 167.277815][T15698] should_failslab+0x5/0x20 [ 167.282424][T15698] kmem_cache_alloc_node+0x61/0x2c0 [ 167.287704][T15698] ? alloc_unbound_pwq+0x3e6/0x780 [ 167.292830][T15698] alloc_unbound_pwq+0x3e6/0x780 [ 167.297811][T15698] apply_wqattrs_prepare+0x1ed/0x630 [ 167.303095][T15698] ? vsnprintf+0xe8f/0xed0 [ 167.307509][T15698] apply_workqueue_attrs+0x9e/0x100 [ 167.312804][T15698] alloc_workqueue+0x777/0xad0 [ 167.317649][T15698] ? disk_unblock_events+0x35/0x40 [ 167.322911][T15698] ? bd_prepare_to_claim+0x1e6/0x270 [ 167.328268][T15698] ? loop_attr_do_show_dio+0x70/0x70 [ 167.333546][T15698] ? loop_set_status_from_info+0x35e/0x3a0 [ 167.339342][T15698] loop_configure+0x681/0xeb0 [ 167.344044][T15698] lo_ioctl+0x618/0x13e0 [ 167.348376][T15698] ? path_openat+0x18d4/0x1ec0 [ 167.353143][T15698] ? blkdev_common_ioctl+0x438/0x1110 [ 167.358497][T15698] ? selinux_file_ioctl+0x981/0xa10 [ 167.363680][T15698] ? lo_release+0x120/0x120 [ 167.368285][T15698] blkdev_ioctl+0x1d0/0x3f0 [ 167.372781][T15698] block_ioctl+0x6e/0x80 [ 167.377102][T15698] ? blkdev_iopoll+0x80/0x80 [ 167.381735][T15698] __se_sys_ioctl+0xcb/0x140 [ 167.386408][T15698] __x64_sys_ioctl+0x3f/0x50 [ 167.391037][T15698] do_syscall_64+0x44/0xa0 [ 167.395441][T15698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 167.401322][T15698] RIP: 0033:0x7fe6b5d0c697 [ 167.405722][T15698] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2500000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 167.425325][T15698] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 167.433741][T15698] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 167.441695][T15698] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 167.449658][T15698] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 167.457717][T15698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 167.465667][T15698] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2a9c2bea00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2d03000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 167.531342][T15688] loop5: detected capacity change from 0 to 264192 [ 167.559828][T15688] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2e03000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc010025, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2f03000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:21 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0xee00, 0x0, r4) r5 = getpid() sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@cred={{0x1c, 0x1, 0x2, {r5, r3, r4}}}], 0x20}, 0x0) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xe6d, 0x6, &(0x7f0000000780)=[{&(0x7f00000000c0)="c167fd2524a76d7a54bb732c35db69f4eafc306ceca4e825228063a3f02719c0bb0f4321ffabf23a23d08668bf7c8d346381e876926012199304537b33f098c058e547f04a390a696e1b01bd8b92cf96e5a88e752c6ef741118290f2921a51599e5c789967cf916f798a6873f422a919ecad38cc44c064e348dcd95966efcab6388a9aa253df87861d2628abf4e4d1624855ba88d0", 0x95, 0x4}, {&(0x7f0000000300)="130384271b77c77f3e1c13f3c6c15a86d73c3e68f526cd92ab6cb79cd349722aa6dbc9feb02dbb5d80ab99df521469eaf37ae2c7daea1fc5526384f820bb5497d90918502c904fa140d907174101290695c58e618728b023e91b00ddc13093f0691028f16be509154539fce2883486349a2b8ecb466522219647ad4837d146d031603f500428e73b5301459ce61868f9928f1d5f297e4fe0721d9e2cc8dbb6e22b7012738f8c9a635c17788c0274ae55167cd2054c1e91a21966a0326770424293897cb260919bf8964c8c894b8bde", 0xcf, 0x4}, {&(0x7f0000000400)="aa888b41245b7c26296e449641fb6933aa2c14d07c248625dc67a3675c43185609fdb7071168d208d3d852a4c97518841c846994e13a0ace825109ebc293346e024411d14f9f3544b7d427f8201b0ca2431c30e672a1b33b71d187bd0c978045a89ec034342c4ad26ab1103ec0070dfb62f2b9d67af69e41543b3530478689211ddf6c5db19a36b2354d822a03d94bfa7eec90f7dbd347095e2356fde3d9836f76364af47f70969793e6b49fb02b622bf9ec7e75763ef5ddecbbf06c15cee17f302f541a53bf7851523b40e73c545287169d1c55e69b5cdf703ef07de69818a73342084a1989dc04", 0xe8, 0x3}, {&(0x7f0000000500)="4a44b54986e1f4edda9c781dfd7d66ae90fe889c7f71ae0aae2fcedb325fdeaa2009a9347d7b482c038ee9ebd1caa47d52aa3d8d27ea1028d9a10f583b27b5295f475437c1708084d4c55f6a223baf1ea7f948f260d6f3bc9bc1146b5b4461efac076a13a340c92a9db8acf6d0", 0x6d}, {&(0x7f0000000580)="95c9ba7e8d94d8c1527445211ae8fb7e47bb5153737d5f95e1a1085dc88332f727e03a5e1711683fb95863fe50a15bfc8051775c91390c89c192f9ff198c2a584894af1dba3305fe1ffc93063fccf6e2e3d3d185ff81876097678a1581f04b4f036e97fa4a74c5c509bd425e302170085c3194c1a157e700ce49c47c03ab00b81c32a8cbf0cfda4f186e527e22bc797b052da1be6338e868f17058f9906bdafcf7cf18c534abcdd95d4d828e96cb518ae11c58c673a7c15df992885dfa007cc7d2a94423e3e6ba5afd455a3018b5065405b3ed84d62fb78c2a4174d4", 0xdc, 0xfffffffffffffffa}, {&(0x7f0000000680)="c71659e8e7d49b41b99f90947eea217e9b4fd9b28df7214a9a3592ac38ffbdef530cfc4338cc7b407472835859b94fe05af5383f1d958c9c2a189f028fb08e5a274bd0045f56ba8c794cecc7d961ea08e0681a54024d8cd10195b32d4c1f86bc14656005a9dd9f9b4336bd11caea48ea8e8cbbc20bb77cd9aede8d2b16101da3efb091c5209f74867774aa22caf90dd94f85a9f60d8f47637c108dceb9f66746f6efda1204a895befbef3cf793f079b12a1426d732f1f2c1f459076dfa76c3395249ed88181cd383f37cea507336c5f6b2ef9b3aee2b2f02bfc51f6cdda194a919aee7a89a4ee40f73981cd1ae6d0623", 0xf0, 0x6}], 0x3000000, &(0x7f0000000840)={[{@gid={'gid', 0x3d, r4}}, {@mode={'mode', 0x3d, 0x80}}, {@gid={'gid', 0x3d, 0xee01}}, {@size={'size', 0x3d, [0x33, 0x34, 0x6b, 0x25, 0x32, 0x6d, 0x31, 0x31, 0x39, 0x67]}}, {@huge_always}, {@mpol={'mpol', 0x3d, {'default', '', @void}}}, {@huge_never}, {@gid={'gid', 0x3d, 0xffffffffffffffff}}], [{@obj_type}, {@subj_type={'subj_type', 0x3d, '}'}}, {@fowner_lt={'fowner<', 0xee00}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}]}) mlockall(0x5) 00:07:21 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x200000000000, 0x200802) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x82541, 0x0) r2 = openat$incfs(r1, &(0x7f0000000040)='.pending_reads\x00', 0x10000, 0x12d) sendfile(r0, r2, 0x0, 0x80000001) 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3003000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc0100a5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 167.670670][T15744] loop5: detected capacity change from 0 to 264192 [ 167.690538][T15744] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 167.814174][T15768] loop5: detected capacity change from 0 to 264192 [ 167.831782][T15768] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:21 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 22) 00:07:21 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3103000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:21 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file1\x00', 0x2, 0x2) open(0x0, 0x2000, 0x2) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 00:07:21 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc010124, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:21 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000b000) [ 168.002670][T15784] loop5: detected capacity change from 0 to 264192 [ 168.007600][T15785] FAULT_INJECTION: forcing a failure. [ 168.007600][T15785] name failslab, interval 1, probability 0, space 0, times 0 [ 168.021775][T15785] CPU: 0 PID: 15785 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 168.030527][T15785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.040567][T15785] Call Trace: [ 168.043834][T15785] dump_stack_lvl+0xd6/0x122 [ 168.048475][T15785] dump_stack+0x11/0x1b [ 168.052681][T15785] should_fail+0x23c/0x250 [ 168.057079][T15785] __should_failslab+0x81/0x90 [ 168.061832][T15785] ? kobject_uevent_env+0x1a7/0xc40 [ 168.067044][T15785] should_failslab+0x5/0x20 [ 168.071533][T15785] kmem_cache_alloc_trace+0x52/0x320 [ 168.076798][T15785] ? pwq_adjust_max_active+0x491/0x4b0 [ 168.082261][T15785] ? dev_uevent_filter+0x70/0x70 [ 168.087212][T15785] kobject_uevent_env+0x1a7/0xc40 [ 168.092235][T15785] ? __list_add_valid+0x28/0x90 [ 168.097157][T15785] ? alloc_workqueue+0xa18/0xad0 [ 168.102084][T15785] disk_force_media_change+0xe3/0x170 [ 168.107470][T15785] loop_configure+0x6c0/0xeb0 [ 168.112314][T15785] lo_ioctl+0x618/0x13e0 [ 168.116592][T15785] ? path_openat+0x18d4/0x1ec0 [ 168.121347][T15785] ? blkdev_common_ioctl+0x438/0x1110 [ 168.126792][T15785] ? selinux_file_ioctl+0x981/0xa10 [ 168.131990][T15785] ? lo_release+0x120/0x120 [ 168.136476][T15785] blkdev_ioctl+0x1d0/0x3f0 [ 168.141040][T15785] block_ioctl+0x6e/0x80 [ 168.145267][T15785] ? blkdev_iopoll+0x80/0x80 [ 168.149836][T15785] __se_sys_ioctl+0xcb/0x140 [ 168.154414][T15785] __x64_sys_ioctl+0x3f/0x50 [ 168.158988][T15785] do_syscall_64+0x44/0xa0 [ 168.163389][T15785] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 168.169268][T15785] RIP: 0033:0x7fe6b5d0c697 [ 168.173666][T15785] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 168.193513][T15785] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 168.201963][T15785] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 168.209914][T15785] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 168.217879][T15785] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 168.225830][T15785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 168.233789][T15785] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3203000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 168.253989][T15785] loop3: detected capacity change from 0 to 264192 [ 168.280559][T15785] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3303000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc013cbf, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 168.304630][T15784] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 168.409608][T15817] loop5: detected capacity change from 0 to 264192 [ 168.429182][T15817] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:22 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xfffffffffffffffc}) mlockall(0x5) mlockall(0x6) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r3, 0x0, r5, 0x0, 0x19408, 0x0) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x4e21, @private=0xa010101}, 0x10) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000300)=""/234, 0xea}, {&(0x7f0000000400)=""/156, 0x9c}, {&(0x7f00000004c0)=""/168, 0xa8}], 0x3) close(r2) splice(r1, 0x0, r2, 0x0, 0x19408, 0x0) sendfile(r0, r2, 0x0, 0x60) mlockall(0x5) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x4001, 0x0) ioctl$FS_IOC_GETVERSION(r4, 0x80087601, &(0x7f0000000180)) 00:07:22 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 23) 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x3f00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:22 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000c000) 00:07:22 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r2 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000240)={{'\x00', 0x1}, {0x2}, 0x60, 0x0, 0x0, &(0x7f0000000080)='./bus\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)="28fc86a3bb5418400e099d181fb458bcb85c318aded8f750df931cee6cce51323500ef6d896bc582590e4bc4d2c4253f181fe8c93edc1434fa844c9312091695479f4325eed07ad25f9aa9ec77c6cdf30f0f884cb09f4d820eaebfca1a89ec3fbb9c791b7475d68ef6c6da8cad2f1c05756bf4dfbebac46c156797a38158b102da4f1b0f601d0350e312f9e4aaca1e41edb3666f64f2008aba693489916cbfcf3f41a7d35284940b230e1f64530cc81d", 0xb0, 0x0, &(0x7f0000000400)={0x2, 0xd5, {0x0, 0xc, 0x75, "94b7f77c88569354158ea3c2e3e707b4a9ae168bb9368260d9fc88d6fb9317ef5c7391b40e28ab5c4dc45010a40d37f67396e453d64471fa1e6d4200104a826d3599a330f56db1de1c0b91f3d06c0224d00568b2ff5bcab2db52a91f06b31bf342bd4f917bef6c950f4efe5f9400774a193bbbb24a", 0x53, "db1de92353bb93f955b875f9ce163e98d0a2a81b0cd61a23bc9706f60608f3952e8ca2f8e8622c4e2501672deb9c3b708f6763a31dea13152316c78847c2ae2e46c4f51fa320848f4d17b1a1ce19f47fcf479d"}, 0xce, "ce19f5a5cf567229d869ea71ae3d0ee2069a8eae427ec605344b292e65a26d9d1dc84624f093fe10c243d5287aee2618bfc78fed25cd83d91cc02595857256b821da74a4807bcbeebd52cabb1306d8e92f6af135087f115ef0bc06e9e4cdab74327ae6ce8e1b3ef21d43c550424ef3c235d16a8dc82ed9c9c32b63a40265b606659ce35936fdfcb75cc984b13113165c4829f790b1497f752094fd7990dd946bf1a873d8d231bb8c22d3cd6ca5d08799be5ae28825c4347c6f7366172db058353976ca8857be41daf412b8e8b20e"}, 0x1af}) open_by_handle_at(r2, &(0x7f0000000040)=@FILEID_NILFS_WITHOUT_PARENT={0x20, 0x61, {0x7, 0x7fffffff, 0x5, 0x8000, 0x3}}, 0x280) sendfile(r0, r3, 0x0, 0x80000001) fcntl$setlease(r3, 0x400, 0x2) openat$vcs(0xffffffffffffff9c, &(0x7f0000000740), 0x40000, 0x0) r4 = fcntl$dupfd(r1, 0x0, r3) pwritev2(r4, &(0x7f0000000700)=[{&(0x7f0000000780)="450b5193", 0x4}, {&(0x7f00000005c0)="952efbc30b6602aae476b391ff617bc4e58c2d8b4a11a626fc65a1de19bfe86686250dab2d29a054a3063ce17f80b84e8033d0d614600ddd27b27cfb191d3e752bba4ebc15c9339f52c82a4c3014e31667428d359d1de3eba810874cdc2b0af1673677dc9ee1bae8136f6f1604cd956221e84a4c6e42191b78f509badb48d797331bd9247b7089f84fc8838903949084f5c714ba6676b0d64d3e1ccff48176e447a4c07a1278102d79840ef01e9a40d4d6f9444fdda13ec7d438aba2f5d67519b390fe08b17e83b79db58ea3a78b4434b06aff426479f3cd9d697f351f92f3dc1b37d7d8ab32a019bd05643585e6204f26c5f5b28cd9a3", 0xf7}, {&(0x7f0000000300)="63e6c9b4ce301a31f5e12ba7f650551f09170ac0e06d85846fb0687fbce40022fbef3647a6f0d4f3430253e923106d2bd16d264b351ed69500a82f50c0ab874c839c803578e6a27c46232a2e", 0x4c}, {&(0x7f00000006c0)="a1be5c2f0d076c304a9f18a11f26e10287a0f413a33aafbc6804735c403067c530975aab", 0x24}], 0x4, 0xbe, 0x5, 0x1e) 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x4000000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 168.576934][T15835] FAULT_INJECTION: forcing a failure. [ 168.576934][T15835] name failslab, interval 1, probability 0, space 0, times 0 [ 168.589835][T15835] CPU: 1 PID: 15835 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 168.598637][T15835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.608686][T15835] Call Trace: [ 168.611957][T15835] dump_stack_lvl+0xd6/0x122 [ 168.616612][T15835] dump_stack+0x11/0x1b [ 168.620756][T15835] should_fail+0x23c/0x250 [ 168.625166][T15835] ? kzalloc+0x1d/0x30 [ 168.629222][T15835] __should_failslab+0x81/0x90 [ 168.633992][T15835] should_failslab+0x5/0x20 [ 168.638479][T15835] __kmalloc+0x6f/0x350 [ 168.642641][T15835] kzalloc+0x1d/0x30 [ 168.646517][T15835] kobject_get_path+0x7c/0x110 [ 168.651267][T15835] kobject_uevent_env+0x1be/0xc40 [ 168.656277][T15835] ? __list_add_valid+0x28/0x90 [ 168.661135][T15835] ? alloc_workqueue+0xa18/0xad0 [ 168.666069][T15835] disk_force_media_change+0xe3/0x170 [ 168.671428][T15835] loop_configure+0x6c0/0xeb0 [ 168.676152][T15835] lo_ioctl+0x618/0x13e0 [ 168.680375][T15835] ? path_openat+0x18d4/0x1ec0 [ 168.685131][T15835] ? blkdev_common_ioctl+0x438/0x1110 [ 168.690566][T15835] ? selinux_file_ioctl+0x981/0xa10 [ 168.695748][T15835] ? lo_release+0x120/0x120 [ 168.700261][T15835] blkdev_ioctl+0x1d0/0x3f0 [ 168.704744][T15835] block_ioctl+0x6e/0x80 [ 168.708970][T15835] ? blkdev_iopoll+0x80/0x80 [ 168.713538][T15835] __se_sys_ioctl+0xcb/0x140 [ 168.718112][T15835] __x64_sys_ioctl+0x3f/0x50 [ 168.722682][T15835] do_syscall_64+0x44/0xa0 [ 168.727084][T15835] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 168.732965][T15835] RIP: 0033:0x7fe6b5d0c697 [ 168.737358][T15835] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 168.756944][T15835] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 168.765338][T15835] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 168.773327][T15835] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 168.781339][T15835] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 168.789290][T15835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 168.797242][T15835] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x8cffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x97ffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 168.822372][T15817] loop5: detected capacity change from 0 to 264192 [ 168.828001][T15835] loop3: detected capacity change from 0 to 264192 [ 168.840845][T15835] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 168.852765][T15817] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:22 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 24) 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcc00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:22 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcd00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 168.972113][T15880] loop5: detected capacity change from 0 to 264192 [ 168.999402][T15880] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 169.009172][T15880] EXT4-fs (loop5): group descriptors corrupted! [ 169.011651][T15893] FAULT_INJECTION: forcing a failure. [ 169.011651][T15893] name failslab, interval 1, probability 0, space 0, times 0 [ 169.028057][T15893] CPU: 1 PID: 15893 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 169.036810][T15893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.046928][T15893] Call Trace: [ 169.050188][T15893] dump_stack_lvl+0xd6/0x122 [ 169.054767][T15893] dump_stack+0x11/0x1b [ 169.058957][T15893] should_fail+0x23c/0x250 [ 169.063432][T15893] __should_failslab+0x81/0x90 [ 169.068190][T15893] should_failslab+0x5/0x20 [ 169.072684][T15893] kmem_cache_alloc_node+0x61/0x2c0 [ 169.077872][T15893] ? __alloc_skb+0xed/0x420 [ 169.082390][T15893] __alloc_skb+0xed/0x420 [ 169.086704][T15893] alloc_uevent_skb+0x5b/0x120 [ 169.091646][T15893] kobject_uevent_env+0x863/0xc40 [ 169.096659][T15893] disk_force_media_change+0xe3/0x170 [ 169.102101][T15893] loop_configure+0x6c0/0xeb0 [ 169.106781][T15893] lo_ioctl+0x618/0x13e0 [ 169.111006][T15893] ? path_openat+0x18d4/0x1ec0 [ 169.115764][T15893] ? blkdev_common_ioctl+0x438/0x1110 [ 169.121116][T15893] ? selinux_file_ioctl+0x981/0xa10 [ 169.126536][T15893] ? lo_release+0x120/0x120 [ 169.131096][T15893] blkdev_ioctl+0x1d0/0x3f0 [ 169.135580][T15893] block_ioctl+0x6e/0x80 [ 169.139802][T15893] ? blkdev_iopoll+0x80/0x80 [ 169.144373][T15893] __se_sys_ioctl+0xcb/0x140 [ 169.149026][T15893] __x64_sys_ioctl+0x3f/0x50 [ 169.153671][T15893] do_syscall_64+0x44/0xa0 [ 169.158072][T15893] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 169.163957][T15893] RIP: 0033:0x7fe6b5d0c697 [ 169.168351][T15893] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 169.187939][T15893] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 169.196525][T15893] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 169.204478][T15893] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 169.212428][T15893] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 169.220542][T15893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 169.228581][T15893] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 169.237590][T15893] loop3: detected capacity change from 0 to 264192 [ 169.245799][T15893] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:23 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000d000) 00:07:23 executing program 2: r0 = open(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x16f842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x179440, 0x80) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x711e40, 0x90) creat(&(0x7f0000000180)='./file1\x00', 0x40) sendfile(r0, r2, 0x0, 0x80000001) unshare(0x60000400) r3 = memfd_create(&(0x7f0000000500)='+\x8b\x8a\xa9\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0) fcntl$addseals(r3, 0x40a, 0x0) fsetxattr$security_selinux(r1, &(0x7f0000000080), &(0x7f00000001c0)='system_u:object_r:vmware_device_t:s0\x00', 0x25, 0x1) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f00000000c0)=0x1) 00:07:23 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x34) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x6) prlimit64(r1, 0xc, &(0x7f0000000040)={0x8, 0xcde}, &(0x7f0000000080)) gettid() 00:07:23 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 25) 00:07:23 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xce00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 169.574531][T15914] FAULT_INJECTION: forcing a failure. [ 169.574531][T15914] name failslab, interval 1, probability 0, space 0, times 0 [ 169.587161][T15914] CPU: 1 PID: 15914 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 169.596010][T15914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.606060][T15914] Call Trace: [ 169.609335][T15914] dump_stack_lvl+0xd6/0x122 [ 169.613938][T15914] dump_stack+0x11/0x1b [ 169.618106][T15914] should_fail+0x23c/0x250 00:07:23 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xcf00000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 169.622516][T15914] __should_failslab+0x81/0x90 [ 169.627280][T15914] should_failslab+0x5/0x20 [ 169.631784][T15914] kmem_cache_alloc_node_trace+0x61/0x2e0 [ 169.637504][T15914] ? __kmalloc_node_track_caller+0x30/0x40 [ 169.643320][T15914] __kmalloc_node_track_caller+0x30/0x40 [ 169.649021][T15914] ? alloc_uevent_skb+0x5b/0x120 [ 169.653953][T15914] __alloc_skb+0x187/0x420 [ 169.658360][T15914] alloc_uevent_skb+0x5b/0x120 [ 169.663122][T15914] kobject_uevent_env+0x863/0xc40 [ 169.668147][T15914] disk_force_media_change+0xe3/0x170 [ 169.673606][T15914] loop_configure+0x6c0/0xeb0 [ 169.678280][T15914] lo_ioctl+0x618/0x13e0 [ 169.682586][T15914] ? path_openat+0x18d4/0x1ec0 [ 169.687434][T15914] ? blkdev_common_ioctl+0x438/0x1110 [ 169.692824][T15914] ? selinux_file_ioctl+0x981/0xa10 [ 169.698052][T15914] ? lo_release+0x120/0x120 [ 169.702613][T15914] blkdev_ioctl+0x1d0/0x3f0 [ 169.707114][T15914] block_ioctl+0x6e/0x80 [ 169.711336][T15914] ? blkdev_iopoll+0x80/0x80 [ 169.715970][T15914] __se_sys_ioctl+0xcb/0x140 [ 169.720547][T15914] __x64_sys_ioctl+0x3f/0x50 [ 169.725120][T15914] do_syscall_64+0x44/0xa0 [ 169.729521][T15914] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 169.735468][T15914] RIP: 0033:0x7fe6b5d0c697 [ 169.739860][T15914] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 169.759507][T15914] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 169.767927][T15914] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 169.775912][T15914] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 169.783861][T15914] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 169.791810][T15914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 169.799760][T15914] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:23 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd000000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:23 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd100000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 169.842346][T15916] loop5: detected capacity change from 0 to 264192 [ 169.865038][T15914] loop3: detected capacity change from 0 to 264192 [ 169.877667][T15916] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:23 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x1) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) syz_open_dev$vcsa(0x0, 0x5, 0x2) r2 = pidfd_getfd(r1, r0, 0x0) r3 = openat(r2, &(0x7f0000000000)='/proc/self/exe\x00', 0x4000, 0x110) sendfile(r0, r3, 0x0, 0x80000001) 00:07:23 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xd200000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 169.912586][T15914] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:23 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000e000) [ 170.065751][T15976] loop5: detected capacity change from 0 to 264192 [ 170.102399][T15976] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:24 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3f79b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb62b3b338503537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a90000000000478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2612a15663f1700a325ee59fb29f5c7187f5408cc2a669b818f2022a95db5de29f3994c18c0510396e537bb81b94aa1f0f674947dd2a130b15561c1262a92acffb3470f677dd73bc14aac6efaa217a9e6790dfb4ed8f7587539da8af6b30000000000", @ANYRESOCT=r0], 0x4240a2a0) ftruncate(0xffffffffffffffff, 0x2) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xdaffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:24 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 26) 00:07:24 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f000) [ 170.179725][T15976] loop5: detected capacity change from 0 to 264192 [ 170.205510][T15993] FAULT_INJECTION: forcing a failure. [ 170.205510][T15993] name failslab, interval 1, probability 0, space 0, times 0 [ 170.218155][T15993] CPU: 1 PID: 15993 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 170.226984][T15993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.237028][T15993] Call Trace: [ 170.240293][T15993] dump_stack_lvl+0xd6/0x122 [ 170.244916][T15993] dump_stack+0x11/0x1b [ 170.249147][T15993] should_fail+0x23c/0x250 [ 170.253546][T15993] ? skb_clone+0x12c/0x1f0 [ 170.257946][T15993] __should_failslab+0x81/0x90 [ 170.262758][T15993] should_failslab+0x5/0x20 [ 170.267247][T15993] kmem_cache_alloc+0x4f/0x300 [ 170.272102][T15993] skb_clone+0x12c/0x1f0 [ 170.276339][T15993] netlink_broadcast_filtered+0x4fd/0xb60 [ 170.282039][T15993] ? skb_put+0xb9/0xf0 [ 170.286129][T15993] netlink_broadcast+0x35/0x50 [ 170.290876][T15993] kobject_uevent_env+0x8c9/0xc40 [ 170.295887][T15993] disk_force_media_change+0xe3/0x170 [ 170.301246][T15993] loop_configure+0x6c0/0xeb0 [ 170.305950][T15993] lo_ioctl+0x618/0x13e0 [ 170.310171][T15993] ? path_openat+0x18d4/0x1ec0 [ 170.314994][T15993] ? blkdev_common_ioctl+0x438/0x1110 [ 170.320344][T15993] ? selinux_file_ioctl+0x981/0xa10 [ 170.325525][T15993] ? lo_release+0x120/0x120 [ 170.330024][T15993] blkdev_ioctl+0x1d0/0x3f0 [ 170.334510][T15993] block_ioctl+0x6e/0x80 [ 170.338734][T15993] ? blkdev_iopoll+0x80/0x80 [ 170.343305][T15993] __se_sys_ioctl+0xcb/0x140 [ 170.347935][T15993] __x64_sys_ioctl+0x3f/0x50 [ 170.352508][T15993] do_syscall_64+0x44/0xa0 [ 170.356912][T15993] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 170.362878][T15993] RIP: 0033:0x7fe6b5d0c697 [ 170.367306][T15993] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 170.387064][T15993] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 170.395457][T15993] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 170.403406][T15993] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 170.411355][T15993] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 170.419419][T15993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xe7ff010000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 170.427368][T15993] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xf400000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 170.458955][T15976] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:24 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xf6ffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:24 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x19408, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xf, 0x100010, r2, 0x52af000) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000400)="e7789e831fd0b2abd72b6804745c660efd738c30206df5e63cf6f1f382cd95cef99dc171365f99ecaea17c3cba733e3bcbe0fd0dea80428fb3cb44c93242ddcb3e01373bbdd0361e762e50312a2c5f55269ab8c9b332abae60054f820242c7dc95f4d5d1798573a2817b081a88f3d70b1c8f7f792db79f0756635130e8afcc2e2c68b2e5dd2db348e98da1d64de80740d4b2f9d1b0548b7de2983a53a6475facfeebcafd99e580cb2737ec62bb1bb902aaea3c30fe9cc9dad051a719319e5d7a81e18f0edbeb0dbf788c0052a6c37f2f4c1f1357657609a7deeaf222e96f177d5c97fe7a7d419eb0f199b6d08fd994e82c60fd935892de0476e44dc83a0631fb160df22e74980b1840ac1d53998b1abb99adfa9fe98979d25aad51cc450ccd99b368296e61fb06711b54622c2236ae7a326cc8060a4cace3db8f1cdcc15698b986c3038ab957e2b6a1c1add92bbe950120acc1518f503c564f5bb318064b43910c4ab0a2037c86c564c38646ddb11d6f5b8ddda9c381cb617df815f7fe4f79a3e465a239d25f66660be524e3f15c3f5c87bce4dafcf821f43d21d38120bc38c8850e28ba22dad9b149d4084bec9b73c320a30dd3a4b2037ded8b1462a20bb510f8e204525034d102ef06004c3030f6056764bb702d588ddb34bf48a5f445a7822354b7b99904948a76ab822ca3378e987c27d7787af07440574a7a8c0ebbfe073399858be2d27b2830838b867d8d701d1ed7b8dd24e0fcafe3d79a448fb17a5e52f4ca4969c8d5c4edf90d45addf53da7113869c3f3fff45cad43815c844b8a4c9880f3bdf1c47d41d9f15c2e996449649b4d9a78ee1464be22480b3c9af477c7abf2fe12142fc1482b86027746c5a4104997bd010f963c2bc56b60813737f160c1dff13085d6d7902f934d06a3c8a4584e2728cb914ee19314faf5626cf277e5ebef8a1aa331697228d52fdad7f115e633ed8dcecce893ab798560a8db47709b7f6748758175485f8f5a59c567916d29f775c3209ef3b28664036e9fbfd5f236d1a4a999de1a17669d695958efc867c341d26670d25827622b1ff297303e38d844624705efbbc9b7844ad36a8c8bea9f270c98328acad4b7ad79dbd25db07f1ffaee694c832a0753be42940070fe1c77d664c30bf7270b4aedf1bf7b4c45cb071708d03deddf0f0de81a4c8ee5c2de505c71c68cdbe21bdb86b6750c91b925ba33ce34d3f9af986f7ff771a3fe36be12a745e196a9a1457c1d385a63441050eaa2d07dccc166a7f171f82d93fc2edb283d424095fb44149091fd5f52603f51008876c2ce49cca90dbdf29db15bbd0482a200f88f2e78966f3d5a55849f1111ea914e1dc597394edfd3ddf34bcab23d39794a038082378d17d0eeca3ecd01cfb3741b12e916f56470e8a2328453b5ae6df52f54791bed5df973c57b652c6c50c8b5dd84842e7d6cb4b2bfcebc4e7c60431911ac8226278a9278ca74f425ed8b68cf6c21ab7f9ae9c517a23ceee1be06f56ba1f14ed560ed43484891e86af91041c351fe53453fde760300bbf2e435dd8d848e908f4521e483b590db384ed64617f8b53ff3a49e7514144f1e5dd3939b0325c19082e3c4add5d924407cbb942bdd6f5bdc8e1405e0150cf193285871b772130ca461ccb5c355350344b1df867b73b930f0426a7895ee81ee1bf8c6a993ec5e22ffb0d2be7acb45b93f28a5c384b075a0130caeefb0c1f53fc19c5a33315b724e4f2d5bc355043b446f3a83bc12ff096a7a996769d7bcbb2de57df7615a1dda9ce6b4280898896bde049f76db9b8a4d8f39f7aa856f86cea3a05356325294a6439c417cb218e63a2368a9f3cf17efba61873e077e7719ecc28fdc95930782ee828cb0af32114dc88631fcc4d3e4e8aa054bcf68fcc77abca19181a0c2cc622429c2d0ab7ca20985f5a7fc211d1e11ffcb84703b0ee968ce990b67b429656d1480f7babe7946128df0216c1e52b385f19f1e23acfb186c186d24b16ad81c02322257d3b52f40de16cc6cef6e1388de7af33a9240cbc3bb6f81823a84ade6d7e57fbddc2476541ca506fabda1ec53c7ba8306e9606b1dfac2c75d2d6f63d62bf66736bcbde45bde0a4f9315bcab2dd43bf01b109403c4c70c68d85b595ee450415a0075ed7bfa69aa1a7045ad5871d284ad6b3070c106467c099f505c8b5e3d8b461e587040e49cd124383f74782ce3d2c409237abb91ecc43d7f235c21088129bde2196594964808b6f14cde65467bae016ba3b603a2f9e00b0a95a26331ea07fe7e57bcb6e64b302816bdee018b723fa8bde15e182154c954b1f678916027239c5dba97c5915223439d21454f9224c9363c6745a84e6dc4cadf031a15581f27e2ede3848a3e50a4ba558fba8b19df543085ad13939553ded2bf41253ba10d5d1b828fb4254f894c4ac9c100cab5df8d1563626a998a786bb364ce413cef89994b15eaae0e40e71f033418c19b313587d2f55ab2ae0968cf9d67fb87742d30e0e061d7c6575909ca411ab7d1d4d29d81319c6afe736a8c57c61336ff3144c005845e3deeeb9c5bffbb324523e13bd3dd9e52bd482102d9dca2c08272a5c3af3211e154f6dfcfdd212367f2ef7f2011fba45759734d414165ee34f8be2873211894b583ac4e9d1ed7f4aa71713ded8f6941f628dd2c3db4fee07b7cf0409631b5cbfa2aa3670e6b78320eb5b580711a88baca65291eef8e24b31032b44cd280a755f6dba966f606f406b793d70f0df22473b246d05c04fb02463bf65276ed3e0927113119b5ad2b5986cee06e334d90d8e18bbd8ead9e1e2247a28dfa6627ca6074d021ebb0bc18688d1f7320f4b2e128b76eb2d5b66a595433c49ee0dd9d7367dfb6ba7a037c10252c8cc60f1042a8341b72a2939a02b89b4c8b9f55c8acb80d4f1db0d142900f834273c5235308ff530c7dbea90ce65f135cd891a90a0d224b145b10a1a3ff1d197fb87d2d908a0f9f4d227568cba6cc36097ec141c3df616c0c2a34d57db6fb6be633d251200b07de73c53654b29519186754f70ccf7b78d577aa6669c1b91ed9271fffe52d346905ceff74e63543c298e7555ae6be11aad87ac43ff9bf66e845260ffe980ac870920309bcef4c60e601fe9c6a0708e905e0a2cb6f0dc697351318f42a07edf91ce6c7186f493b0a66700b7d4781de6a712d269c23832fffc151bf68e7cd9c8ae1009cec25ca2a1e70d3478039987913eac4069af34d14170f03a9c37f2a0abcf1b3ed7cca4e1f575ae2e47da201a02d9fb3b6ab36d7e3135f03551d8c5a1b9829dd70b1885a6bbafbc2f810c4f202eca24a78f71bcce9e3f56257659a2cea4f9505307f0dbeab0cbeaa816b4fe15ad16afff124f8dcb1c5711d40b15096245160a2f86718a84ffa0ec17f2d331395f0008c2cb1b421e11e94c44aac88e838a359072834e2977cab85c1a9a992a5b8cc668ae713f644a60274e600da44da16c01d5f2fd4378d4b00dcd67a1ebe270b2be1154796b5fb7c6b48dabc700da7e4985257e6cba88b4b7b96259e85f46a9e1faee8d0e1cbd6579682987ec132d802e8f32be79bc53262ae247471e22d34a02d3246f778858cb03102779aeb5738966b485e764d7b4f420f29554fa025e60748c628d51e967feb3aa0d1b1c4ebe55f40f6713f7429d465f13596a5d307f271e5f89ead929d3906742378d26b31c9b4e40559b92bdcd22743483926f65677ca5da764bbeae9113abb31eb37577a6023f3058672a3c882df7a50cd98e0071932dc6eafc0b9486b384f8d51453440862c95531cf9eb5ab1084031e19cec5582f55aee6d5238e6969689c5057a26d7332fb86bb3bd6c7cb1fb72487e64c22c08a9783c297954a9a534466cb30a5c6fee2212fa64ea8deb78909573a03fa37cdd135d6dd9f24d356a445a54bd458e7b11af07256de845d7f12a1a3f69fdd9a7f0f9adc16df0279574994ae34a74608a27fd20bf3540a467d1fd96430113f4e26011ac5beb29e54b31e68722424969a803df242f8d314467d18a51aabc5ef946ba4fd06e2d1d62f749d42752f50f9da0a48d62e6957ac36cc75787576b091bf3baddafb80bf4ac78e0f93656e20c96106134bc1184e176390878859e1658d9592a8dc3a6bc21a98baba62e7da5db153a22b15cb9ef514903a416241275720a365362dedfcc0415b844a4fdb2995737093fd28a602edc6ff7819345344660ca1822049ab85cd8a6493e776c8f893fc568406a0a2b248091fcf9af4307dbe04d6005ee329f27169eafdc872559ce5cb89bb5806c64860ed4e4b205da1bfe56d82423ee15821c81de8a7e039ef0304432a3bec1170ce14237a4d07566115d5932878553de35f6dc06afe43d3670ff8111acc6f873f442b6c27096bd7cacc0d84dd446238e1cf07efd1abf680cfa297d81d149a3430c55b8d2a559f7f8abc4e73cc240c1bfb9de0e00501cf869fee24660448a26160e2e597febbaf0228b9692228c17a9fad4e6a377e6143319675fdb34beb86b7444e6205b8de1acebc52388e307bc08a9fb6781fe721a2849ace4d0a3d3fb47682888f7d0f7ef87ed36e98fadbec38d79ef1c09c571324cd5306b9deb2a4c151a112b00a13918a8d82a187936ee9b2cd8b9ebddd8fd35392ca45d0020c39c9b414f9912615fa81cc906f6aaa24b81006ed9c6cee57b7b4bcadf96153e0b53dc49c94f790e8075e04c1d6502604b5d36fd308645fbdcd926d2292ba9c920b9a84e431074b77f3079a0d6a0a30dfeb024664de68ffc3cb4e10229e25f436f835d48fbf53646fe34c9a766f7f32572caf764a0fc8d4e573ea4db3320356154cf6170f4fa8265d24db33b6b02e728d0662682013813a4a1d2422274d5004a366b4bd988162b0b596075edd5c64921ff0e88d9915249279552190fd0d4b12987851eef3f763aeeb5c9917fa4b600c46ea19aff742d2560c1f125dedf338f901ef38faf0ed09232cde9c7eaeb9944f705b80fcbc642c48c4cdf47268df53db3699ff7d6b81b24e17d13694b9216573684366b7b1d53aecab604a5df525e3db3d21e0b708da626c6770ec0801140602d501fee84a6a1e5c24d07e27fd54d2a6ab0a5676211c12842e58c2c3eae096919df1eec477559bf2483f655c37f33693eb37f1c98ec5ccb64ae428f0cf080ca83674d98ef657dc3c0c501d3c9d7bb2aa6e433e20455f324222ecca4c6389c62ccf6a8ada777c0f1225a1f84342afc2483ffc8ea2ac4b80a843b5f5eeee34d22e49069e958c9f71345bab17d601753482a7b9241853f5a34ee818d5ac4d4b801737a4944d8cd4d768b0bae338061eb16555e84c7a92ddd9d112bc213b17571660bb7b8ee5485a258885701032f3ab6de03af712c54a1f69e427df9bb1c4a06e8356f6239f34e3a09a6fb955d163072ba2b21cbae93f41524a6aa3df1dcb8d20bec776f97fa9c977ba7f8b3d3f0fbbf2b9a69752a0fbfa7432edae5d00c884e840905dd8e214dff9a15782ea8c08bbe3a3cb67a603bd087cb1ecca0cf6cba19e5a4bfc3ede65fbb4236efea1d6ea305bed5d74387622eee8c5446b54df12eea1b76042b21128a9bef010b45aeddf1e26593769ef6e0c7fc887062c3c06ad4cdfa1344142f280144b447392c6178d142908267eda2d54e003e017a8458d4580a88cae572f6f281bca88c2d36688de50a296632dbca39c35fb358d8bee99e934913e6cb8506d8e131724ef36de4888685bb9c66f382666ab0bda1f8dcfee8f583e8cd02384acdb6fb2e33a496f99bf10b206fca8e51796", 0x1000}], 0x1) sendfile(r0, r4, 0x0, 0x80000001) 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfaf3586100000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:24 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f100) [ 170.595658][T16024] loop5: detected capacity change from 0 to 264192 [ 170.619303][T16024] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfdffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 170.650574][ T22] audit: type=1400 audit(1633219644.558:798): avc: denied { execute } for pid=16032 comm="syz-executor.2" path="pipe:[37148]" dev="pipefs" ino=37148 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1 [ 170.702098][T15993] loop3: detected capacity change from 0 to 264192 [ 170.711319][T15993] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 170.735525][T16024] loop5: detected capacity change from 0 to 264192 [ 170.762467][T16024] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:24 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd00106000000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db27623763f17e24cb2e6ccd46865320a3016af96296de53b87b3f156736994f439e59419de430ea9ad2db74bb4e00f59f426b0bd8cbf36cf40d4b755bf7a9f647f89277081f7d6b0f96220a014600fb84348b70760902b2ebceff39e", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) write$binfmt_elf64(r0, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x87, 0x80, 0xea, 0x0, 0x100, 0x3, 0x3e, 0xffffffe1, 0x19c, 0x40, 0x1c1, 0x6, 0x2, 0x38, 0x2, 0x81, 0xfff7, 0x8}, [{0x2, 0x1, 0xff, 0x8, 0x0, 0x8000, 0x3, 0xffffffffffff7fff}], "eb109086b1a4bd43060af2fbe596787a187b29d2eeac012a55f60d68677855645632be6666cf2b21a01ed7580a9b415fec053d85ddb0b654a11eccd3742f5bc613bd6a13e9e0cf95ae5b00f58aad20f8b8a023c9ad64673666a46f9e96043bdbb50ed6ec03a0a484c786d879924b9d2faaaf71943bb347970e981199e129f9e92552ad9757f2aeb1e8cae4c2b2690b94fbfa4249991a77eb36b607a433ef1341decad54f2039a96bb5b44355b36bbfa3ceaa2b52caf6f343334efccae41690b42195716db76c311aa6531a8acb4aed075c0139352fcfbdafa89f44b6e8b88f70c6d71469d25766fc8cc0ef696314d79282092f54872d7f0c0b47", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x772) mlockall(0x1) mlockall(0x5) 00:07:24 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeff000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:24 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f200) 00:07:24 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 27) 00:07:24 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:24 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) fcntl$notify(r2, 0x402, 0x9) ioctl$KDDELIO(r1, 0x4b35, 0x5a) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) [ 170.964757][T16073] FAULT_INJECTION: forcing a failure. [ 170.964757][T16073] name failslab, interval 1, probability 0, space 0, times 0 [ 170.977466][T16073] CPU: 1 PID: 16073 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 170.986267][T16073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.996306][T16073] Call Trace: [ 170.999588][T16073] dump_stack_lvl+0xd6/0x122 [ 171.004165][T16073] dump_stack+0x11/0x1b [ 171.008301][T16073] should_fail+0x23c/0x250 [ 171.012711][T16073] __should_failslab+0x81/0x90 [ 171.017477][T16073] ? call_usermodehelper_setup+0x71/0x190 [ 171.023257][T16073] should_failslab+0x5/0x20 [ 171.027743][T16073] kmem_cache_alloc_trace+0x52/0x320 [ 171.033080][T16073] call_usermodehelper_setup+0x71/0x190 [ 171.038610][T16073] ? add_uevent_var+0x1d0/0x1d0 [ 171.043450][T16073] kobject_uevent_env+0xb29/0xc40 [ 171.048474][T16073] disk_force_media_change+0xe3/0x170 [ 171.053837][T16073] loop_configure+0x6c0/0xeb0 [ 171.058553][T16073] lo_ioctl+0x618/0x13e0 [ 171.062779][T16073] ? path_openat+0x18d4/0x1ec0 [ 171.067612][T16073] ? blkdev_common_ioctl+0x438/0x1110 [ 171.072989][T16073] ? selinux_file_ioctl+0x981/0xa10 [ 171.078213][T16073] ? lo_release+0x120/0x120 [ 171.082702][T16073] blkdev_ioctl+0x1d0/0x3f0 [ 171.087192][T16073] block_ioctl+0x6e/0x80 [ 171.091418][T16073] ? blkdev_iopoll+0x80/0x80 [ 171.095989][T16073] __se_sys_ioctl+0xcb/0x140 [ 171.100570][T16073] __x64_sys_ioctl+0x3f/0x50 [ 171.105201][T16073] do_syscall_64+0x44/0xa0 [ 171.109611][T16073] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 171.115489][T16073] RIP: 0033:0x7fe6b5d0c697 [ 171.119909][T16073] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 171.139522][T16073] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 171.147928][T16073] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 171.155878][T16073] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 171.163833][T16073] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 171.171913][T16073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 171.179915][T16073] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 171.188785][T16076] loop5: detected capacity change from 0 to 264192 [ 171.203671][T16076] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xfeffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 171.206769][T16073] loop3: detected capacity change from 0 to 264192 00:07:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xff03000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 171.266635][T16073] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:25 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 28) 00:07:25 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f300) 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffff000000000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 171.363872][T16108] FAULT_INJECTION: forcing a failure. [ 171.363872][T16108] name failslab, interval 1, probability 0, space 0, times 0 [ 171.376669][T16108] CPU: 1 PID: 16108 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 171.379071][T16114] loop5: detected capacity change from 0 to 264192 [ 171.385852][T16108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.385865][T16108] Call Trace: [ 171.385873][T16108] dump_stack_lvl+0xd6/0x122 [ 171.410229][T16108] dump_stack+0x11/0x1b [ 171.414378][T16108] should_fail+0x23c/0x250 [ 171.418803][T16108] ? __kernfs_new_node+0x6a/0x330 [ 171.423825][T16108] __should_failslab+0x81/0x90 [ 171.428604][T16108] should_failslab+0x5/0x20 [ 171.433108][T16108] kmem_cache_alloc+0x4f/0x300 [ 171.437864][T16108] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 171.443735][T16108] __kernfs_new_node+0x6a/0x330 [ 171.448616][T16108] ? ___cache_free+0x3c/0x300 [ 171.453313][T16108] ? kfree+0xf8/0x1d0 [ 171.457272][T16108] kernfs_create_dir_ns+0x5e/0x140 [ 171.462430][T16108] internal_create_group+0x148/0x860 [ 171.467790][T16108] ? __invalidate_device+0xb0/0xc0 [ 171.472882][T16108] ? set_disk_ro+0x73/0x110 [ 171.477365][T16108] sysfs_create_group+0x1b/0x20 [ 171.482197][T16108] loop_configure+0xbcd/0xeb0 [ 171.486880][T16108] lo_ioctl+0x618/0x13e0 [ 171.491107][T16108] ? path_openat+0x18d4/0x1ec0 [ 171.495860][T16108] ? blkdev_common_ioctl+0x438/0x1110 [ 171.501218][T16108] ? selinux_file_ioctl+0x981/0xa10 [ 171.506399][T16108] ? lo_release+0x120/0x120 [ 171.510883][T16108] blkdev_ioctl+0x1d0/0x3f0 [ 171.515638][T16108] block_ioctl+0x6e/0x80 [ 171.519977][T16108] ? blkdev_iopoll+0x80/0x80 [ 171.524549][T16108] __se_sys_ioctl+0xcb/0x140 [ 171.529125][T16108] __x64_sys_ioctl+0x3f/0x50 [ 171.533706][T16108] do_syscall_64+0x44/0xa0 [ 171.538108][T16108] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 171.544050][T16108] RIP: 0033:0x7fe6b5d0c697 [ 171.548453][T16108] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 171.568127][T16108] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 171.576524][T16108] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 171.584541][T16108] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 171.592499][T16108] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 171.600455][T16108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 171.608417][T16108] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 171.616422][T16108] loop3: detected capacity change from 0 to 264192 [ 171.648723][T16114] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 171.671893][T16108] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 171.733779][T16114] loop5: detected capacity change from 0 to 264192 [ 171.778318][T16114] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:25 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, &(0x7f0000000040)=0x7, r0, &(0x7f0000000080)=0xab, 0x0, 0x8) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffff7f00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:25 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 29) 00:07:25 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f400) 00:07:25 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r3 = fcntl$dupfd(r0, 0x0, r1) ioctl$RTC_ALM_READ(r3, 0x80247008, &(0x7f0000000040)) sendfile(r0, r2, 0x0, 0x80000001) 00:07:25 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffffff00000000, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0xffffffffffffff0f, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 171.942443][T16151] FAULT_INJECTION: forcing a failure. [ 171.942443][T16151] name failslab, interval 1, probability 0, space 0, times 0 [ 171.955112][T16151] CPU: 1 PID: 16151 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 171.963873][T16151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.973923][T16151] Call Trace: [ 171.977225][T16151] dump_stack_lvl+0xd6/0x122 [ 171.981986][T16151] dump_stack+0x11/0x1b [ 171.986199][T16151] should_fail+0x23c/0x250 00:07:25 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x22, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 171.990608][T16151] ? __kernfs_new_node+0x6a/0x330 [ 171.995722][T16151] __should_failslab+0x81/0x90 [ 172.000516][T16151] should_failslab+0x5/0x20 [ 172.005014][T16151] kmem_cache_alloc+0x4f/0x300 [ 172.009854][T16151] __kernfs_new_node+0x6a/0x330 [ 172.014764][T16151] ? __down_write_common+0x42/0x830 [ 172.019955][T16151] ? idr_alloc_cyclic+0x26b/0x2f0 [ 172.024985][T16151] ? __down_write_common+0x42/0x830 [ 172.030242][T16151] ? rb_insert_color+0x7e/0x310 [ 172.035088][T16151] kernfs_new_node+0x5b/0xd0 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x25, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 172.039733][T16151] __kernfs_create_file+0x45/0x1a0 [ 172.044859][T16151] sysfs_add_file_mode_ns+0x1c1/0x250 [ 172.047667][T16163] 9pnet: Insufficient options for proto=fd [ 172.050509][T16151] internal_create_group+0x2f4/0x860 [ 172.050531][T16151] ? set_disk_ro+0x73/0x110 [ 172.050550][T16151] sysfs_create_group+0x1b/0x20 [ 172.068551][T16168] 9pnet: Insufficient options for proto=fd [ 172.070895][T16151] loop_configure+0xbcd/0xeb0 [ 172.070924][T16151] lo_ioctl+0x618/0x13e0 [ 172.085657][T16151] ? path_openat+0x18d4/0x1ec0 [ 172.090475][T16151] ? blkdev_common_ioctl+0x438/0x1110 [ 172.095844][T16151] ? selinux_file_ioctl+0x981/0xa10 [ 172.101043][T16151] ? lo_release+0x120/0x120 [ 172.105614][T16151] blkdev_ioctl+0x1d0/0x3f0 [ 172.110144][T16151] block_ioctl+0x6e/0x80 [ 172.114384][T16151] ? blkdev_iopoll+0x80/0x80 [ 172.118967][T16151] __se_sys_ioctl+0xcb/0x140 [ 172.123846][T16151] __x64_sys_ioctl+0x3f/0x50 [ 172.128435][T16151] do_syscall_64+0x44/0xa0 [ 172.132863][T16151] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 172.133722][T16171] 9pnet: Insufficient options for proto=fd [ 172.138760][T16151] RIP: 0033:0x7fe6b5d0c697 [ 172.149061][T16151] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 172.168676][T16151] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 172.177081][T16151] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 172.185042][T16151] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x2c, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 172.193002][T16151] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 172.200971][T16151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 172.209011][T16151] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 172.223712][T16177] loop5: detected capacity change from 0 to 264192 [ 172.230463][T16151] loop3: detected capacity change from 0 to 264192 [ 172.259386][T16177] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 172.289081][T16151] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:26 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) pwrite64(r1, &(0x7f0000000100)="66673eb154281dbe2c7022a357872f158fc2d748dcf9a338cd6a59dbb2217b5ee34f4f6a753052ef66a3aa04bf57a7eab8d0127ded20c267ffc9c5914246b1344ccab68b57075643da6782d40010a631c5478679493253b0c59a20ebe327772b90ef5836b8b47f8bd7b85d78fbf1f68dbb46465d96882e56ffbe293d030546f724bbe450bf1bc3a2eb0a57e1c2e051eed9840986e1f789712719de2b20f538ab9d9bddecd106a5ada97eb278b9d1803c8b8fa23fe6d9aaf7936b090626e51dae53f986da89e3ec1d4bbea644a4586b558fadbd528f5dfbfb3f724c741c819e81ca68624a6e3a0855", 0xe8, 0xffffffffffffffff) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) open(&(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10000, 0x1e8) sendfile(r0, r2, 0x0, 0x80000001) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4200c2, 0xc2) [ 172.315176][T16186] 9pnet: Insufficient options for proto=fd [ 172.330903][T16189] 9pnet: Insufficient options for proto=fd [ 172.392633][T16177] loop5: detected capacity change from 0 to 264192 [ 172.409788][T16177] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x22, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:26 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f500) 00:07:26 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 30) 00:07:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:26 executing program 0: pipe(&(0x7f00000001c0)) ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9, 0x1d4, &(0x7f0000000300)="90f39caa97a06b099d90b0cfdf3d0bd7aa2afd5853940732f976a14357ca541039585ab8941c3cbcc0b8e70294b327cff1534ce16daba66c1d62c87cbbc23dae37148536d53e5c01b31b94d7cfa76f7fe6070378d377f35038dc474056a528a80aff0f70c24383448254d08f5baed952ed95220bd942c956725ce3b0f80445545bb341607e8295c200874faa8a2feb302de5b38702c8abdef9991a2ddb388b32f5b932b586399624674802279700b7f7353846ea2011feb966543e4f63be322207824bd61fae83fd37693dba89f469ede3c7afc833448955452abb89298f0069f15d3d7bbd737e3385ed0af3f90f2342afce30f7e356260bd3b9cf19c63db7964f40c5e375ef17a926145b1ee17a3541573ea585757b621e73a825acc92287a5f22115330f5b393b210cb7800d2d197549e2c3106cd771ef27805bb6acbf06f1c5e4977f3069758b82ad16e9112d30f41a682f2b8af0c9284ca123f1d809dc9e4fa4b6ab18172ddb09c84c0e176a0efbff71fc9c31b1ade65959e652998b0260806ca22d5359236deeb1355d6673a67a367106d1d22a7dbda50a8ec5ce016f02137a979a54d631111004c931dc7162f8183040eea7ddacffb95b82e8bbb1dffa05dfe574a16cc5dfc9c048f25b19e5e3e0944182a660833a52f6e3dc1f087e915d64bf85782ca7a9f55a8bca426dd8b87051ee69a97a6271d255524c448a762f68f9d06a9d922138eb371750c60c94838d8441a793fef72520cde0e574e57e2e5b7116e8193f136ce0443191e385af7cad073b1912acdbec6960f7f0b74d3c43207a3f41bde65f8e8f969827d9085bff1f9ac175fdf86691fd7b3ce487fb91c0e8b713c6ccf5f967b8fd71032fe4e086c94cfd0a4020492751aa0ca4d86c7b47535a2990b86d6d6e9e415c7b06c05af4b4cc4e0fd9f9c541cfb62df120a421de8ebca7db0f2e2c31d93ae25d6d3d81560a17f36a11472769ee58441fd6051a6df827a103322b222e5489ebde969403cc8f27ebbfb76bc2373bac7140f6a06d409622f4bf053c2383c2a2a06e0c0a39ab7611ecc14e240ba04210876603ce9fcd71a30774a2409ec9bad57cea4cfb81ac68afe3f17b9b4c888d29877a0ef92f9c05d95b615617fb2e8e5d8869daded361f60a394a2da39559979bce5a20e4efa0daeb83f88c90e060d97353f1ffdb90ec1151712397e3f233475eaf5f64909eab40e47e366515a28da559991e5fbd3de9fe8d3c88422f136d10dda93b25b689d2a7df7f0c657a5b6b33082a19d2f1e1c42a176b96682a5d95eefaf7093b0db21fd94c4c7e784e8548efe69f3f1e50983c46bde732cbd95679d3fd2cbb6649dcd0fac0c20b823f2330323b665c8ae4011adef4c3d2b5df127c883bdc846998f5843831553e18dbd8b0e9710ad7b39d1ba4b29cf3c6ea83fac98e50686f707c0c4d"}) r0 = socket$netlink(0x10, 0x3, 0xe) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000080)) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r1, 0x0, r3, 0x0, 0x19408, 0x0) write$binfmt_misc(r3, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRESDEC=r1], 0x4240a2a0) splice(r3, &(0x7f00000000c0)=0x2, r2, &(0x7f0000000140)=0x5, 0x6, 0x9) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) mlockall(0x1) mlockall(0x5) mlockall(0x1) 00:07:26 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(r0, &(0x7f0000000000)='./bus\x00', 0x40040, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 172.572748][T16214] FAULT_INJECTION: forcing a failure. [ 172.572748][T16214] name failslab, interval 1, probability 0, space 0, times 0 [ 172.585377][T16214] CPU: 1 PID: 16214 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 172.594164][T16214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 172.604213][T16214] Call Trace: [ 172.607494][T16214] dump_stack_lvl+0xd6/0x122 [ 172.612126][T16214] dump_stack+0x11/0x1b [ 172.616266][T16214] should_fail+0x23c/0x250 [ 172.620668][T16214] ? radix_tree_node_alloc+0x154/0x1f0 [ 172.626111][T16214] __should_failslab+0x81/0x90 [ 172.630858][T16214] should_failslab+0x5/0x20 [ 172.635346][T16214] kmem_cache_alloc+0x4f/0x300 [ 172.640092][T16214] ? radix_tree_node_alloc+0x154/0x1f0 [ 172.645531][T16214] radix_tree_node_alloc+0x154/0x1f0 [ 172.650895][T16214] idr_get_free+0x22a/0x5d0 [ 172.655377][T16214] ? try_to_wake_up+0x362/0x480 [ 172.660212][T16214] idr_alloc_cyclic+0xf4/0x2f0 [ 172.664976][T16214] __kernfs_new_node+0xb4/0x330 [ 172.669833][T16214] ? ___cache_free+0x3c/0x300 [ 172.674493][T16214] ? kfree+0xf8/0x1d0 [ 172.678481][T16214] kernfs_create_dir_ns+0x5e/0x140 [ 172.683582][T16214] internal_create_group+0x148/0x860 [ 172.688850][T16214] ? __invalidate_device+0xb0/0xc0 [ 172.693940][T16214] ? set_disk_ro+0x73/0x110 [ 172.698432][T16214] sysfs_create_group+0x1b/0x20 [ 172.703307][T16214] loop_configure+0xbcd/0xeb0 [ 172.708026][T16214] lo_ioctl+0x618/0x13e0 [ 172.712251][T16214] ? path_openat+0x18d4/0x1ec0 [ 172.717024][T16214] ? blkdev_common_ioctl+0x438/0x1110 [ 172.722378][T16214] ? selinux_file_ioctl+0x981/0xa10 [ 172.727561][T16214] ? lo_release+0x120/0x120 [ 172.732094][T16214] blkdev_ioctl+0x1d0/0x3f0 [ 172.736634][T16214] block_ioctl+0x6e/0x80 [ 172.740854][T16214] ? blkdev_iopoll+0x80/0x80 [ 172.745428][T16214] __se_sys_ioctl+0xcb/0x140 [ 172.750014][T16214] __x64_sys_ioctl+0x3f/0x50 [ 172.754585][T16214] do_syscall_64+0x44/0xa0 [ 172.758997][T16214] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 172.764923][T16214] RIP: 0033:0x7fe6b5d0c697 [ 172.769352][T16214] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 172.788939][T16214] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 172.797332][T16214] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 172.805289][T16214] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 172.813248][T16214] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2f, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 172.821202][T16214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 172.829249][T16214] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 172.845991][T16222] loop5: detected capacity change from 0 to 264192 [ 172.855058][T16227] 9pnet: Insufficient options for proto=fd 00:07:26 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302", 0x2c}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r1, 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) fchdir(r0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x22, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 172.888853][T16238] 9pnet: Insufficient options for proto=fd [ 172.914508][T16222] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 172.933395][T16246] 9pnet: Insufficient options for proto=fd 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x25, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 172.955747][T16249] 9pnet: Insufficient options for proto=fd 00:07:26 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f600) 00:07:26 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x2c, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 172.998844][T16253] 9pnet: Insufficient options for proto=fd [ 173.005505][T16255] 9pnet: Insufficient options for proto=fd [ 173.032330][T16222] loop5: detected capacity change from 0 to 264192 00:07:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0xb, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:27 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x22, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 173.048659][T16222] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 173.082743][T16268] 9pnet: Insufficient options for proto=fd [ 173.118112][T16275] 9pnet: Insufficient options for proto=fd [ 173.146242][T16281] 9pnet: Insufficient options for proto=fd [ 173.148164][T16282] loop5: detected capacity change from 0 to 264192 [ 173.172754][T16282] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 173.184880][T16214] loop3: detected capacity change from 0 to 264192 00:07:27 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 31) 00:07:27 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2f, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 173.228172][T16214] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 173.297169][T16300] FAULT_INJECTION: forcing a failure. [ 173.297169][T16300] name failslab, interval 1, probability 0, space 0, times 0 [ 173.305578][T16295] 9pnet: Insufficient options for proto=fd [ 173.309804][T16300] CPU: 0 PID: 16300 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 173.320340][T16303] 9pnet: Insufficient options for proto=fd [ 173.324284][T16300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.324301][T16300] Call Trace: [ 173.324308][T16300] dump_stack_lvl+0xd6/0x122 [ 173.348180][T16300] dump_stack+0x11/0x1b [ 173.352332][T16300] should_fail+0x23c/0x250 [ 173.356784][T16300] ? __kernfs_new_node+0x6a/0x330 [ 173.361862][T16300] __should_failslab+0x81/0x90 [ 173.366623][T16300] should_failslab+0x5/0x20 [ 173.371120][T16300] kmem_cache_alloc+0x4f/0x300 [ 173.375872][T16300] ? __down_write_common+0x42/0x830 [ 173.381066][T16300] __kernfs_new_node+0x6a/0x330 [ 173.385915][T16300] ? up_write+0x25/0xc0 [ 173.390063][T16300] kernfs_new_node+0x5b/0xd0 [ 173.394647][T16300] __kernfs_create_file+0x45/0x1a0 [ 173.399752][T16300] sysfs_add_file_mode_ns+0x1c1/0x250 [ 173.405136][T16300] internal_create_group+0x2f4/0x860 [ 173.410418][T16300] ? set_disk_ro+0x73/0x110 [ 173.414916][T16300] sysfs_create_group+0x1b/0x20 [ 173.419762][T16300] loop_configure+0xbcd/0xeb0 [ 173.424511][T16300] lo_ioctl+0x618/0x13e0 [ 173.428746][T16300] ? path_openat+0x18d4/0x1ec0 [ 173.433510][T16300] ? blkdev_common_ioctl+0x438/0x1110 [ 173.438878][T16300] ? selinux_file_ioctl+0x981/0xa10 [ 173.444107][T16300] ? lo_release+0x120/0x120 [ 173.448690][T16300] blkdev_ioctl+0x1d0/0x3f0 [ 173.453181][T16300] block_ioctl+0x6e/0x80 [ 173.457412][T16300] ? blkdev_iopoll+0x80/0x80 [ 173.462025][T16300] __se_sys_ioctl+0xcb/0x140 [ 173.466606][T16300] __x64_sys_ioctl+0x3f/0x50 [ 173.471187][T16300] do_syscall_64+0x44/0xa0 [ 173.475596][T16300] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 173.481489][T16300] RIP: 0033:0x7fe6b5d0c697 [ 173.485917][T16300] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 173.505522][T16300] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 173.513921][T16300] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 173.521886][T16300] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 173.529845][T16300] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 173.537801][T16300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 00:07:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:27 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f700) 00:07:27 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose, 0x22}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 173.545764][T16300] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 173.564182][T16300] loop3: detected capacity change from 0 to 264192 [ 173.587651][T16312] 9p: Unknown Cache mode loose"dfltuid=0x000000000000ee00 [ 173.590104][T16300] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 173.613005][T16311] loop5: detected capacity change from 0 to 264192 [ 173.625283][T16311] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:29 executing program 2: fallocate(0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0xfff) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = syz_open_dev$vcsa(0x0, 0x0, 0x2) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000001, 0x110, r1, 0xb2bdd000) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000040)={{0x1d, @loopback, 0x4e24, 0x3, 'lblcr\x00', 0x3c, 0x40, 0x56}, {@empty, 0x4e22, 0x0, 0x2, 0x10000, 0x3}}, 0x44) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) 00:07:29 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) r1 = syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8000, 0x6, &(0x7f0000000680)=[{&(0x7f0000000300)="37429c0507aa731304dbb9c88733fff386623cd1817f1d2bc6a54a1d91f46304c96c1263bd25185739484119558e9e21b48906eab0ed0051bff3b1e4222a9f34fde4219c264067c2a189debd4255716735ee9cbec607efab752f41ece184da6f4c327b208928a694cd5143ec8229774ffddd37f8411ed88ae1d1845b9df78a0c83eadcb2011f5bdf7745fce55ab589", 0x8f, 0x4d80}, {&(0x7f00000003c0)="96d4cff4e07f3e53ca767eade63028c93effcbc4d3f7b01367d890b8181ae366d1f1aafa23c141948399b3f3eb0d99e4b62b4c6d19b6f70f74f4fd318997d56e57636fda2e641e6f0aa66829442e113387dc393a132ed2dcdc60f353190945e1b2ddfae7651ebbd889871fae38d58aa8b2be11fea716a902836ab4995ed1a86dd2ab0070a20cc3c351a9664f8a880d6d409c135e6a8e21d20bd03a95cf33bba0bb6b5a54a0e85c03020e1b8c6b694af0b67cac614b79dc30a12dc8b4b13997819b6ef88bf26998bf5e4bf03e60091ed302dd8a7a00d12fb11eb0f5dc9b0d75d849e11019adddfd01abb996", 0xeb, 0x1b}, {&(0x7f0000000140)="c919803e60af2768485e177a6fcbf3ba8e7c0de7ab16939c21e3f62e91558b30456fdf08a9e306dfd80aae469f4bfb5168f5cf707bdd6a9d68edc631dd3bb45dbff1e941c83a841ed8003b190ff1ab1ad9072d83580aac01d6ddfc43526409a71ba33a97876f0cd72486f8682c0732df", 0x70, 0x20}, {&(0x7f00000004c0)="ad4ec0d763e822b1888182addefbce604fe2641cb71d58e7a4c3f3c7a6a5d2d71a235af8810a1e9665918dfd76f9d62da22970229ca3576cfa4e8f76283bc9e21f4d789e6a0d99f6", 0x48, 0x9}, {&(0x7f0000000540)="da81b71e734df8dbf182bc7935a9d73cc7b615504922a1f77f79cbd590e0ca0e6a27af69f094d1ee7fc93e4114dcd60e34d555b6f19f70ae3b626604eb5ba79629a9bfae68aa466ca4c6fea2da86f08f2beae8f537b1206521c36baaa5721e83489712371a72d966a092a15b29330cac74a55bf232217472a165d20668bcfb432849be4a8d7a333e6943dbc6f4c95a", 0x8f, 0x4}, {&(0x7f0000000600)="a6353e980dbbd9d4706ab036c892172258e92659f7050d061cf3074d503667f7cc06d60b349c2297b93e272b1420b1825e0ce4f21c041c60d2e7dbfa34998f6924360edfb338e7c5d82f6aac887bbd675c3982b4d49c3365a03d043fd5b14c5bd7b6853fd72af0697b", 0x69, 0x3}], 0x10000, &(0x7f0000000740)={[{@fat=@flush}, {@fat=@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@nodots}], [{@uid_gt={'uid>', 0xee01}}]}) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x19408, 0x0) splice(r1, &(0x7f0000000780)=0xff, r2, &(0x7f00000007c0)=0x84, 0x3, 0xc) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x19408, 0x0) ioctl$EVIOCGABS2F(r4, 0x8018456f, &(0x7f0000000040)=""/28) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x0) mlockall(0x5) 00:07:29 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose, 0x2f}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:29 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 32) 00:07:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:29 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f800) [ 175.939280][T16332] loop5: detected capacity change from 0 to 264192 [ 175.951191][T16332] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 175.962351][T16339] FAULT_INJECTION: forcing a failure. [ 175.962351][T16339] name failslab, interval 1, probability 0, space 0, times 0 [ 175.975070][T16339] CPU: 1 PID: 16339 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 175.976094][T16341] 9p: Unknown Cache mode loose/dfltuid=0x000000000000ee00 [ 175.983827][T16339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 176.000966][T16339] Call Trace: [ 176.004232][T16339] dump_stack_lvl+0xd6/0x122 [ 176.008807][T16339] dump_stack+0x11/0x1b [ 176.012947][T16339] should_fail+0x23c/0x250 [ 176.017344][T16339] ? __kernfs_new_node+0x6a/0x330 [ 176.022416][T16339] __should_failslab+0x81/0x90 [ 176.027212][T16339] should_failslab+0x5/0x20 [ 176.031703][T16339] kmem_cache_alloc+0x4f/0x300 [ 176.036488][T16339] ? __down_write_common+0x42/0x830 [ 176.041668][T16339] __kernfs_new_node+0x6a/0x330 [ 176.046512][T16339] ? up_write+0x25/0xc0 [ 176.050661][T16339] kernfs_new_node+0x5b/0xd0 [ 176.055315][T16339] __kernfs_create_file+0x45/0x1a0 [ 176.060407][T16339] sysfs_add_file_mode_ns+0x1c1/0x250 [ 176.065760][T16339] internal_create_group+0x2f4/0x860 [ 176.071028][T16339] ? set_disk_ro+0x73/0x110 [ 176.075514][T16339] sysfs_create_group+0x1b/0x20 [ 176.080510][T16339] loop_configure+0xbcd/0xeb0 [ 176.085188][T16339] lo_ioctl+0x618/0x13e0 [ 176.089432][T16339] ? path_openat+0x18d4/0x1ec0 [ 176.094192][T16339] ? blkdev_common_ioctl+0x438/0x1110 [ 176.099546][T16339] ? selinux_file_ioctl+0x981/0xa10 [ 176.104754][T16339] ? lo_release+0x120/0x120 [ 176.109236][T16339] blkdev_ioctl+0x1d0/0x3f0 [ 176.113724][T16339] block_ioctl+0x6e/0x80 [ 176.117996][T16339] ? blkdev_iopoll+0x80/0x80 [ 176.122652][T16339] __se_sys_ioctl+0xcb/0x140 [ 176.127270][T16339] __x64_sys_ioctl+0x3f/0x50 [ 176.131841][T16339] do_syscall_64+0x44/0xa0 [ 176.136244][T16339] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 176.142201][T16339] RIP: 0033:0x7fe6b5d0c697 [ 176.146636][T16339] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 176.166419][T16339] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 176.174812][T16339] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 00:07:30 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x22, 0xee00}}, {@noextend}]}}) [ 176.182780][T16339] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 176.190733][T16339] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 176.198747][T16339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 176.206701][T16339] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 176.221303][T16339] loop3: detected capacity change from 0 to 264192 [ 176.228582][T16341] 9p: Unknown Cache mode loose/dfltuid=0x000000000000ee00 00:07:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 176.270616][T16339] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:30 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x25, 0xee00}}, {@noextend}]}}) 00:07:30 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 33) [ 176.313599][T16355] loop5: detected capacity change from 0 to 264192 [ 176.360938][T16355] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 176.386193][T16372] FAULT_INJECTION: forcing a failure. [ 176.386193][T16372] name failslab, interval 1, probability 0, space 0, times 0 [ 176.398839][T16372] CPU: 1 PID: 16372 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 176.407630][T16372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 176.417683][T16372] Call Trace: [ 176.420954][T16372] dump_stack_lvl+0xd6/0x122 [ 176.425540][T16372] dump_stack+0x11/0x1b [ 176.429736][T16372] should_fail+0x23c/0x250 [ 176.434143][T16372] ? __kernfs_new_node+0x6a/0x330 [ 176.439160][T16372] __should_failslab+0x81/0x90 [ 176.443949][T16372] should_failslab+0x5/0x20 [ 176.448447][T16372] kmem_cache_alloc+0x4f/0x300 [ 176.453200][T16372] ? __down_write_common+0x42/0x830 [ 176.458393][T16372] __kernfs_new_node+0x6a/0x330 [ 176.463279][T16372] ? up_write+0x25/0xc0 [ 176.467488][T16372] kernfs_new_node+0x5b/0xd0 [ 176.472087][T16372] __kernfs_create_file+0x45/0x1a0 [ 176.477198][T16372] sysfs_add_file_mode_ns+0x1c1/0x250 [ 176.482573][T16372] internal_create_group+0x2f4/0x860 [ 176.487874][T16372] ? set_disk_ro+0x73/0x110 [ 176.492373][T16372] sysfs_create_group+0x1b/0x20 [ 176.497222][T16372] loop_configure+0xbcd/0xeb0 [ 176.501899][T16372] lo_ioctl+0x618/0x13e0 [ 176.506135][T16372] ? path_openat+0x18d4/0x1ec0 [ 176.510906][T16372] ? blkdev_common_ioctl+0x438/0x1110 [ 176.516270][T16372] ? selinux_file_ioctl+0x981/0xa10 [ 176.521474][T16372] ? lo_release+0x120/0x120 [ 176.525969][T16372] blkdev_ioctl+0x1d0/0x3f0 [ 176.530520][T16372] block_ioctl+0x6e/0x80 [ 176.534754][T16372] ? blkdev_iopoll+0x80/0x80 [ 176.539338][T16372] __se_sys_ioctl+0xcb/0x140 [ 176.543931][T16372] __x64_sys_ioctl+0x3f/0x50 [ 176.548565][T16372] do_syscall_64+0x44/0xa0 [ 176.553051][T16372] entry_SYSCALL_64_after_hwframe+0x44/0xae 00:07:30 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f900) [ 176.558946][T16372] RIP: 0033:0x7fe6b5d0c697 [ 176.563349][T16372] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 176.582948][T16372] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 176.591540][T16372] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 176.599548][T16372] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 00:07:30 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x2c, 0xee00}}, {@noextend}]}}) [ 176.607540][T16372] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 176.615506][T16372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 176.623485][T16372] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 176.646695][T16372] loop3: detected capacity change from 0 to 264192 00:07:30 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) open(&(0x7f0000000040)='./bus\x00', 0x101000, 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 176.657131][T16372] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 176.700447][T16355] loop5: detected capacity change from 0 to 264192 [ 176.730708][T16355] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:30 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea1c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09202cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db29e3eaf630f01f272880187b77fcd10904c20ba0d9db62a43c263199e505d3a36817da83678049820f76b9a723dd1e41d4dbe6329383bd162d71e9e74c7e1c3671cb7cd10d2af3a1c8fe076a56d0cfea1828bee58bf8c97eac0310c11d98dc958c771ea6eeadfa2277c2a62", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x6, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) setrlimit(0xa, &(0x7f0000000200)={0x2, 0x7fff}) mlockall(0x5) 00:07:30 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 34) 00:07:30 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}, 0x22}, {@noextend}]}}) 00:07:30 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x10, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:30 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fa00) [ 176.857920][T16424] FAULT_INJECTION: forcing a failure. [ 176.857920][T16424] name failslab, interval 1, probability 0, space 0, times 0 [ 176.870785][T16424] CPU: 0 PID: 16424 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 176.879628][T16424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 176.889664][T16424] Call Trace: [ 176.892941][T16424] dump_stack_lvl+0xd6/0x122 [ 176.897508][T16424] dump_stack+0x11/0x1b [ 176.901734][T16424] should_fail+0x23c/0x250 [ 176.906166][T16424] ? radix_tree_node_alloc+0x154/0x1f0 [ 176.911600][T16424] __should_failslab+0x81/0x90 [ 176.916344][T16424] should_failslab+0x5/0x20 [ 176.920916][T16424] kmem_cache_alloc+0x4f/0x300 [ 176.925664][T16424] radix_tree_node_alloc+0x154/0x1f0 [ 176.931056][T16424] ? delete_node+0x45c/0x480 [ 176.935711][T16424] idr_get_free+0x22a/0x5d0 [ 176.940195][T16424] ? kernfs_xattr_get+0x63/0x70 [ 176.945040][T16424] idr_alloc_cyclic+0xf4/0x2f0 [ 176.949829][T16424] __kernfs_new_node+0xb4/0x330 [ 176.954665][T16424] ? up_write+0x25/0xc0 [ 176.958809][T16424] kernfs_new_node+0x5b/0xd0 [ 176.963383][T16424] __kernfs_create_file+0x45/0x1a0 [ 176.968479][T16424] sysfs_add_file_mode_ns+0x1c1/0x250 [ 176.973948][T16424] internal_create_group+0x2f4/0x860 [ 176.979216][T16424] ? set_disk_ro+0x73/0x110 [ 176.983797][T16424] sysfs_create_group+0x1b/0x20 [ 176.988628][T16424] loop_configure+0xbcd/0xeb0 [ 176.993289][T16424] lo_ioctl+0x618/0x13e0 [ 176.997510][T16424] ? path_openat+0x18d4/0x1ec0 [ 177.002379][T16424] ? blkdev_common_ioctl+0x438/0x1110 [ 177.007736][T16424] ? selinux_file_ioctl+0x981/0xa10 [ 177.013191][T16424] ? lo_release+0x120/0x120 [ 177.017697][T16424] blkdev_ioctl+0x1d0/0x3f0 [ 177.022190][T16424] block_ioctl+0x6e/0x80 [ 177.026413][T16424] ? blkdev_iopoll+0x80/0x80 [ 177.030975][T16424] __se_sys_ioctl+0xcb/0x140 [ 177.035541][T16424] __x64_sys_ioctl+0x3f/0x50 [ 177.040112][T16424] do_syscall_64+0x44/0xa0 [ 177.044511][T16424] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 177.050452][T16424] RIP: 0033:0x7fe6b5d0c697 [ 177.054902][T16424] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 177.074543][T16424] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 177.082959][T16424] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 177.090907][T16424] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 177.098864][T16424] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff 00:07:31 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r2 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_DEFRAG(r2, 0x50009402, 0x0) write$binfmt_misc(r3, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) sendfile(r3, r1, &(0x7f0000000040)=0x20, 0x5) syz_open_dev$vcsa(0x0, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x80000001) [ 177.106913][T16424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 177.114858][T16424] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 177.131312][T16426] loop5: detected capacity change from 0 to 264192 00:07:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x11, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:31 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}, 0x2f}, {@noextend}]}}) 00:07:31 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 35) [ 177.149374][T16426] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 177.167706][T16424] loop3: detected capacity change from 0 to 264192 [ 177.177579][T16424] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:31 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend, 0x22}]}}) [ 177.244502][T16438] loop5: detected capacity change from 0 to 264192 [ 177.285271][T16459] loop3: detected capacity change from 0 to 264192 [ 177.296730][T16438] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 177.301010][T16459] FAULT_INJECTION: forcing a failure. [ 177.301010][T16459] name failslab, interval 1, probability 0, space 0, times 0 [ 177.319907][T16459] CPU: 0 PID: 16459 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 177.328695][T16459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 177.338826][T16459] Call Trace: [ 177.342089][T16459] dump_stack_lvl+0xd6/0x122 [ 177.346717][T16459] dump_stack+0x11/0x1b [ 177.350852][T16459] should_fail+0x23c/0x250 [ 177.355295][T16459] __should_failslab+0x81/0x90 [ 177.360046][T16459] ? kobject_uevent_env+0x1a7/0xc40 [ 177.365243][T16459] should_failslab+0x5/0x20 [ 177.369787][T16459] kmem_cache_alloc_trace+0x52/0x320 [ 177.375055][T16459] ? dev_uevent_filter+0x70/0x70 [ 177.380004][T16459] kobject_uevent_env+0x1a7/0xc40 [ 177.385032][T16459] ? internal_create_group+0x7d9/0x860 [ 177.390486][T16459] ? set_capacity_and_notify+0x1eb/0x200 [ 177.396100][T16459] kobject_uevent+0x18/0x20 [ 177.400606][T16459] loop_configure+0xce1/0xeb0 [ 177.405337][T16459] lo_ioctl+0x618/0x13e0 [ 177.409564][T16459] ? path_openat+0x18d4/0x1ec0 [ 177.414314][T16459] ? blkdev_common_ioctl+0x438/0x1110 [ 177.419665][T16459] ? selinux_file_ioctl+0x981/0xa10 [ 177.424849][T16459] ? lo_release+0x120/0x120 [ 177.429393][T16459] blkdev_ioctl+0x1d0/0x3f0 [ 177.433879][T16459] block_ioctl+0x6e/0x80 [ 177.438170][T16459] ? blkdev_iopoll+0x80/0x80 [ 177.442803][T16459] __se_sys_ioctl+0xcb/0x140 [ 177.447374][T16459] __x64_sys_ioctl+0x3f/0x50 [ 177.451945][T16459] do_syscall_64+0x44/0xa0 [ 177.456386][T16459] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 177.462285][T16459] RIP: 0033:0x7fe6b5d0c697 [ 177.466734][T16459] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x12, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 177.486343][T16459] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 177.494935][T16459] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 177.502928][T16459] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 177.510942][T16459] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 177.518909][T16459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 177.526859][T16459] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:31 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend, 0x2f}]}}) [ 177.625536][T16475] loop5: detected capacity change from 0 to 264192 [ 177.654140][T16475] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 177.671595][T16459] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:31 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca8a4a447711bddfbc496e0b3c7434a60fc8a817bc99ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2fcd8f74485f772d76afd98752b492c67db2000000000000", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) open(&(0x7f0000000140)='./file0\x00', 0x100, 0x0) mlockall(0x1) mlockall(0x5) 00:07:31 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fb00) 00:07:31 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x2e, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:31 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 36) [ 177.850023][T16507] loop3: detected capacity change from 0 to 264192 [ 177.863243][T16513] loop5: detected capacity change from 0 to 264192 [ 177.870686][T16507] FAULT_INJECTION: forcing a failure. [ 177.870686][T16507] name failslab, interval 1, probability 0, space 0, times 0 [ 177.883307][T16507] CPU: 1 PID: 16507 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 177.892076][T16507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 177.902125][T16507] Call Trace: [ 177.905394][T16507] dump_stack_lvl+0xd6/0x122 [ 177.909983][T16507] dump_stack+0x11/0x1b [ 177.914129][T16507] should_fail+0x23c/0x250 [ 177.918690][T16507] __should_failslab+0x81/0x90 [ 177.923479][T16507] ? kobject_uevent_env+0x1a7/0xc40 [ 177.928681][T16507] should_failslab+0x5/0x20 [ 177.933201][T16507] kmem_cache_alloc_trace+0x52/0x320 [ 177.938476][T16507] ? dev_uevent_filter+0x70/0x70 [ 177.943413][T16507] kobject_uevent_env+0x1a7/0xc40 [ 177.948454][T16507] ? internal_create_group+0x7d9/0x860 [ 177.953926][T16507] ? set_capacity_and_notify+0x1eb/0x200 [ 177.959687][T16507] kobject_uevent+0x18/0x20 [ 177.964181][T16507] loop_configure+0xce1/0xeb0 [ 177.968901][T16507] lo_ioctl+0x618/0x13e0 [ 177.973147][T16507] ? path_openat+0x18d4/0x1ec0 [ 177.977903][T16507] ? blkdev_common_ioctl+0x438/0x1110 [ 177.983258][T16507] ? selinux_file_ioctl+0x981/0xa10 [ 177.988547][T16507] ? lo_release+0x120/0x120 [ 177.993120][T16507] blkdev_ioctl+0x1d0/0x3f0 [ 177.997603][T16507] block_ioctl+0x6e/0x80 [ 178.001845][T16507] ? blkdev_iopoll+0x80/0x80 [ 178.006418][T16507] __se_sys_ioctl+0xcb/0x140 [ 178.010995][T16507] __x64_sys_ioctl+0x3f/0x50 [ 178.015569][T16507] do_syscall_64+0x44/0xa0 [ 178.020020][T16507] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 178.025913][T16507] RIP: 0033:0x7fe6b5d0c697 [ 178.030348][T16507] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:32 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) r1 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x7c, 0x8, &(0x7f00000025c0)=[{&(0x7f00000002c0)="73ef3a34a2d1629b7be8903a060a3245e72950f5e823da84a7faa4f2de49c7033d380c25257f671cfd9b8057b8f81ba7fde22f0dbc47d3b3a086c222bf248197ef9d60999b69b7593087ae397d1e5dea5b3e726b0b8e426080bc65c82285babbcfaec91752729973299a113411a31d6dac6800b0d080061a9609c3bc80fbdf19472ae78bcf71d039cd77eaf2215a88e1b1a6ac06539eb86037765ab6c59e8a9a2be8277c957006b8ccfd157911c89431feef0f0f3c326ba8d1f378", 0xbb}, {&(0x7f0000000080)="fa06ef6d3781da7cfd", 0x9}, {&(0x7f0000000400)="270a1a7da69c73c2ffc6c0aaeb2f4d37d74c3d74e041e1f6cb939c60aa662b459d0ada7b01ce84d291ff669816074325ddb3bb4adf78000b87f9c0fb3b00b71a689bc0282231efdb47311771a104d2fd4dc3961251cd6b1af70835f652213a590d7ae4e02976ac5d10d01c57edfec5a47f387d87e843e77f30bc7475dc7effeb84be00c6302ff226dfab8cb3302fc8502b8141740458aa532070716b65e40b6d291daef2e798", 0xa6, 0xdbb}, {&(0x7f00000004c0)="2132f0034813893f74eca4a49da1ded574b860a032138ab88470c47b3b4db9250dc8aac7a288d2c451b1ff3bab3adc147be50d7eb65d2e315092a199146fe2f6b0ef3cf93bac9ef19e175794196f6243326deb2291c67b56a250145efa29eb8f8bee11829b884a1f02e4f9094dc1d329ef8bf8b3bf9461447bfecae7ce12b004c2906d38bf26d4644458237a1643aa807e2046bbdbf6b54467fd1c6dc159d70d3d008f7fb41b28450a88d4666e5937ee229b635ce8caf837ec9b59ad66f9232b257bc8e0cce2363b3425b2958b04bfd758b6921eadfd88a37f85568d30506d3920278f6261ab178260e5b6bef91858184613a41cf8ab534e46feba386ea31d17934e9c160ee5348c6363a86c2158ed97bddd7ac3b7e9994c613311263c8c3e3f6e102217fa639b38f1018e2266978b2c911856ec272244388c7336b9f77be8a52cce57a7f2e0f73f656236be07c0d7e2a6816f4213d1b662ad1f1237ad619a4acf02dfbc5c5f3d6548c3aa9d3facd09895de8ccae2d3fea4d5c88283a478aafaa584fbff6c8b9276be8dc65f19cc02bf13fec2d9e091194c7c325ac3a8b44ca5876e8e7d3cb672b2f8c91d14ddef00fe18577d361c27de270bca32c096bc900e3a600f439dcac1c4cb88fc0314923ec03500f6caae51b4c73a9abec99dcf299d8b14007296ad080f9c3f81928de86bd5d5e150b29351875eb4775657c2cb15a6dcdc26f5e964c64a567bf50c5aa9fc2a92782fc68dba42445d7fba956ae7fc6dcf3b6563079e68ca09d6a9eda43b78c3fd6ed65246ed897ae47db5bf512ee8b6add28d5a45d27664a9fedf9c9e02e912c3dac13f40feeca2f0b6dc91c96e70f9159785b8559c112a4f51c4afd88c360f0330a312cfe717c1d60d3fe6eaf8d2dd603fa62e52b5975055d4042ebd808d26e0b303b25c9abde2095f27dbcffbc3b3af50f7fd867f82b863d3c673330bf77f1373901f44b70d14030d27173ec87e8bec29d919be6646e10b05d37f816ae57f9a3213ced8ff0e3dc39670ca16c4960150a338b6f182b5f9205d15d40c484fa7bdd1cfdb684cf16f0cb9ad42eb64f5a8d5656004cebb9691e689dec5b1fab938413f390ec0e29bb2e6b0295b057dd522a55b58fca8c3f6766a0f1545992abe5523625912608f42e8505f63da3e127598eb8dd038fe5e70e9609a3caed7aa472eca52ee85069821bc6363374e3fbb1a7d6060f1cf24748b4f059823fdeab6052ed7905a3ca2efe9735e6078003c17cba41f25479d756b2008c3652fa57d752463f6b62ccd5096ee24c38c8efbaaa625b9f5375af59254da22443f1d2e9ba7de6a341e930acf3ce12fd8760a74d5cd55c782f22fed7e811d55d8adaa66c30e61136a78f4bcecbd0a1ca98e8877f82c648b0495327f5a6a76ccca89f589971884aa00127d19470bce322b7a21be8858edd7154b4f0c91dbffea392ace8a31ec620dff529b7d2cace3a25c194975824108f4985083d6d881a7673be3b43dee443d0b239b26064e5d8b301128d9b214c2c7496a23d5f0c0689fde27d1f2f0c2a9e84a793b3f648a86bc2461b7f2fe7aed50230bf048d8e9cce37738587091f73ce5acf590267e8a66b9e8cfc02e8ee4e723d5693df361da0bbaf249074d1d3cb4dbc813f6788e8bfee60486792481d4662cd136831171a0c7fb9722a3282cfe93b8e894b6779af47ef6cbd920d1e69d0ca0f301b9d7e8a7e06730819d25e2000bdc59f72505ffd49543f3631794945f95ebc15310a64671840d60f1aebc46f78652443e08488e1a174c7f2bf164c5855bcc33fbf7100398cac33205f2ee54c980d7014aa66a93c49eef02f760410c53af774f37d96c5ae4728eefa72f99cbdf67c1a326ac1f5bd6e7be6afdabadca0185458eae5c5217890456ab8e26fde5fa646a851a3afe3d3cb2d8ac98d413dd55b851beb0da3f0d202017a3ad407da3f83425926244ff08bb857ec92861b4760fcc5f8a084e8dcf4181dd23f8e406c8b8a33c4738c25054f11cf30a52ace28b2fb14dc655e42f77edfbe8469ec227fc2b1b94f7242508170ac1845efb5af168e71810194885869c0f7fcefc63fc1ebb9da33a78835cf579d89153c590f99e62f9ccb0fc7f3fc37a6af49e075893bd120a83f9e2787fdef7dd60a9d1ec7fa966ec1d40477c99fddae2f53a91bf4920006c63c500528e02e0407af99ca80f67c3221f475af37994e814e2f4c8b0a2c7051bb5c3e1c72b955817ef8f377d30a792f744f2c639582c79c64cb389f4f33545e3862f45a02b75992258368226afe4863ee83b80d1694690183b9d11d6665f45c9b8c551114b586cba03c374bcf7b5ffe50128bee3e61bd88962ecb9acdc9fa2ba4dd882262e55db2ccdb1ee4bd1961a8a7feca76a0db210bd90fb1adb449da43518fcc7029549b9fda91f4afe91c1a2ea7c3e9fe76cfdf2e4ed39bcb76bece8a4ccc506aa6f031102c8689dbd918a03a3c178a3b577bed08492839dcdde16da16d495c4f3f7ce4e7951f825807d14917837552f6589f17ebed9f7cc7414aca8faa506d4fdf433f259d9c013b29030bd0c0c56c7ba2977aac1a7ab7b39cef268ceff783f7ff978687e57d557e04437269b077616f26e7107dd254f81e63a779f184a8931ce81e7479013ccdf7b59b8baa0afb92a3db12f0e64e68a3b741404ae0616ea85273bfc0b2e083d95721773b3f54107fc2a7da63cdf48f36aa456c29567a7a54f6b0241f1bf48cde9655aa6a12700db86df7846dedf83793f1448b7917ff50506e1694aeec3953c93efef22f35c86d6aca242a369da154dcd8a7b34bad60f0ea1e3e775b97862b7611e6be1fbb50357cd54373f4592e0eb6181c35943a6e008b06505ccafed779dd64aaf6a468b649beba8226fbb49629897e7a8793fac0c2e79546ea1fb404238f326657d94c00bbe4f5a8490427227d5240fd04ccd614785da23b0a34f3b156c3b75d730eb347ffbf77e4273e35d1c5e2eea9d5642aa94e9ef96d0664f6787f63b0190a164bd589105cacc5bca3ccaa48b299b5a241d66b00bb940926f885d82334adbd726cd4e70deffbb2411ed23d1ed37391d8f68b823ce28bfd6bd2c6e80709b4be8b9d9596ddea8977c083e73d1c1dd9aa0892757457cb25411683615059feff9cff57aba75d67027f9632a60a712fa4e35ecab22d8e7f8faae5d6d9d8909c4407b1abcffcef288ffbffe1b651c643dbe0d9c498d867dfca9126b1343ce373218dee4c3928772be18168940e992781be853a05e872c9e80f1dc6c6469ac9628a94a63bcebac16e6526185e97affef5e124e2160851168be5d95930bdac592b69ad4ef8fd9ea3a52e28128e2bfb2391a8cb147c0c943efef4c90ed345541dfabff2ece7900c44e79874f24285f536b50ad389b09c32d8ff9febeb5a3fdde571c59596731742d6a3530eb531734d9bc023c43a625468defd77723a368c37bb1326e60b896dfcf153d9ac6b3e37bef66aa13eb0003628b3c5f8fde0d1b0a524c1b95544139e182832ee263754ec15179b3f3a7d50c65409c126c33286c68f5192a6e022a2db21f02649e378da660082d6087d5e2c1614e39f5caf07f47e84f81bfe45f359c251465f54287f2ee8c83e380eaaa5ddac89968dc0907d91f7d7d81683ddbb0263433cee0235bb682b23637125d632173cb8d90fd5b0bd9e8a0db1e5b400e0425b85265a0fda32773f73b47560fdd7acf978a50401e926f9f7f96fce885d23dac5cb5ec115f07da4fcced2987253edadba87a18bd1b83906761527ad0cd41f8a6c81287138a4130dd7921ee286927baaeb64f511bd9802668836f4e9333287826213d0c324a5b81c0c7f1654e88b10a4d80cf65e6a3e92d3bd9b7f1f64c77a85995685508bb5a1bd7c0967ce875b972a7e9ec3bc3c052ecd3d1f59c558b1a74247c433f58367e204b3d562d5347fd6be3518147c13a5c64fc26d0a3794840af3c2f3ff6d171d22ff218aa2c1b5f6e868ce2a2c7ba07abbe08f32c72dc4fe025184f9e0990d56d3139c68f77d09d2986d2fe1c2bc98f81c8530bbcfb778d781f2142bd158fbd5a273e040419dc68dd5792ac354e0fb369b66b412e6e6034f4a10d5609486956a7d25832f8b1e43c2531c4d8fa35deedcb6c43fb6316d2d289fac587be606b1ea06c0a6750b08c1fefa27db831d1e5a91d4c0ba20cd888fc58b69499f0a1339c0162e61bbd8ada457ae94269102d58c33890d602a79d657c572a0a11cf48ed36c8128c8e45089e2ee7806b86256254c770fd19b617b3d641dceae6d454226bae136920ad8df7d9993140bab26c1ab77cdae6e4c6ef889bb300934ab267bee188ee3fdfec8d7bb664494411c76b9e86af7eed394565c5c170a0a7670f66d0a91d7dfa7f596ddf668425ec8a59ecb076c3fed99a2ee0bae5d3c85739f10181ca011c27295b391c824d6f39806f7bb2df803ca1108e85c3fd3b9e7a7da6112a9197a55843ee25ae590a91ce69a6bee552702fc64fd5b360efc0ec4c66f8a7db5939a44e1e7a33757436f4fdc55218bcbc77f8890ce585abf19b23155ad01ed1cf88d0904347ea62e76677284e1fe930c0c50ba1e27c18a610ad822745f756228c609d875cc42b2fc2a35732d2842a8c6371c62f74de0915d6e0278e497e0e39ec95f84e763ba43f1cfefc8aa036256ffcecd57ced90fb212a01115762f8be9f6513fd9aaed52c3d114cbe4d1319184d62cbb6291997dd83c72e0da2da791c745ae0cb56add0c14d3a7ae34791544a2a90fb0a51cb75f5c26a80f94969cd9845e7f4e44a17f05b3301e33eaba9bb39c2bc2665184dfaffb264c3fcab69c0664d23b1af2fbabbbaa1226bc22b5c1f6ecb313c55ad4c6f6102fe3930aa1e07b04fbbbfa2688ddf4d84fe1947bf4b8224706ada01f859da76ab03ec56153f8367a779169f368d11ff6214cef3b5c18f1f2d84383f3bd272b64a96dc07847f58685287679764d3da2efce235de47ff402c341058cde083c0dbfe014c9e1dba91e595aa04ddd097c48f9535c682a4467a50f3e209e204f082132d3b75b5902391d7590cfd4ebc97aa1bd666a5eb53c1722616629da3d49c567291ba6877c85ee36206842ade42b85e9f7bb2afaf7929ffdc703bcbdee40cc484988f1665c91ce677b6d9a4652afe596cce5c9cc0b4fbd5e850c1c1dbc8100679f7e70276885e107a1b4baa654404db75b617ad080e73d55fedfda19ee97420807b12c3132a3ac3ef17e9af36d507b94fc7862325ba030bb82712ba983c976e993357c77080b14c03ee7186022a5493f7f8f87326d685bb354627b6b8afc513d4fc9db348705cd3bab0c52a91832af7210f5528ab712a3e3dbac3b62ee739873b1dbdcf82443fa61b866db4a6ec5bb6354f35f6496470d24da10da28deab61c70813159dbdd75644b1f7cb39a264bdbe5fb94b29e03af0dc2971e189e3039af502b83e9cc314b1895b377ff240098c8853535129b4a4d896fc6774a5a5221c174755bda3df8f73739c8063419541fb004a1968ca10600425673a2af2152bbfa7a96d06ef422acb9744d63be5b8a9e3d448a44a54f8aa2765ddce701d47fdce15e3de52450e2888f49b9cec8f84cb9366ebbf6f50ba57f84ed8013f300014afc7cba487f6d8f889c509f1bf704b02df3a29b169572193ceb0fbf14d69f502454455bbcf51e8f97ec0859f8d6e5736a7fb5f76860dea590ca9fecec1ad8ddf38bf91f4885d2c978db8df979651ebcc7870c3a36048fcdc6631785616fad00c7d162383b8b0c88e7d77ac7", 0x1000, 0x3}, {&(0x7f00000014c0)="854f240f9d6d9492d058bcef6d9801257bd79b371d5b186049ffb67c720b67ac33616230cc71774ca50c44e0a8c073c78781d32f56db321f1aca551bf117b157a93cde7f8472472b1bd2e8380ad733de40174b1cc598d79b6271f16bb9fcd6d1e13bbbc1b695d3d0d7eb0792f8e011cffff3bc6eae6d047ce206c5448cdd", 0x7e, 0x8}, {&(0x7f0000001540)="e264008585acad04103ecefdd25cbf278bf63bc625791efe5bb7cbd8570933686570ed1161f7c015b7a6eb899d8d1ed12ab6065a6a7a1ba42b9a0a5d09c4049265f6da05fb96bf5a93ebfbc7ba7c8b186880e2889b23f0df97425280436e40d6d431029fb312a2b62a60bb6301a785411aca52890c639a0193beca5aab626292441c1ea27e705c9e2fd0b31c3998956b70284557fbe93f1965ba117aa4820c625b99d223ff2e9eb6fa46856903e3a66f738cfeba5ab2313b5ef5c3fc7dcb389f2829d42cbd583fd20e8832880217bcf4e9be67a7cf6d0e83e5bc2e72f3b54fccd25a6fba7a0f21a4684d0154ca08ec0dce2b8648d60f072bc0654705128e06bb37ddcbf42c6118654e51f2b9eb2b8c96b11b2d07b99e01cdb515df65897362bf6ae16ade7547cbd9f9d54d9c464b2ce022d9be51d0bd815e52fc30302fed17c1478893ed5c3ef9f8868ad8f08159a78c21afb0a8cef3e3799001a7f1bdc6220a9d5601f67c9c243bdc13fd9affb0fec87324d11d97b7c3cfa9ccfcd1f974c1c12c2a8a675fabb3bf55d9198650caf2f97e4c76177863e3c71ee4c81c7d173d25360f143272d3c732a45fd95aff774b853de8934c891eea653d0680bc6e92b16dd38a125f2907b3f80dc02eff878a541f77a3f08cd897733b888d0e82ad12b429897b8fbf63bedba7850a38050d2ad2aae533a46f70f6822d0c158062b7fad45e851ad0928cb7b8c79f88edc9d941e4e2ee56f7954948522f17a5fb2e986aafffdedc3700eff1a9d9009355f6b0a639fa970543dbcfe100c8afcab789580801c1b4f3b1a95862b6627022fc24ec9d9b85c6c46a9ab3a0cbd774e39cc58420d389f0223436547cf8f3b85fff794d7cedad01d81c266f9a9b80f2a7ec54a3331963396035331557cd7a7595569a5f1845eb783285f4e27b50df596036224a545c57f0585271ad38bd77b319ac8398082fa6a51898b05563b25e75f7df1dc83f4d20b73f88475e2bd514c6f96a8264f3d3cc3825141ec3c30946b6d71bda61e91c983c96456ffc3536a20c3baa471b427d2552ced38aa9a3d740619785dc881a8c2e43b757a49d0ead7c73927f83465d6a48eb83d52b45bdf317bd62846a9411e10d0bc283b4ee881b61b74a2efe45545f99bd4584076dfe758e962e0548acff730c5507c0beebf1866915b11f81924415cfec3b3b88b95f8e77c8b7270eb2f359d36291b897fbcb061928669c88f010b684a51e29eed45549ad0897c488edb03c578f6bb6926e3a7494554043339fcf133b3df7b105f097b61f77a6c5858777d98c740b20e133db73d6693250b87cf2e17e06a101216490b24e785a0b6949bb12cdfca60e144c7a9e8f727392dfcdc608c044885d1fff21fa7ee1c2cb63f626b4fff6c28d73ca77835e1fcf5d6ca553e39be5b2adbed2e0fc5487d558275e5968b3346600455d70d67c9f3bf18453d4a0c917d703e0c38774eb82f44fed16f7cb3dd3fde3fe33f8b500d7ec620cf5e83059b0fc4f5c4c62c4a4eec6cddb10fa7ee8154c05e8c548a5fb99ce3413727faa583ff97630b56d1e927f9614d67b66a39aeabdcec73f71272effb581004f97d5482a5a2701df4dfa1dbf239435f3a00f9461dd1e19e07d2f49415d8e752f27aad35dd34786736e03245e0cca9c3ca191c82feea10a68a6f9274273cab22323fc9f51dea5d481feb3e8b905f8d4d84f7cd1a13bd7559d5c846aad77d459e5376814a519cd7dafe7fa91365fc73612e72a41217abb7277cc9c7014375c2a7c3b112d327bb76fef1a56dcbe55f2a8c102aad3f437235bf69057af6d3358f12f8eff0ecccd1655a910ce4b747f58bac4a1f458089f1e620c989c3ae4ec76b3e1e9c40463e71ca6c23c3f6cd7f3c6c3f612816deff56b4b918205d1e0980de81e8e20d0b6e8d6ae8b9d8906921eabbc2efeadee0f969e133f62ea9125fe1a5a34e5af8e1ebfe913853388e4918420151131a5e10bae0f158afbaeb267ed22da895239cdd9e5e58c17560cc57847a63b75a333ffda1d913277f9d819d57e8e5ce052707e036a765b6af71dc1df69817da57df75f310a75a09f8717db4e568de8e58ed321f0cb2aacabe60a8d027100c209218ff87f5cac3bb8237b50d27a92670626226739d380ac092eeb1316d9bde4a155c78638535cea4b63f1bf0f0e0e6e9aa281b175f55988eca9dfd009799ca2ac425bfcb4dbe163d0489f41be075e2681cd6239e166bf1d8306167efdaf506cd996e9bac6f05be61d459a5e3c35606c16d9ad661f9db33e2c8dd68ca638c06c4186425537b72e341e621a284283a3fe91cfc7c4c51377619bb44d6c8674ec31520023828b01be1d0c3b3360d1f39015fe428a55dd5a0a5b774f9f9d7935c932d5083a4e1adeceaad4bd51a593ac5a18ba1ffb72f9514e47a0958c57b0e9540ac384ed5b3cd132b6cc91261d77606ad1147bc522b9580c55ee9aa5d7ffe38c8089f52234ff0ee50a29db304beb90e730e9b4f5edcbc7e21faabc47da5d9c16cf0898ee5155dbdee95303552e86e18ce1089ef51964dd27dde8fe4babc507e3e6bd167422ec4c4bf6e471148c48ddd282d9155601168259914acad9d6a0863d700dab0f83b49cd837e91f762bb65adacca7ebc31c357d604a01732259b42ede216ec1ada29e43f8aacf843c44bfff29effa41940e224e0dd744edae8ea79a3d679f8527d064e37583f938ee3259fc27cd1a1604866aa7a781594ba70b5498b6862780b0794b49a69cdd7c207f35861de7c0f5d9f137f08c59485ec4e4c33f698916680e0b0997658eaa8a27b256ca4488f072120b1b26e4b7e95576b7a197767c02ba5cd0d0c86d96509d4d0cc421bd16d3c3c2fc1ae49bfc6135a0a89291cc5cd31cb4cf0a5dfa5a1982d51d58ebf8f7217916f1bccb3648e170c53498075e315efffd2623da7ec66500da9a0253f0c974913864ee17f8f7ddeffe16fe49a0dca3690dd65ec2be12b4c61aac5033ed4497301248573449e265d5338d04733f7c226f71fb6f9268abaef2333268c29d79c4ef722298f7cbe554ae5446bd5ca1d532563e49e904b1dd20e32e6d9506c1be3502bf08362300f98a10b7ece2a968016404d1ca77c58ec5c7f4aae441b404cd60d5e6cf16ff87d229b409c7b7f6f25f6e024a10a96625abbc62860667663dfa59de2dd31e81f80042f7f7ad2642fb978813f59e0dd943f1f31db647ab31ad74bf8c0f3a2ada23e5e6f03ac6418e53931e0e12dcdbe88f70bab3da3455eda9867bcf8fad2059a49befa6d98506adf5bb7c0fd553c2ee8203da078e3c9502d873ad2321b77f2f2f6c610ad7d97d8ed479be97c63873d32222d20d3aeaa7e57989909956d89d40e269cefca177486702f6dc85826724351e9ce5bb03b96e9055471a1888d5d9967051aafa9df9394ca95b8f38125f6fe3eeb056683b9d2490de7bea885754cc4395fca7fabacff3d377ce6a448573a50f5be918003b6d47bc7510ec27200648d8108f38ea4e5f121fd6738f0d7785130faa575766f9c9c6e1e5eda003106d5eb63d6a996af12ea0a5cedd8081af91b79404f139312a50a94e1016ad8c9a5f45b45a9d3d9b290ae062b8d4f46f065b83d0760162066f704d5f761489f70049cd6742d7ce7e979e73be77c0ee8ada984585e84e2617582f504b35e52e8e1af079a7a66b5950be2fd40b7fdb2d09f3f17fedc6800aae179cfa3ba4a73d8093e01c0ed0835872b6cd7c73414da544686136989afceba319fa62415f2470f3773e335a7dff0dabef9bc1cdc2b346183facb0585dd5518494a04c29151eecc89d017668dbcb9f557e39e6c46c82e4f85eb5178a554ac2c2a60b02e1170eff7c8cdda7eef2c0bf4c8e3fe18638987f5e238f98b183be826c1cb622b0989a630130107cdef4fe05abadb62568b61843df4dfa7110945e4ec7d78734616403df3f89e6b5b88d8e01f11e0cf91250741b7e571224d3792292e77f6abfe42f18aadb3f1c5b0ba3a0b56bce27663fbee416d308a9aff213fe3a5484ff04b1b9d09f1c5df91a3d862b461dc47f724ce2bef9232c27c9bc9999880f986a6181803e673d441ecca3d2ac714475592a4ecfc2b54f5d6ec9ac7e8a3633a70bbb26f9bd1c34f289bada338aa2c52820a758fcdb3345463a2cb55d58069be7849e9a4170d668cfbedbe0c5bfe0295d122e20a3d3b5b30010d5988aaed8da3f251f604dfd1b3bd1fcf6faf323476439ef7205d7f39481e4b112c68bd87bc205fdd036cd53b00834fd2609022eb920655503cb0c28d27561a0f46a8f4a674048d14704e4a1a09b34193d070c3b580897ca5aab30ce4765b22ff510a2a68f3c5e65c86f233d9c3b85a0ea3563b20ce047928a9557be262260522c0562fa07ae3595084c2d5fe827416660ed5dac682b8325a4d28e3a514ead158d1e2fc05c716e6ece83628f4b938272dc245ad634b21978cc195674ad6d99c7ef43a435b3e0b5c2b8a16258bab5992ad60b834c09cdd11aca33e6e847f7cd370fa32959a1fbf5796bdd3e2a6a4e35c0e1d221b6a8c5cabb901d756f7aca5a4faba160cf6ef7c6584ed2c7e05449931d1fa51ce2218ea8bb9960adf341849c079491f6dfc6615e9c30d22948e70bbf180b90c598836b5dc7ca93e9146cefb4e45584de54b24dc0b17f18e9f8f16f77d808cf362e9fe5792f96b387c999ff514ba49251cffdfe1399ac72ba2f4bd4435a1ee7d161f21d7c40eb0107a39bc0cb1e516ef4e61e28976942232fbac05732dd31210467a6b4655bfebf64713e3522b276f44bab7440b2b88709d56e79db3463cd1bad31b17a7d67811ef77e0ea3a5a7465647ecbeb41cd95dfc320050ed8af4d392e45aa181081b027785792cc25f491dea0abda18dccd5cb83038604a5f0e77596ce7076667b68c54e9b374d9675ff7d7b6caac6412f2c3c105bdcacbee827f37e4ed213e351f1a71d957d30b2b75dc99d305215c89963e2921eca28340e57e2c81b99a5ef8105f52cae5c8d2d45ecce69e8cb336af0fc610c03c07c3cae90c41b43bf7d1060eed223ec9facf2804c71937d0e09df0b9990e4b1a2046bfc474698b6983337ed869e84664eb030855620a9bf4d23f81b4d76b855b8abcfbdf127549cad06847e9b354f4c023022f82648c06b6ba8ef86ad5fe260040c724f5fba8330a4b30b0a0d64b7d81dd42c0b2a746fc13c6e10e046d7a45b94b9944390dca90953cd0546a76eb5ba5823b03fb6fa368deb09d61710672fd66ea06d29bf367a9773e925b271a85abe55d4b2ba7e06a5572be1e4d449eb28dee7cbd0085224d751a15ce0bafc45938509494586d86a97b301b3c8a50a920a754f32c9dc8e684dea3a20e6e26496c97b66c1f66c1efa0b21bd959a68ede2335718abc2ed27bfef209191fe268119d67b7e8ad68b593225eab1b64469afc19a0340e83f0f9ff18d759e9db19ba4fa3dd7f327a07291d93c777cf992d41d58c8cc4d59704891e7e64243b981bfe5e160ccc1a760b4137506a84ffbc736fdb31e473d72a7fa00f67eee0b51221e1c60e6acfa045ebef3f20b522ea2c6a5b77f1ee624f11887291245d0b45aeb50cb48df48f65484b295fed090287b656e89ca9e6f7bb0558e70d8fe9e33a06e3115cfcca014a4c2209fb482260bb39bdd397b7ec9373109168799b3d709a65e4c5668e3a6ec8a70774fa96bc40f5579b918f87793d5f7d43a596b4ff25483bbe4a7811883a2129212fa78730b8cc7ecbcaee89a4f800bb2dee2b5c87b982310032e3b7e6aa5ae21c26b", 0x1000}, {&(0x7f0000002540)="639175b2273c73fd7ed780f7fe94073511cc561734f29f9cd93d22df8b6737157d371808002736f85459", 0x2a, 0xffffffff}, {&(0x7f0000002580)="25597b9f5d16fa", 0x7, 0x6}], 0x1020000, &(0x7f0000002680)={[{@fat=@flush}, {@fat=@tz_utc}, {@fat=@tz_utc}], [{@dont_appraise}, {@fowner_eq={'fowner', 0x3d, 0xee01}}]}) renameat2(r1, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r2 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, &(0x7f0000000100)="8f607450c49ef5e21da69c086fcba06f33deaafa51b6b8fc67fce75d662bc67898f557fd523612d1ddf5ec0ed568761649d3640aa849e02a4f9e7b54979f75ff98e2109f1c67b7edf903b9324033c80c6fa96b29e823a1c1c48d4ad1d4d0c14251ea0d86d259e1c4d774661ba47304cf728cda5648750daf41e893be91e946567564527d27884cdab0f8c0e02dbc0840f61fab9e3fa617cf34a62972e432238ef97c25535ffcdb317b61e4c706681ee1adab3fe43248a3d5a3dbb7b4ac754bb320628432374a6d6749d87df2635d442405df72c724137d2ca23c594292ff91163c435c7623adc51dd7562297f4bf8bf8f6552e41a24ffdb8331b254d9fc5d679") 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x2}}) [ 178.050086][T16507] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 178.058496][T16507] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 178.066537][T16507] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 178.074496][T16507] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 178.082457][T16507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 178.090507][T16507] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:32 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fc00) [ 178.162643][T16521] loop2: detected capacity change from 0 to 264192 [ 178.184675][T16513] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 178.200092][T16507] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x3}}) 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x4}}) 00:07:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 37) [ 178.260287][T16513] loop5: detected capacity change from 0 to 264192 [ 178.281168][T16521] loop2: detected capacity change from 0 to 264192 00:07:32 executing program 2: ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000400)={0x0, "ac7539c7849d97f4c61176daea9b7d96"}) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 178.307324][T16513] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 178.338850][T16565] loop3: detected capacity change from 0 to 264192 [ 178.368530][T16565] FAULT_INJECTION: forcing a failure. [ 178.368530][T16565] name failslab, interval 1, probability 0, space 0, times 0 [ 178.381214][T16565] CPU: 0 PID: 16565 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 178.389981][T16565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 178.400097][T16565] Call Trace: [ 178.403391][T16565] dump_stack_lvl+0xd6/0x122 [ 178.408092][T16565] dump_stack+0x11/0x1b [ 178.412244][T16565] should_fail+0x23c/0x250 [ 178.416695][T16565] ? kzalloc+0x1d/0x30 [ 178.420759][T16565] __should_failslab+0x81/0x90 [ 178.425589][T16565] should_failslab+0x5/0x20 [ 178.430112][T16565] __kmalloc+0x6f/0x350 [ 178.434424][T16565] kzalloc+0x1d/0x30 [ 178.438317][T16565] kobject_get_path+0x7c/0x110 [ 178.443466][T16565] kobject_uevent_env+0x1be/0xc40 [ 178.448491][T16565] ? internal_create_group+0x7d9/0x860 [ 178.454052][T16565] ? set_capacity_and_notify+0x1eb/0x200 [ 178.459682][T16565] kobject_uevent+0x18/0x20 [ 178.464181][T16565] loop_configure+0xce1/0xeb0 [ 178.468900][T16565] lo_ioctl+0x618/0x13e0 [ 178.473138][T16565] ? path_openat+0x18d4/0x1ec0 [ 178.477913][T16565] ? blkdev_common_ioctl+0x438/0x1110 [ 178.483279][T16565] ? selinux_file_ioctl+0x981/0xa10 [ 178.488526][T16565] ? lo_release+0x120/0x120 [ 178.493095][T16565] blkdev_ioctl+0x1d0/0x3f0 [ 178.497588][T16565] block_ioctl+0x6e/0x80 [ 178.501820][T16565] ? blkdev_iopoll+0x80/0x80 [ 178.506403][T16565] __se_sys_ioctl+0xcb/0x140 [ 178.511081][T16565] __x64_sys_ioctl+0x3f/0x50 [ 178.515674][T16565] do_syscall_64+0x44/0xa0 [ 178.520160][T16565] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 178.526044][T16565] RIP: 0033:0x7fe6b5d0c697 [ 178.530442][T16565] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 178.550035][T16565] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 178.558505][T16565] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 00:07:32 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) setrlimit(0x5, &(0x7f0000000040)={0x2, 0x1}) 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x5}}) 00:07:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x42, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 178.566459][T16565] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 178.574415][T16565] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 178.582556][T16565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 178.590509][T16565] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x6}}) [ 178.684449][T16585] loop5: detected capacity change from 0 to 264192 [ 178.702140][T16585] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x78, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:32 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x4100, 0x20) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 00:07:32 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fd00) [ 178.762199][T16565] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 178.824122][T16616] loop5: detected capacity change from 0 to 264192 [ 178.833155][T16616] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x7}}) 00:07:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 38) 00:07:32 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x8}}) 00:07:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x20400, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 178.965804][T16642] loop3: detected capacity change from 0 to 264192 [ 178.985159][T16642] FAULT_INJECTION: forcing a failure. [ 178.985159][T16642] name failslab, interval 1, probability 0, space 0, times 0 [ 178.997832][T16642] CPU: 0 PID: 16642 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 179.006594][T16642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 179.016648][T16642] Call Trace: [ 179.019922][T16642] dump_stack_lvl+0xd6/0x122 [ 179.024647][T16642] dump_stack+0x11/0x1b [ 179.028797][T16642] should_fail+0x23c/0x250 [ 179.033256][T16642] __should_failslab+0x81/0x90 [ 179.038011][T16642] should_failslab+0x5/0x20 [ 179.042695][T16642] kmem_cache_alloc_node+0x61/0x2c0 [ 179.047901][T16642] ? __alloc_skb+0xed/0x420 [ 179.052492][T16642] __alloc_skb+0xed/0x420 [ 179.056832][T16642] alloc_uevent_skb+0x5b/0x120 [ 179.061589][T16642] kobject_uevent_env+0x863/0xc40 [ 179.066625][T16642] ? internal_create_group+0x7d9/0x860 [ 179.072085][T16642] ? set_capacity_and_notify+0x1eb/0x200 [ 179.077717][T16642] kobject_uevent+0x18/0x20 [ 179.082224][T16642] loop_configure+0xce1/0xeb0 [ 179.086907][T16642] lo_ioctl+0x618/0x13e0 [ 179.091141][T16642] ? path_openat+0x18d4/0x1ec0 [ 179.095934][T16642] ? blkdev_common_ioctl+0x438/0x1110 [ 179.101370][T16642] ? selinux_file_ioctl+0x981/0xa10 [ 179.106572][T16642] ? lo_release+0x120/0x120 [ 179.111076][T16642] blkdev_ioctl+0x1d0/0x3f0 [ 179.115578][T16642] block_ioctl+0x6e/0x80 [ 179.119877][T16642] ? blkdev_iopoll+0x80/0x80 [ 179.124527][T16642] __se_sys_ioctl+0xcb/0x140 [ 179.129153][T16642] __x64_sys_ioctl+0x3f/0x50 [ 179.133784][T16642] do_syscall_64+0x44/0xa0 [ 179.138207][T16642] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 179.144113][T16642] RIP: 0033:0x7fe6b5d0c697 00:07:33 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r1, r2) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) open(0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) [ 179.148572][T16642] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.168174][T16642] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 179.176617][T16642] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 179.184593][T16642] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 179.192559][T16642] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 179.200530][T16642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 179.208541][T16642] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 179.240085][T16642] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:33 executing program 0: write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2c9784fa1d206487caf5613a630e29f096b595f8bbb565ca1d9aaef19f290958553d6db90c6d78e206be9113a6bc35fbebbefbded066c4ee634444927b13b02a8cb9ba9ab07730b5e4eea7795c81ebeef5cee77de2c59eb39395cfdb09281298c5f22e1cb60bc646c0917b1ee623c21b62ba55bdb2eac5b7a1a7612b8f967d5334f4f9c566c367a0e0613cb3fc3467c933a5c7d3873bc2f22114b82c755a9f0964b4837f9f8829714e447dbbabc2ad0ab843c37d4f39896fb17a9b911d3b35c13f642", @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:33 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x9}}) 00:07:33 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fe00) 00:07:33 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 39) 00:07:33 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xa}}) [ 179.518705][T16677] loop3: detected capacity change from 0 to 264192 [ 179.525943][T16677] FAULT_INJECTION: forcing a failure. [ 179.525943][T16677] name failslab, interval 1, probability 0, space 0, times 0 [ 179.538579][T16677] CPU: 0 PID: 16677 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 179.547334][T16677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 179.557513][T16677] Call Trace: [ 179.560784][T16677] dump_stack_lvl+0xd6/0x122 [ 179.565382][T16677] dump_stack+0x11/0x1b [ 179.569617][T16677] should_fail+0x23c/0x250 [ 179.574024][T16677] __should_failslab+0x81/0x90 [ 179.578789][T16677] should_failslab+0x5/0x20 [ 179.583289][T16677] kmem_cache_alloc_node_trace+0x61/0x2e0 [ 179.589056][T16677] ? __kmalloc_node_track_caller+0x30/0x40 [ 179.594859][T16677] __kmalloc_node_track_caller+0x30/0x40 [ 179.600488][T16677] ? alloc_uevent_skb+0x5b/0x120 [ 179.605495][T16677] __alloc_skb+0x187/0x420 [ 179.610031][T16677] alloc_uevent_skb+0x5b/0x120 [ 179.614789][T16677] kobject_uevent_env+0x863/0xc40 [ 179.619819][T16677] ? internal_create_group+0x7d9/0x860 [ 179.625277][T16677] ? set_capacity_and_notify+0x1eb/0x200 [ 179.630926][T16677] kobject_uevent+0x18/0x20 [ 179.635463][T16677] loop_configure+0xce1/0xeb0 [ 179.640133][T16677] lo_ioctl+0x618/0x13e0 [ 179.644373][T16677] ? path_openat+0x18d4/0x1ec0 [ 179.649228][T16677] ? blkdev_common_ioctl+0x438/0x1110 [ 179.654644][T16677] ? selinux_file_ioctl+0x981/0xa10 [ 179.659834][T16677] ? lo_release+0x120/0x120 [ 179.664346][T16677] blkdev_ioctl+0x1d0/0x3f0 [ 179.668929][T16677] block_ioctl+0x6e/0x80 [ 179.673211][T16677] ? blkdev_iopoll+0x80/0x80 [ 179.677785][T16677] __se_sys_ioctl+0xcb/0x140 [ 179.682369][T16677] __x64_sys_ioctl+0x3f/0x50 [ 179.686947][T16677] do_syscall_64+0x44/0xa0 [ 179.691353][T16677] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 179.697245][T16677] RIP: 0033:0x7fe6b5d0c697 00:07:33 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xb}}) [ 179.701669][T16677] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.721288][T16677] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 179.729703][T16677] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 179.737660][T16677] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 179.745620][T16677] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 179.753582][T16677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 179.761593][T16677] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 00:07:33 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xc}}) [ 179.814139][T16677] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:33 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xd}}) 00:07:33 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 40) 00:07:33 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000ff00) 00:07:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="060000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 179.979341][T16733] loop3: detected capacity change from 0 to 264192 [ 179.996355][T16733] FAULT_INJECTION: forcing a failure. [ 179.996355][T16733] name failslab, interval 1, probability 0, space 0, times 0 [ 180.009027][T16733] CPU: 0 PID: 16733 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 180.017785][T16733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 180.027833][T16733] Call Trace: [ 180.031107][T16733] dump_stack_lvl+0xd6/0x122 [ 180.035727][T16733] dump_stack+0x11/0x1b [ 180.039883][T16733] should_fail+0x23c/0x250 [ 180.044322][T16733] ? skb_clone+0x12c/0x1f0 [ 180.048735][T16733] __should_failslab+0x81/0x90 [ 180.053486][T16733] should_failslab+0x5/0x20 [ 180.058084][T16733] kmem_cache_alloc+0x4f/0x300 [ 180.062883][T16733] skb_clone+0x12c/0x1f0 [ 180.067177][T16733] netlink_broadcast_filtered+0x4fd/0xb60 [ 180.072890][T16733] ? skb_put+0xb9/0xf0 [ 180.076994][T16733] netlink_broadcast+0x35/0x50 [ 180.081754][T16733] kobject_uevent_env+0x8c9/0xc40 [ 180.086777][T16733] ? internal_create_group+0x7d9/0x860 [ 180.092222][T16733] ? set_capacity_and_notify+0x1eb/0x200 [ 180.097841][T16733] kobject_uevent+0x18/0x20 [ 180.102331][T16733] loop_configure+0xce1/0xeb0 [ 180.107008][T16733] lo_ioctl+0x618/0x13e0 [ 180.111237][T16733] ? path_openat+0x18d4/0x1ec0 [ 180.115991][T16733] ? blkdev_common_ioctl+0x438/0x1110 [ 180.121347][T16733] ? selinux_file_ioctl+0x981/0xa10 [ 180.126531][T16733] ? lo_release+0x120/0x120 [ 180.131019][T16733] blkdev_ioctl+0x1d0/0x3f0 [ 180.135504][T16733] block_ioctl+0x6e/0x80 [ 180.139725][T16733] ? blkdev_iopoll+0x80/0x80 [ 180.144348][T16733] __se_sys_ioctl+0xcb/0x140 [ 180.148921][T16733] __x64_sys_ioctl+0x3f/0x50 [ 180.153493][T16733] do_syscall_64+0x44/0xa0 [ 180.157984][T16733] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 180.163886][T16733] RIP: 0033:0x7fe6b5d0c697 [ 180.168282][T16733] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 94 53 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 180.187955][T16733] RSP: 002b:00007fe6b3a83f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.196360][T16733] RAX: ffffffffffffffda RBX: 00007fe6b5d56cc0 RCX: 00007fe6b5d0c697 [ 180.204311][T16733] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 180.212307][T16733] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 180.220257][T16733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 180.228246][T16733] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 180.240212][T16733] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 180.250291][T16743] loop5: detected capacity change from 0 to 264192 00:07:34 executing program 2: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x428, 0x22, 0x300, 0x70bd2a, 0x25dfdbfc, {0x1b}, [@nested={0x9d, 0x3b, 0x0, 0x1, [@generic="a9f501ac2a7f721e93dd8638117465c51c608b1f01b44d8802cdf2d5e52ab2abe541b992ca5c8962252619ee06c0541e7f5c3de8ed65a0af68f0fe7347c858a4be01421f0308c6b96919d272787e8fc39fb754a1bb18a2a47d094fec794c5057375abc146e9c1c20", @typed={0x8, 0x65, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="0af8f09870bbde2469693e0763dee9e2c3d9c8c08e62a22c22b59f438469ba66e94cc4d477e7e74d25"]}, @nested={0x14a, 0x8a, 0x0, 0x1, [@typed={0x14, 0x62, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x38}}, @typed={0x8, 0x47, 0x0, 0x0, @fd}, @typed={0xf, 0x31, 0x0, 0x0, @str='/:),}^@::)\x00'}, @generic="ff1dea403743daddee3289ae6d1cfaa9ca9143cad4630fcc6fd082ca000d6c2e1b46add1213e98283c876fbf600a4f6d3d738a5b7365f7a315909d945f81d17f5e764cb1aee8e5b3cb9b80f31280e08644ac230c98c1a812a7dbd566d0dd659792065fd4e3c8fb2a237219860273df4fec02ef54ea963d8c33e6111da4f34151b863a33edb383a99526f4e8226557743baa84c7412b49e8a78289cd4cbc2f2939e7fe08b2fce6e1f8f0381fe5f7076bbb75c0a5addc8a5cff198dfb7f9a98e72d5952e2f2dd3601406b974a0869a211b", @generic="fada4f9c70fc5c23cf3a8da7ffcdaaf46b59dd3ea6a8d6dca195ff1033936b21d5ad05274e3d23a1c0d73d5ff50bf7c0a03deaa457389ee3458d481ef222", @typed={0xc, 0x25, 0x0, 0x0, @u64}]}, @typed={0x14, 0x59, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @nested={0x213, 0x23, 0x0, 0x1, [@generic="700d6df4682310c9445ff560b5efaad483b8e4fa8d86981b749081a03dff53a4d78aaa45aa350dd7c43c6186d291b21f95d351aac9f3aed508b4d219cdcf69b212290842f15791abb2424f059159e1002054a2b22301923d117091a1295d3efd24c21fe68a322d4d17e0f07587db95381b882f77a91abf76c75d3e13cd0c93dcf94328fd1c497d36a70534eddccbe4626ebf38281e6cd0d0e4ddde0ac5a184fa736001d4a20f2bd39f8846", @generic="2c698711deb71eb2b68d902402843b33cf4012c2a9a6782101fdb4fad2055fc01874ebd5fd2daf990f8ac394f0ab0cc4eff531b68efd93e0e81cc003513ab0575514fa121950bbc75190ae7e62f2c674f6d3e0f31aab7b367bd0c41833f8b6a8ca8f5e3cd0777ef4eaa54b53f9066486eec7bec3ef27d46a75caa523fe9d9ae7c9e4e8a15e0e5576a5dd598f3c6ef201adf9cd66f58f43f22f3644c814dc683a0ddd3c6e9c6d3a946c224846a2d0d711b7584cd1028a97d6cd2ebe04831181b0a2ea20315ae08e9dda09237eb0ceda1e", @typed={0x8, 0x7f, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @typed={0x8, 0x34, 0x0, 0x0, @ipv4=@empty}, @generic="4806ac9b7162b7bf401f66043381095c2d47e872b5722c88546f735408776c6fab491340ad263d41ba0f8f8372fbf7ea2b4a6da0714c47129add6cf37b94d196aea21b02d18dc49fc9fe631a8bcc274e6d332c90dd9a04dc443f903ddee2af25ff08656bf68f6170286c4f136102fa0761f5b5a100d3c9749f7284f07157acb3c250fe7a"]}]}, 0x428}, 0x1, 0x0, 0x0, 0x880}, 0x10) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) openat(r0, &(0x7f00000002c0)='./file1\x00', 0x103000, 0x10) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendmsg$ETHTOOL_MSG_WOL_GET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080025bd7000fddbdf25090000002c0001801400020073697430000000000000000000000000140002007272696467655f736c6176655f3100001800018014100200766574680a4300000000000000000000b99f1159cf477834046edb44203e5e9483a7dd6de02d5121c2ce350033edc6d77ccd851516af0e18ac10e61d89a945ee004c6fd44f94d13a19249e5b1a22d5c7289944894f3170209f974e2c29552c5fef1d7a3bec06144cdadc6da44e7587c90c3a87d74857109630"], 0x58}, 0x1, 0x0, 0x0, 0x40010}, 0x8000) sendfile(r0, r2, 0x0, 0x80000001) 00:07:34 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='freezer.parent_freezing\x00', 0x0, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000020}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x144, 0x40, 0x400, 0x70bd29, 0x25dfdbff, {0x1}, [@typed={0x8, 0x48, 0x0, 0x0, @fd=r0}, @generic="b16f6dbd62f900490624defd66532a14e24728158128b7becc3edb209ab5d8d51fdf6887d1b9d672f6d6383422c4dddcddd372de70b84c395f2c0aa416a3ed6c12842e249f733ec4384b2ee09fd74ba7edf887fb15beaeeb7badb12c91e1f33ac8b3a27bd4c65357278680f38b1bdb60658fb55dcda1345c02d2f5e0c88ab3f6ee5cec5381aff8de27a463297afac8f93b70d582d093b39bbc838853ab73f6aefa758172ca5b59b6b3580fbd7d23478778940ee60f0f287671bd17c50f7535e0014f018298803f8c90ce99a064ead74e163fbac8adcca8a822d795080db41b", @nested={0x20, 0x87, 0x0, 0x1, [@typed={0x4, 0x70}, @typed={0xc, 0x10, 0x0, 0x0, @u64=0x2cce}, @typed={0x8, 0x40, 0x0, 0x0, @uid=0xee00}, @typed={0x4}]}, @typed={0x14, 0x96, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @typed={0xc, 0x9, 0x0, 0x0, @u64=0x800}, @typed={0x8, 0x45, 0x0, 0x0, @uid}]}, 0x144}, 0x1, 0x0, 0x0, 0x4008800}, 0x40050) ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000800)={{}, {0x1}, 0x124, 0x0, 0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f0000000480)="63cd644672fa9fd9722cd4703d926a8a42ec8375102de5a8842f9da56eb8138e459f5c0d5ce7e07d11ab94772e85ddefbaf4a49eebb1fd4b666bcbc12588488fa4ed27214302938ed697b5860c9a24e50b4984de392755c03ace708a81299471d95bd3209d3f6cfa9420112f1ab1f8bc78cf41dfad1c4073ff2bf2d7e18f35619ad7749600576af2b1debef00bc3c58236754d58472c11d3e9e917f18dd793011e5e670450d13a0af126521f88fa2b31f712f94859b2ed53c3fd2862056c09302cc5718b615994fc8626792b152229d6dd94796de3b094c7b76ac201ed741656e795aaef0f4b09374404c0bca86805514793f780da0292dfd61d6fae64c08aa7489aa9e6c6fcc90fc70a725715a88286efe94e57d18dd5ff3f02e2323ddec7c68c15e2633e9ae1db97e11cf127", 0x12d, 0x0, &(0x7f00000005c0)={0x2, 0x12d, {0x0, 0xc, 0x85, "8856b0dab982801647c13878ab3e7cf84a5ea8ab45dcec3e8b80e2fe42fcfde59f66491a076ba69b951cc29b56c9604aeeaf5c35c189d0f22202682102a7f474858717bb11d3dbdadce65aa1df506449ed62376307c758f8885c4fdaad025e4b59e3aac57063f8c07ff5b8654d03dbc151f5719d4e72d5c22b7bf42ec1a46995941f948a34", 0x9b, "d7998532300c431f76cee2c4416d0a0653d94adcd32ed4928424c32fe41806713b2a746156dad935f99ffb5d77615ed4ee8f5cc68e6b1aee58553a8ac01ca62ac1e79058f36c938555431ae349e023a1b2ffd620113db4614da3ec6310206b4edbaa798f40c728aa3a0ebc666b50617f9dfc5a663066d70e897f08cd606d2fe910b8b32cf9b955252ecdc040d5c16cd082f1048f2670667298cd1f"}, 0xff, "7b211dce6ebb4845cca6436fdf3e40bc47dcdbe32effa60588da3f7177d457e1645f2f3eab3591aec05eb5515c66052967a54b095fb9d5149683ef50fbeaae9eced3897d80d0ebf3c8d524a14eed71815d26ea055aa4dbc4afd1e215e9a7b5ab6cbefc57ebbfeccd8a95c407d5011929ab4544b5899142aaff4d23cd920e56c46c60e2e8e30eac77aaa26b93dc8eb5e0c2d7f77dfff0f797cb28317c25b1ce4661785061c6235de4edd21f3e298f457ce66fc6b2bb13c1500566dcde08306da6470985a61e09064dd7ae3fc3a738e9e9379a9764fdd34f6cd540958deaa2831dd612636d1112b04dc610c61dd5894012642eec9178bd04748cb0d5003060a0"}, 0x238}) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xe}}) 00:07:34 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 41) [ 180.292235][T16743] EXT4-fs (loop5): inodes count not valid: 6 vs 32 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x10}}) 00:07:34 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0xffffffffffffffff) [ 180.344850][T16743] loop5: detected capacity change from 0 to 264192 [ 180.362472][T16743] EXT4-fs (loop5): inodes count not valid: 6 vs 32 [ 180.390887][T16763] loop3: detected capacity change from 0 to 264192 [ 180.423473][T16763] FAULT_INJECTION: forcing a failure. [ 180.423473][T16763] name failslab, interval 1, probability 0, space 0, times 0 [ 180.436140][T16763] CPU: 1 PID: 16763 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 180.444995][T16763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 180.455087][T16763] Call Trace: [ 180.458356][T16763] dump_stack_lvl+0xd6/0x122 [ 180.462933][T16763] dump_stack+0x11/0x1b [ 180.467077][T16763] should_fail+0x23c/0x250 [ 180.471515][T16763] ? getname_flags+0x84/0x3f0 [ 180.476184][T16763] __should_failslab+0x81/0x90 [ 180.480955][T16763] should_failslab+0x5/0x20 [ 180.485441][T16763] kmem_cache_alloc+0x4f/0x300 [ 180.490269][T16763] getname_flags+0x84/0x3f0 [ 180.494777][T16763] ? switch_fpu_return+0xa/0x10 [ 180.499625][T16763] __x64_sys_mkdir+0x31/0x50 [ 180.504221][T16763] do_syscall_64+0x44/0xa0 [ 180.508699][T16763] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 180.514770][T16763] RIP: 0033:0x7fe6b5d0b9e7 [ 180.519194][T16763] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x11}}) 00:07:34 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="0a0000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 180.538912][T16763] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 180.547316][T16763] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 180.555266][T16763] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 180.563217][T16763] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 180.571181][T16763] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 180.579175][T16763] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x12}}) 00:07:34 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x4000, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r2 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x19408, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_mr_vif\x00') vmsplice(r6, &(0x7f0000000080), 0x0, 0xf) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x10, r5, 0xb487c000) ioctl$SG_GET_VERSION_NUM(r1, 0x2282, &(0x7f0000000080)) ftruncate(r2, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xf, 0x12, r3, 0x1145f000) 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x14}}) 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x22}}) [ 180.691826][T16815] loop5: detected capacity change from 0 to 264192 [ 180.715327][T16815] EXT4-fs (loop5): inodes count not valid: 10 vs 32 00:07:34 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x400, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 180.795786][T16815] loop5: detected capacity change from 0 to 264192 [ 180.818900][T16815] EXT4-fs (loop5): inodes count not valid: 10 vs 32 00:07:34 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e0419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0x25}}) 00:07:34 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="100000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:34 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 42) 00:07:34 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) chdir(&(0x7f0000000040)='./bus\x00') 00:07:34 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) sendfile(r0, r1, 0x0, 0x1) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) 00:07:34 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xcc}}) [ 181.042907][T16873] loop5: detected capacity change from 0 to 264192 [ 181.049784][T16872] loop3: detected capacity change from 0 to 264192 [ 181.075934][T16873] EXT4-fs (loop5): inodes count not valid: 16 vs 32 [ 181.092902][T16872] FAULT_INJECTION: forcing a failure. [ 181.092902][T16872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 181.105981][T16872] CPU: 0 PID: 16872 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 181.114763][T16872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 181.124817][T16872] Call Trace: [ 181.128089][T16872] dump_stack_lvl+0xd6/0x122 [ 181.132688][T16872] dump_stack+0x11/0x1b [ 181.137018][T16872] should_fail+0x23c/0x250 [ 181.141431][T16872] should_fail_usercopy+0x16/0x20 [ 181.146554][T16872] strncpy_from_user+0x21/0x250 [ 181.151417][T16872] getname_flags+0xb8/0x3f0 [ 181.155922][T16872] __x64_sys_mkdir+0x31/0x50 [ 181.160519][T16872] do_syscall_64+0x44/0xa0 [ 181.164945][T16872] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 181.171278][T16872] RIP: 0033:0x7fe6b5d0b9e7 [ 181.175685][T16872] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 181.195377][T16872] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 181.203788][T16872] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 181.212253][T16872] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 181.220311][T16872] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 181.228374][T16872] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 00:07:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="1b0000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="1e0000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="250000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:35 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xcd}}) [ 181.236343][T16872] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:35 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xce}}) [ 181.304922][T16906] loop5: detected capacity change from 0 to 264192 [ 181.324168][T16906] EXT4-fs (loop5): inodes count not valid: 37 vs 32 00:07:35 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) r3 = inotify_init() r4 = socket$netlink(0x10, 0x3, 0x7) ppoll(&(0x7f0000000040)=[{r1, 0x2008}, {r2}, {r3, 0x1020}, {r4, 0xa120}, {r0, 0x84}, {0xffffffffffffffff, 0x1000}], 0x6, &(0x7f0000000080)={0x0, 0x3938700}, &(0x7f00000000c0)={[0x401]}, 0x8) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) r5 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x193) writev(r5, &(0x7f0000000400)=[{&(0x7f0000000140)="15c2f06e0b8e4589f965dcecc2a305c5480441d4c62b64ab9c94d168aba958d0140bf07842f8897a943996a72afa82a135d2a7f5000918461e2091068fde96553dbd7830b9c74167988d315520c003879cb4c5b5c731fa1b3593117a572936749896c920675ada", 0x67}, {&(0x7f0000000300)="812c72884c4fba6335dd3f8f709ef895d42787ea4607d2618514650cbe7a4411c7c5d0a452a61013c867a4cdcaa9cfa4a805199053f9145355895ce21b75a942d60a99559c4184cfb8adfc015d8762b172d99a1d8442d7055d37595d74222abd6392f6cf15fc1f7b2f02674133e8da4e2738d7cff48f0e968d61b3505c9a65ef2b1de01748910c41d5f47b329ee8a16301749e7a97519052b4818d8bca4b319c45f5976c69bc89f6feed7df3f6c4077604567a8af3d5feb1aeb1d2803f9a96f7688bd3715d3ce9129134fe6f92f25b359d0cfd1a813edd7edbfab80b23eb1dfe080a454ff3467a33441ae983483555247c362356f51a", 0xf6}], 0x2) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:35 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xcf}}) 00:07:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="290000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:35 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 43) 00:07:35 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa69825ff325c46d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x297, 0x0, @perf_config_ext, 0x210}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x82) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r1, 0x8008f513, &(0x7f0000000080)) r2 = socket$inet(0x10, 0x3, 0x0) write$P9_RSTATu(r2, &(0x7f0000000180)={0x4d, 0x5e, 0x300, {{0x2, 0x38, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1, '^', 0x3, '%,#', 0x1, ']'}, 0x0, '', 0x0, 0xee01}}, 0x4d) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) [ 181.554023][T16938] loop5: detected capacity change from 0 to 264192 [ 181.570416][T16938] EXT4-fs (loop5): inodes count not valid: 41 vs 32 [ 181.576953][T16945] loop3: detected capacity change from 0 to 264192 [ 181.588382][T16945] FAULT_INJECTION: forcing a failure. [ 181.588382][T16945] name failslab, interval 1, probability 0, space 0, times 0 [ 181.601043][T16945] CPU: 1 PID: 16945 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 181.609802][T16945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 181.619847][T16945] Call Trace: [ 181.623115][T16945] dump_stack_lvl+0xd6/0x122 [ 181.627697][T16945] dump_stack+0x11/0x1b [ 181.631836][T16945] should_fail+0x23c/0x250 [ 181.636239][T16945] ? __d_alloc+0x36/0x370 [ 181.640612][T16945] __should_failslab+0x81/0x90 [ 181.645362][T16945] should_failslab+0x5/0x20 [ 181.649851][T16945] kmem_cache_alloc+0x4f/0x300 [ 181.654601][T16945] __d_alloc+0x36/0x370 [ 181.658757][T16945] d_alloc+0x2a/0x130 [ 181.662735][T16945] __lookup_hash+0x8f/0x180 [ 181.667242][T16945] filename_create+0xfc/0x270 [ 181.672044][T16945] do_mkdirat+0x53/0x2c0 [ 181.676333][T16945] __x64_sys_mkdir+0x40/0x50 [ 181.681087][T16945] do_syscall_64+0x44/0xa0 [ 181.685495][T16945] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 181.691589][T16945] RIP: 0033:0x7fe6b5d0b9e7 [ 181.695988][T16945] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 181.715638][T16945] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 181.724044][T16945] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 181.732043][T16945] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 181.740000][T16945] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 181.747955][T16945] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 181.755908][T16945] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:35 executing program 2: r0 = open(&(0x7f00000002c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x14d842, 0x2) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c460705c206c3b300000000000002003e0004000000530300000000000040000000000000007f0000000000000000fd0000090038000200ff070500ef040100000003000000010000000000000000100000000000004d0900000000000002000000000000000002000000000000b500000000000000013830fe82dd510b3b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d02b3800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000704240d00"/2165], 0x881) sendfile(r0, r1, 0x0, 0x80000001) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x139, &(0x7f0000000140)="8de208f1679d9126a25750cb070000006083f3cf09690f0800000076751e3811ac9d0ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc463ce5e06d54359b83bd82797e48adf8259a4270ef0d680984d8b6951f5ffcfe21ad81da7c3e70b5c56880a53b4d196eda27aa8d092eea1be3abe9517f9e7a45eed9f8eede002d10bd5edc12efa21cb5ef16cdbbda2e5af18ba8733fb3cb407ee6c4252493d2834faafc1f2169271f1ec5721a6535c1600a6ce9b43a7efe75322cf3af1d7b48e23185ebf24de7024f010eb56a4d9e6c86f8b507139aea1d0a9590f61c9fe3cc9ffb1e33c047bf53b8bf2ffbaac21c4813235354b7c3f948a5cd67acc8eeed21b4499f259f73ff434c441fd21e9c4ddfbd559baef"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x38) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) gettid() wait4(0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, {0xfffffffd}, 0x0, 0x0, 0x0, 0x0}, 0x58) 00:07:35 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xd0}}) 00:07:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="004000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:35 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 44) 00:07:35 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x3, 0x20, 0x3, 0x80, 0xff, "09664c8820ddda3689c58731f05e6e8c2259cf", 0x9, 0x2}) sendfile(r0, r1, 0x0, 0x80000001) r2 = gettid() ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000600)={0x0, 0x0, 0x19, 0x13, 0xeb, &(0x7f0000000200)="b9d1e280eca42112ae89f95a844e305aa1edc61246c094ae82e3f344b0980d6bc06a75f454c8723667530b38109ce48de943bdec9f94b09208528ae094b17086a53db483fef9cdaa9103fabe7e912078455b062a57cafa211fc40887c62b9048acc15f0f3adbb4a10ebbea1aa37430298ac61195f753dda62ddfa063f434c314784cb6e268ac56a7b90ae4e1287ee5275d4d9674289cf599fe4dd18ec090b68e9f06428a239bd7774952007e2b319d872a1a8e68e6a47ea40d9a7111a9a1c353a4cec84ba516e30bf8f0dbc08e6c09950ad6932a9557fc4d4e976eafc6e54712f5d5907cb4d9ff0f6282fac8f1b6b3fe6499052acec5870f0eceb53330d76ed5cf5b4b38e07db8d2fc03874df38176a47aff93fe17e9433c0d23d24d57eba15c7aec45912e30a097240997b78714125ccce77f0a65f7a428e634c7ddf1138e5e6dfad61f8dafc081ca670405b1fea4368af57ff9eeac0153c2283ad6a0f43273f151235fb3c92049f5930e16bba7c9c5fbe799c632c3dee347f03b14524db9740dd011c585c0871d78afec6c77a9f217ceddc6bf039effc047041dafd9f1fda0d2577767e3fdafa20bec7572214ce7a3e82a0528ec3e63f7453e047ba61d047a47f01558acdc12ad331a60c7ce88b3758070087a64054eff91f3d4ad02d1796b06c3d59bdc86a703f80a8e6cc7e40bd9e95eccfccdd68fc4c03eb7120219313b766aebc18204d1328ec174ed8b3988c672c1424ad03feb34bd297d38096c8922c81b91c4f373a4cbc7a9cbfa9cc1d75ba3531079c6a1203d4b17770e007fe9489519af0e987909f2191f42d826963ac9960d64502c658ce5b8cb28178af1a55d086c766b9e10beb0dcbc83be24d04fd461b86369204778a32de8d7bfafc8138a3071dcee8fa5fa453653284cb136dba2b8cbbdb05a36538f70038f811ee73097548261c5b9d04891c341c39c41fa6943fbd881ce31de1ecf6614733c9eb2959365473a4004a1df71b32f59a7efd7468e4059860cab8a833f8dd37e55fb929c2bc136527127bbac070976d5fd2ce8f9d6b99c37fd38d21fa551ca994efd7d73abdf2be8ef98a54dd917c0bde243a0a05b5505d3d26500a9decd00d31d8e4e8c2d943a0de760b44be42499e90ca4120294f85c46271befc0f262365891e0e3d3cc3133cfc552c5b082c045e069c5b47e4ee29b447ed4208818c1cf5373af956b0a24e24544cee53889e93f181b980096205d9b6a8e55e14dccd3af09daaac62cc9c0a7499199c0df9cadc49f5fd4c125df71af7b41e633cde17afe30195f3f95489d8eea4b601ab71ef77409417fc21eba8dd37c4f71bb230bb9fe186490746e5b951e38359852271362742b2ee46777917aff0e6c03e2842662ee44abf5a94b545f521f0bcd33a7fbef7a40f5feeea96a0988f6550f267bf40c2726aeee2a88cb"}) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x34) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r2, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0xae, 0x5, 0x35, 0x7, 0x0, 0x40, 0x41600, 0xd, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x200, 0x0, @perf_bp={&(0x7f0000000080), 0x3}, 0x41, 0x78, 0x5, 0x8, 0x0, 0xff, 0x1, 0x0, 0x4}, r2, 0xa, r0, 0xa) [ 181.918759][T16976] loop3: detected capacity change from 0 to 264192 [ 181.932699][T16979] loop5: detected capacity change from 0 to 264192 [ 181.943914][T16976] FAULT_INJECTION: forcing a failure. [ 181.943914][T16976] name failslab, interval 1, probability 0, space 0, times 0 [ 181.956578][T16976] CPU: 1 PID: 16976 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 181.965558][T16976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 181.975606][T16976] Call Trace: [ 181.978949][T16976] dump_stack_lvl+0xd6/0x122 [ 181.983558][T16976] dump_stack+0x11/0x1b [ 181.987699][T16976] should_fail+0x23c/0x250 [ 181.992098][T16976] ? __d_alloc+0x36/0x370 [ 181.996413][T16976] __should_failslab+0x81/0x90 [ 182.001207][T16976] should_failslab+0x5/0x20 [ 182.005698][T16976] kmem_cache_alloc+0x4f/0x300 [ 182.010447][T16976] __d_alloc+0x36/0x370 [ 182.014605][T16976] d_alloc+0x2a/0x130 [ 182.018573][T16976] __lookup_hash+0x8f/0x180 [ 182.023138][T16976] filename_create+0xfc/0x270 [ 182.027804][T16976] do_mkdirat+0x53/0x2c0 [ 182.032151][T16976] __x64_sys_mkdir+0x40/0x50 [ 182.036735][T16976] do_syscall_64+0x44/0xa0 [ 182.041141][T16976] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 182.047108][T16976] RIP: 0033:0x7fe6b5d0b9e7 [ 182.051515][T16976] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 182.071170][T16976] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 182.079650][T16976] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 182.087607][T16976] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 182.095722][T16976] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 182.103692][T16976] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 182.111648][T16976] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:36 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xd1}}) 00:07:36 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x8, 0x5, 0x70, 0x8, 0x0, 0x3ff, 0x2000, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000180), 0x2}, 0xb789, 0x7, 0x10001, 0x9bef3b267f3403ff, 0x7, 0xfffffdfd, 0xfff8, 0x0, 0x449, 0x0, 0x7f}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x9) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xb, 0x80010, 0xffffffffffffffff, 0xaa42c000) sendfile(r0, r1, 0x0, 0x80000001) r3 = signalfd(r2, &(0x7f0000000280), 0x8) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0xb4, 0x6, 0x3, 0x3, 0x0, 0x7ff, 0x20000, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xc26, 0x2, @perf_bp={&(0x7f00000001c0), 0x1}, 0x11c0, 0x101, 0x3, 0x2, 0x7b25, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x7fff}, 0xffffffffffffffff, 0x10, r3, 0x2) [ 182.152234][T16979] EXT4-fs (loop5): inodes count not valid: 16384 vs 32 [ 182.229503][T16979] loop5: detected capacity change from 0 to 264192 [ 182.238902][T16979] EXT4-fs (loop5): inodes count not valid: 16384 vs 32 00:07:36 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x4) mlockall(0x5) 00:07:36 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xd2}}) 00:07:36 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 45) 00:07:36 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="fffe00008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:36 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) openat(r0, &(0x7f0000000040)='./bus\x00', 0x140, 0x119) [ 182.560102][T17042] loop3: detected capacity change from 0 to 264192 [ 182.561159][T17041] loop5: detected capacity change from 0 to 264192 [ 182.584247][T17042] FAULT_INJECTION: forcing a failure. [ 182.584247][T17042] name failslab, interval 1, probability 0, space 0, times 0 [ 182.596948][T17042] CPU: 0 PID: 17042 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 182.605710][T17042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 182.615787][T17042] Call Trace: [ 182.619062][T17042] dump_stack_lvl+0xd6/0x122 [ 182.623652][T17042] dump_stack+0x11/0x1b [ 182.627808][T17042] should_fail+0x23c/0x250 [ 182.632231][T17042] ? ext4_alloc_inode+0x27/0x300 [ 182.637199][T17042] __should_failslab+0x81/0x90 [ 182.642032][T17042] ? set_qf_name+0x230/0x230 [ 182.646623][T17042] should_failslab+0x5/0x20 [ 182.651173][T17042] kmem_cache_alloc+0x4f/0x300 [ 182.655927][T17042] ? ebitmap_destroy+0x91/0xa0 [ 182.660679][T17042] ? set_qf_name+0x230/0x230 [ 182.665255][T17042] ext4_alloc_inode+0x27/0x300 [ 182.670045][T17042] ? set_qf_name+0x230/0x230 [ 182.674618][T17042] new_inode_pseudo+0x38/0x1c0 [ 182.679457][T17042] new_inode+0x21/0x120 [ 182.683670][T17042] __ext4_new_inode+0x13f/0x2fd0 [ 182.688636][T17042] ? __dquot_initialize+0x13d/0x7f0 [ 182.693821][T17042] ext4_mkdir+0x28a/0x760 [ 182.698135][T17042] vfs_mkdir+0x2c3/0x3e0 [ 182.702363][T17042] do_mkdirat+0x12e/0x2c0 [ 182.706678][T17042] __x64_sys_mkdir+0x40/0x50 [ 182.711256][T17042] do_syscall_64+0x44/0xa0 [ 182.715660][T17042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 182.721539][T17042] RIP: 0033:0x7fe6b5d0b9e7 [ 182.725940][T17042] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 182.745532][T17042] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 00:07:36 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r2, r3) sendfile(r2, r1, &(0x7f0000000040)=0x8, 0x2) syz_open_dev$vcsa(0x0, 0x20000000000000, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x80000001) 00:07:36 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}], [], 0xf4}}) [ 182.753940][T17042] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 182.761896][T17042] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 182.769848][T17042] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 182.777804][T17042] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 182.785758][T17042] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 182.803414][T17041] EXT4-fs (loop5): inodes count not valid: 65279 vs 32 00:07:36 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c6f6f73652c64666c747569643d0016cd7eff39024245000000000000", @ANYRESHEX=0xee00, @ANYBLOB=',noextend,\x00']) 00:07:36 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x19408, 0x0) r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r6 = geteuid() keyctl$chown(0x4, r5, r6, 0xee01) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8000, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@noextend}, {@cachetag={'cachetag', 0x3d, '\x9e(:@-+'}}, {@access_user}, {@nodevmap}, {@version_L}, {@version_L}, {@cache_none}, {@cachetag={'cachetag', 0x3d, 'rfdno'}}, {@cache_fscache}, {@afid={'afid', 0x3d, 0xfffffffffffffff8}}], [{@hash}, {@obj_user}, {@fsname={'fsname', 0x3d, '!${&^(/('}}, {@uid_gt={'uid>', r6}}, {@appraise}, {@uid_gt={'uid>', r7}}]}}) 00:07:36 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200001020000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:36 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) r0 = open$dir(&(0x7f0000000040)='.\x00', 0x2, 0x4) ftruncate(r0, 0x8000) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getdents64(r0, &(0x7f0000000180)=""/245, 0xf5) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',w&dno=', @ANYRESHEX=r2, @ANYBLOB=',cache=loose,dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB=',noextend,\x00']) 00:07:36 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendfile(r0, r0, &(0x7f00000001c0)=0x4, 0x1) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x100, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x89c9}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7fffffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x48010) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r3, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x2000800, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@cache_loose}, {@posixacl}, {@fscache}]}}) [ 182.903275][T17094] loop5: detected capacity change from 0 to 264192 [ 182.917682][T17094] EXT4-fs (loop5): bad geometry: first data block 0 is beyond end of filesystem (0) [ 182.929520][T17098] 9pnet: Insufficient options for proto=fd [ 182.937207][T17101] 9pnet: Insufficient options for proto=fd 00:07:37 executing program 0: write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) setrlimit(0x0, &(0x7f0000000040)={0x4000000, 0x8}) 00:07:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000080000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:37 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 46) 00:07:37 executing program 4: creat(&(0x7f00000001c0)='./file0\x00', 0xc0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setxattr$security_selinux(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)='system_u:object_r:default_t:s0\x00', 0x1f, 0x0) syz_mount_image$iso9660(&(0x7f0000000100), &(0x7f0000000180)='./file0\x00', 0x7, 0x5, &(0x7f0000000500)=[{&(0x7f00000001c0), 0x0, 0x2}, {&(0x7f0000000200)="e7d6ac9c572b282adca908803e65721b5454ed8d980fa1966db350f2a9492a76bbc179fa434a5fa20f08d735110ba772ac38b23f750fcc93c19f0a0be6f6809e468cc274e82d93900bf977bd19916ec1c86fff83868828ba3591d2af5c2034fada360edcbf369e7e40bf4b239dd58a3e51e9ba1e05b9866d2e06a4d310fc90cf5f3e35b34779c2cb96e6790168843217baff017605b322e3ab3bb4ea5d696742b7537fda0488bd48f59c37512e2c419c99194f7ebe4fcb61c44f173027b65a17470b46fd1cc390f149719d8040531ffa692f8efdcd2bf2dd61606c30743e517de2e8b16aa6f7079b50f67a3525b6d4a671d5554d291f05662af626f46f", 0xfd, 0x2}, {&(0x7f0000000300)="d55c10249149ae6a94a2cb76b6a704ce9e9a46c9432115fbbfd8820100670dea1535be67b488e3d5bd8d54e722105f0a7d087f3073350fd262f460e70b98b78212a8a12d944d167758fcf319ce87", 0x4e, 0xa2}, {&(0x7f0000000380)="e78b4933268d349ff50704a728a37506005b01254dc251a2d96b37116d1ce4896cf0b2df91d4a92e58a40bbf4a1346ccecf36461899eb7c792b7e87447fc3baa49518585cda27d71e7369d9170ffe204a668a090158c4b43cb90be77f22362429e499a59c4f24e88a416636c600dedbf4f9c416d38076a59dffa65c988570389fd727f566d43cb9784974b2152fe606450e4456961a35bf25a7b87bc203854bd267de02b483fc6b38eea34307bdc0bbe3f4d9caebdd1ef2ba0e3168ef4a6ebb263c4298cebd453612c156a2933fc32ceb2e255862e1ab69afa97d542f6b861f4b6391e564347d02e214d331bfe49ac4b", 0xf0, 0x80}, {&(0x7f00000005c0)="5014ba78780fa7881e28f9daf07b249e44a545de2858c82e4dfe65877a7bc13804a89b15dbf368af4a8577e00e3c4ce624cbda2175f4199b7897258bca87e9a367719f81ea1d52b3e27402a715612bb0c04b79804073f8c4dabf464d3da100f86f5f57c702d29260c79d9b6a4b9b2803022f3db7b16e86df73d4d9abaeac6d8e5d9cd19b66b2c0d04c2d11cc763d1ea158bc31606fd004f281a597106d45419d38b92ecc8db24bc2b94c8721b52336f6e339d0b2bd6fa6eb53be7dc5628f44", 0xbf, 0xffffffffffffffff}], 0x2080010, &(0x7f0000001a40)=ANY=[@ANYBLOB='utf8,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c636865636b3d7374726963742c756e686964652c6f76657272696465726f636b7065726d2c736d61636b66736861743d73656375726974792e73656c696e7578002c6d61736b3d4d41595f455845432c646f6e745f6d6561737572652c6d6561737572652c0025a41d62b4a80671e9465a4244ca290c0ed8d67d3e66d67ee83f6e51b044ce702530ce4b160348df7425d47dfad16a1a8735d1d466c13b7ac05a2211875c441797e2f78385387857e6f6e3a1a5a08380ab0229e346cbf71248471bc824e02d504367443e8e8e81b130b09fcfdd86a4b85799bb960a4ad29e2718a8b89a3c30807d283e96a1ab19b00c9b95da8f8548f0f980e9f0e3aee74452b02d77fd0a2be19c393ea6"]) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000840)) signalfd(0xffffffffffffffff, &(0x7f0000000800)={[0x101]}, 0x8) dup2(0xffffffffffffffff, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/schedstat\x00', 0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r3 = geteuid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r5, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r4, r5) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000480), &(0x7f0000000740)=0xc) keyctl$chown(0x4, r2, r3, 0xee01) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache}, {@noextend}, {@noextend}], [{@dont_appraise}, {@smackfsdef={'smackfsdef', 0x3d, '\x13'}}, {@fowner_gt={'fowner>', r3}}, {@subj_role={'subj_role', 0x3d, '#\x05+]+{'}}, {@dont_hash}]}}) r6 = add_key$fscrypt_v1(&(0x7f0000000780), &(0x7f00000007c0)={'fscrypt:', @desc2}, &(0x7f0000001b80)={0x0, "e36c92904e9fe9e441c200bff2f43042c87bee914c1440231e7d86463d9005b2b760a4b938bf27e968f3738d103268b139d349b0935faf7d452f22d946c00a7e", 0x26}, 0x48, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x1e, r2, r2, r6, 0x1) 00:07:37 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = inotify_init1(0x80800) lseek(r2, 0x8, 0x4) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x34) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r3, 0x0, 0x6) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4004, 0xe, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000040)}, 0x40000, 0x4, 0x80000001, 0x7, 0x2470c83b, 0x9, 0x5, 0x0, 0x1f, 0x0, 0x4}, r3, 0x9, 0xffffffffffffffff, 0xb) lseek(r0, 0x10000, 0x0) [ 183.182445][T17125] loop5: detected capacity change from 0 to 264192 [ 183.184464][T17124] loop4: detected capacity change from 0 to 16383 [ 183.192103][T17126] loop3: detected capacity change from 0 to 264192 [ 183.216186][T17125] EXT4-fs (loop5): bad geometry: first data block 0 is beyond end of filesystem (0) [ 183.220787][T17126] FAULT_INJECTION: forcing a failure. [ 183.220787][T17126] name failslab, interval 1, probability 0, space 0, times 0 [ 183.238181][T17126] CPU: 0 PID: 17126 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 183.246947][T17126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 183.257032][T17126] Call Trace: [ 183.260307][T17126] dump_stack_lvl+0xd6/0x122 [ 183.264919][T17126] dump_stack+0x11/0x1b [ 183.269076][T17126] should_fail+0x23c/0x250 [ 183.273489][T17126] ? sidtab_sid2str_get+0x9c/0x130 [ 183.278632][T17126] __should_failslab+0x81/0x90 [ 183.283399][T17126] should_failslab+0x5/0x20 [ 183.287891][T17126] __kmalloc_track_caller+0x6d/0x350 [ 183.293176][T17126] kmemdup+0x21/0x50 [ 183.297076][T17126] sidtab_sid2str_get+0x9c/0x130 [ 183.302001][T17126] security_sid_to_context_core+0x1cb/0x2d0 [ 183.307884][T17126] security_sid_to_context_force+0x2f/0x40 [ 183.313748][T17126] selinux_inode_init_security+0x4e4/0x590 [ 183.319574][T17126] security_inode_init_security+0xe4/0x260 [ 183.325377][T17126] ? ext4_init_security+0x40/0x40 [ 183.330397][T17126] ext4_init_security+0x30/0x40 [ 183.335235][T17126] __ext4_new_inode+0x2a0a/0x2fd0 [ 183.340504][T17126] ext4_mkdir+0x28a/0x760 [ 183.344817][T17126] vfs_mkdir+0x2c3/0x3e0 [ 183.349091][T17126] do_mkdirat+0x12e/0x2c0 [ 183.353420][T17126] __x64_sys_mkdir+0x40/0x50 [ 183.358028][T17126] do_syscall_64+0x44/0xa0 [ 183.362432][T17126] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 183.368317][T17126] RIP: 0033:0x7fe6b5d0b9e7 [ 183.372801][T17126] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 183.392391][T17126] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 183.400835][T17126] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 183.408791][T17126] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 183.416743][T17126] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 183.424699][T17126] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 183.432708][T17126] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:37 executing program 2: open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) splice(r0, 0x0, r1, 0x0, 0x19408, 0x0) renameat2(r0, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x5) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x80000001) 00:07:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000960c00000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:37 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f0000000040), 0x8, 0x800) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000080)='rw\x00', 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=loose,dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB="b23721edbc13e5e2ff7206163410a229d94520ab875d4220e513ed9a7b43118a2f9d949c1282f5ecc3a7336230ee66842efba1209b2ba180260bc12530194dbb54d2e0988b9ac979575b4cbf438d93b4442caf3fcf9a5b2c059298e580fa8ff587b4ab7621aa52bb45c80088b76af124e0541a5fd54bb9fecef0c77a44caa9f0bc5791717118c45c48a09c"]) recvmmsg(0xffffffffffffffff, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) openat(r3, &(0x7f0000000040)='./file0\x00', 0x0, 0x18) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r3, 0x0) r4 = perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80204, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10, 0x72c}, 0x1400, 0x200000000002, 0x9, 0x8, 0x7fffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0}) r7 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r7, 0xd000943d, &(0x7f0000058c40)={0x1, [{0x0, r10}, {0x0, r10}, {r9, 0x0}, {r9}, {r9, r10}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {r9, r10}, {0x0, r10}, {0x0}, {0x0, r10}, {0x0, r10}, {0x0, 0x0}, {r9, r10}, {0x0, r10}, {0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, r10}, {r9, 0x0}, {0x0, r10}, {0x0, r10}, {r9, 0x0}, {0x0, r10}, {r8, 0x0}, {0x0, 0x0}, {r8}, {0x0}, {0x0}, {}, {r8, r10}, {r9, 0x0}, {0x0}, {0x0, r10}, {r9}, {0x0, 0x0}, {r8, r10}, {0x0, 0x0}, {0x0, r10}, {r9, 0x0}, {}, {0x0, r10}, {r9, 0x0}, {0x0, r10}, {r9}, {0x0, r10}, {0x0, 0x0}, {r8, r10}, {0x0}, {r8}, {0x0, 0x0}, {r9, 0x0}, {r8, 0x0}, {0x0}, {r9, r10}, {0x0, 0x0}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {r5, r10}, {0x0}, {0x0, r10}, {0x0, r10}, {r9}, {r8, 0x0}, {0x0}, {r8}, {0x0}, {}, {0x0, r10}, {0x0, 0x0}, {r9}, {r8}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, r10}, {r9, 0x0}, {}, {0x0, 0x0}, {0x0, r10}, {r8, 0x0}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {r8, r10}, {}, {}, {0x0, r10}, {0x0, 0x0}, {r8, 0x0}, {0x0, r10}, {0x0}, {r9, 0x0}, {r8, r10}, {0x0, r10}, {r8, 0x0}, {r9, r10}, {0x0, r10}, {0x0, r10}, {r6}, {0x0, 0x0}, {0x0, r10}, {0x0}, {r8, r10}, {0x0, r10}, {0x0, r10}, {r8, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r9, 0x0}, {0x0}, {0x0, 0x0}, {r8, 0x0}, {r9, r10}, {0x0}, {r8}, {r8, r10}, {0x0}, {}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {r9, r10}, {}, {}, {r8, r10}, {}, {r9, r10}, {r8, r10}, {r9, r10}, {0x0, r10}, {0x0, 0x0}, {r9, r10}, {r9}, {}, {r8, r10}, {r8}, {0x0, r10}, {r9, 0x0}, {r8, 0x0}, {0x0, r10}, {r9, r10}, {0x0, r10}, {0x0, r10}, {0x0, 0x0}, {0x0, r10}, {r9, 0x0}, {0x0, r10}, {r9, 0x0}, {r8, 0x0}, {}, {}, {0x0, 0x0}, {0x0, 0x0}, {r8, r10}, {r9, 0x0}, {0x0}, {0x0, r10}, {}, {r9}, {0x0, r10}, {0x0, 0x0}, {0x0, 0x0}, {r8}, {r8, 0x0}, {0x0, r10}, {r8, r10}, {r9, r10}, {0x0, r10}, {r8}, {}, {r8, 0x0}, {0x0, r10}, {r9}, {0x0, r10}, {r8, r10}, {0x0, 0x0}, {0x0, r10}, {0x0, 0x0}, {0x0, 0x0}, {0x0, r10}, {r9, 0x0}, {r8}, {0x0}, {r8, 0x0}, {r8, 0x0}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {r9, r10}, {0x0}, {0x0, 0x0}, {r9}, {r8, r10}, {0x0}, {0x0, r10}, {0x0, 0x0}, {0x0, 0x0}, {r8, 0x0}, {0x0, 0x0}, {r8, 0x0}, {r9, 0x0}, {0x0}, {r8, 0x0}, {0x0, 0x0}, {}, {0x0, 0x0}, {r9}, {0x0, r10}, {r8, 0x0}, {0x0, 0x0}, {r9, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, r10}, {}, {r8, r10}, {0x0}, {0x0, 0x0}, {0x0, r10}, {0x0, r10}, {}, {r9, r10}, {}, {0x0, r10}, {r8, 0x0}, {r9}, {r9, r10}, {r9, 0x0}, {r9, r10}, {r8, r10}, {}, {0x0, 0x0}, {r9, 0x0}, {r8, r10}, {0x0, r10}, {0x0, r10}, {0x0, 0x0}, {r9, 0x0}, {r9, 0x0}, {0x0, 0x0}, {}, {r9, 0x0}, {r9, 0x0}, {0x0}, {0x0}, {0x0, 0x0}, {0x0, r10}, {0x0, r10}], 0x1}) ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f0000000440)={{r5, 0x80000000, 0x3f, 0x1, 0x1ff, 0xfff, 0x101, 0xffff8001, 0x4, 0x183b, 0x0, 0x8, 0x4, 0xfffffffffffffff9, 0x1}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f0000001600)={0x8, [{r112, r141}, {r260, r116}, {r168, r247}, {r147, r265}, {r45, r63}, {r186, r59}, {r136}, {r84, r219}, {r279, r213}, {r190, r257}, {r174, r208}, {r107, r181}, {r95}, {r264, r72}, {r62, r238}, {r144, r96}, {0x0, r143}, {r163, r193}, {r166}, {r166, r273}, {r14}, {r248, r113}, {r125, r149}, {r172, r127}, {0x0, r164}, {r194, r48}, {r191, r16}, {r130, r289}, {0x0, r232}, {r38, r240}, {r288, r61}, {r230, r278}, {r101, r71}, {r109, r211}, {r137, r16}, {r74, r48}, {r293, r23}, {r298, r200}, {r165}, {r188, r224}, {r153, r56}, {r176, r296}, {r40, r261}, {r266, r214}, {r272, r105}, {r5}, {r117, r61}, {r60, r177}, {r60, r215}, {r35, r102}, {r139, r80}, {r272, r25}, {r17, r76}, {r203, r263}, {r267, r131}, {r259, r146}, {r148, r187}, {r284, r103}, {r239, r110}, {r85, r111}, {r262}, {0x0, r233}, {r52}, {r31, r138}, {r228, r152}, {r151, r75}, {r281}, {r221, r53}, {r255, r124}, {r93, r149}, {r259, r224}, {r9, r283}, {r269, r106}, {r298, r253}, {r272, r246}, {r207, r37}, {r142, r243}, {r223, r129}, {r92}, {0x0, r30}, {r184, r285}, {r95, r65}, {0x0, r268}, {r125, r27}, {r133, r80}, {r184, r23}, {0x0, r32}, {r217, r121}, {r264}, {r133}, {r17, r141}, {r266, r149}, {r155, r61}, {r133, r86}, {r77, r175}, {r133, r154}, {r150, r208}, {r186, r145}, {r277, r202}, {r132}, {r279, r236}, {r221, r297}, {r54}, {r101, r261}, {r68, r198}, {r21, r263}, {r223, r283}, {r212, r205}, {r244}, {r192, r246}, {r79, r249}, {r104}, {r239, r116}, {r226, r32}, {r55, r162}, {r9, r245}, {r24, r178}, {r104, r66}, {r122, r231}, {r43, r246}, {r159, r143}, {r182, r270}, {r29, r30}, {r22, r91}, {r115}, {0x0, r134}, {r241, r283}, {r13, r23}, {r85, r216}, {r188, r110}, {r199, r39}, {0x0, r240}, {r256, r185}, {r112, r82}, {0x0, r48}, {r112}, {r199}, {r256}, {r237, r69}, {r158, r173}, {}, {r47, r20}, {r33, r123}, {r12, r280}, {r169}, {r35, r63}, {r85, r274}, {0x0, r250}, {r218, r16}, {r28, r180}, {r271, r216}, {r49, r261}, {r35, r71}, {r252, r291}, {r120, r114}, {r58, r99}, {r14, r105}, {r212, r175}, {r206, r129}, {r54, r215}, {0x0, r295}, {r128, r220}, {r38, r211}, {r206, r295}, {r254, r251}, {r90}, {r126}, {r136, r87}, {0x0, r287}, {r133, r94}, {r90, r87}, {r19, r178}, {r6, r11}, {r197, r189}, {r286, r171}, {r137, r202}, {r36, r282}, {r139, r100}, {r5, r246}, {r17, r75}, {r93, r138}, {r73, r143}, {r292, r94}, {r52, r243}, {r60, r242}, {r36, r232}, {r155, r119}, {r104, r179}, {r225, r46}, {r62, r48}, {0x0, r209}, {r267, r75}, {r88, r156}, {r225, r129}, {r44}, {r89, r170}, {r225, r25}, {r160}, {0x0, r15}, {0x0, r78}, {r118, r66}, {r201, r57}, {r67, r108}, {r51}, {r14, r39}, {r101, r261}, {r290, r195}, {r38, r208}, {r190, r140}, {r83, r227}, {r112, r274}, {0x0, r187}, {r70, r196}, {}, {r97, r87}, {r258, r234}, {}, {r50, r189}, {0x0, r162}, {r258, r135}, {r275}, {0x0, r20}, {r166, r257}, {0x0, r105}, {r191}, {r167}, {r79, r222}, {r13, r276}, {0x0, r276}, {r254, r149}, {r294}, {0x0, r123}, {r210, r183}, {r298}, {r36, r204}, {r93, r26}, {0x0, r18}, {r235, r61}, {r92, r25}, {r157, r41}, {r17}, {r42, r149}, {r40, r98}, {r217, r61}, {r89, r57}, {0x0, r121}, {r81, r282}, {r68, r119}, {r120, r270}, {r122, r161}, {r64, r229}, {r126, r100}, {r174, r156}, {r279, r34}, {r62, r102}], 0x8, "b7020d2e185e5e"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000840)={{r6, 0xfffffffffffffff7, 0x3, 0x7fff, 0x0, 0x10001, 0xcd64, 0x3ff, 0x9, 0x80, 0xffffffff, 0xff, 0x9, 0xf5, 0x1}}) 00:07:37 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x19408, 0x0) ftruncate(r2, 0x5) r4 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@in={0x2, 0x0, @private}, &(0x7f0000000080)=0x80, 0x80800) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r4) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="00082dbd7000fddbdf2513000000fd251c8d026865a7052d1d4b2e89c858314cdf60b1ea9440db8112dac0af5b27b015446d687c774cdbf6eebd83a7871f9367b062345223b32a2472f9eb7768bb2f95914ba2681cb868c6cc4e7bec2f98df0ef52b79c7bca52ffb3bffeed3b35cd5d275a4180611db23c1d59f0a5bb46f55b75d9d745b74d472b6b37cad323834334924903918e355712a01ae45de8a9619161bd0d592362529c97a0c17f627be100befdd2ba3c5ed2a0470ec19d198a44e056ae787ee5298b2484c04920c2a6a000e5f35fc5a5106712781bed7af5231fa43bf1c46973aee21d6efed0668c14697e0cb212ab10cc11770ffc1887389c5747f917454a8a15dea29388c054ec3ba9ae4c62b0435d53821aa637a985e6755d05b6a91d263275994aa97e2b8adc4d7c70c784d5ac12e1b68fc1c2a27bf614a2bd427"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x4040040) sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)={0x11c, r5, 0x8, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x11c}, 0x1, 0x0, 0x0, 0x40000}, 0x20048054) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="8000df54206d090000", @ANYRES16=r5, @ANYBLOB="02002abd7000fcdbdf2513000000080001007063690011000200303030303a30303a31302e3000000000080003000300000008000b000900000006001100000800000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000200000008000b00090000000600110028000000"], 0x80}}, 0x4000804) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f0000000600)={0x10c, r5, 0x10, 0x70bd26, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8}, {0x6, 0x11, 0xdec}, {0x8, 0x15, 0x7fffffff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x3}, {0x6}, {0x7, 0x15, 0x3ff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x4}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x6}, {0x8, 0x15, 0xffffffff}}]}, 0x10c}, 0x1, 0x0, 0x0, 0x200200e0}, 0x20000004) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x180, r5, 0x100, 0x70bd29, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x2cc0}, {0x6, 0x11, 0x4}, {0x8, 0x15, 0x80000000}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x19}, {0x8, 0x15, 0x6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6}, {0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xfffffbff}, {0x6}, {0x8, 0x15, 0x9}}]}, 0x180}, 0x1, 0x0, 0x0, 0x80}, 0x4000) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, r5, 0x400, 0x70bd2d, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x80}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x880}, 0x20004084) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x18c, r5, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x62}, {0x6, 0x11, 0x20}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xf89}, {0x6, 0x11, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6, 0x11, 0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x10001}, {0x6, 0x11, 0x7}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7e}, {0x6, 0x11, 0x100}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x3a51}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x81}}]}, 0x18c}, 0x1, 0x0, 0x0, 0xc000}, 0x1) sendmsg$DEVLINK_CMD_SB_POOL_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="48010000", @ANYRES16=r5, @ANYBLOB="0000080001007063303030303a30303a31302e300000000008000b0000100000060011000800000008001300000000000500140000000000080001007063690011000200303030303a30303a31302e300000000008000b00020000000600110006000000080013000000000005001400010000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00080000000600110003000000080013000700000005001400000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000008100000005000000060011000300000008001300040000000500140001000000080001007063690011000200303030303a30303a31302e300000000008000b00000000000600110000080000080013000000008005001400000000000000000000000000000000002a72a09bb6dd1bcb7b49bce8b8fe69ae4c241fff1dae1eb53362de4704f02d7cb027e93cf624b727d4f9a8bbc4662e2eb9394657a9a9c0ab4839da1594772c2700d0c958206968c0b60d253e9d9beb"], 0x148}, 0x1, 0x0, 0x0, 0x4004}, 0x8000) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x108, r5, 0x1, 0x70bd28, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x200}, {0xc, 0x90, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x6}, {0xc, 0x90, 0x7}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x401}, {0xc, 0x90, 0x9739}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0xfff}, {0xc, 0x90, 0x7}}]}, 0x108}, 0x1, 0x0, 0x0, 0x10}, 0x20004092) 00:07:37 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040)=0x1, 0x4) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x0, &(0x7f00000000c0)={0x0, 0xfffffffffffffffc}) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x19408, 0x0) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000080), 0x4) mlockall(0x1) mlockall(0x5) 00:07:37 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 47) 00:07:37 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = open(0x0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="232120131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f20202d203a272d202a2d202025265b7d2054235c2720203a20255d980a6ec86928830748cf50249a46697b1bb7d76cc4a1b0b9e4f097f40334a255d0ba62dc6d2be4ca0db1e6b898f1aad2f04483371c62bd9fcb576f86a6e8587c2a20ac98df883b14f39204c31b10b44dbe63790448ee8bdc95d833759296e7abb42200f9740825613712d8594fb7234648cf6bc6ae05585aa50df0cb5cdfedc9821aea7af8affa1e56b9f53542bd801553b2fff1bf6dced5b4ec5c8acdab3d165331a1ce17bddb5de734ffbd5a736216f40ca7e3ffd0413a52727d209cdbadc6bee31b5cbfca470d33f92edf5d432151dd9632afc4ac00b560283089ba84f44299f0f4aecb2e549a363f765111d1f97285304d5f966fa21b8d6ec20c815836de03c9c6c23ad8aa59cf54f8b29362c5dae708e526355e0ec9ff38e0e839a36c078bda3587aacbda8f1b24d3f96af65e4b74887d81fa1fdaf6cab3ce5b3c9bcef9efdab236124749048842903ef2adb5af7185326049178fd14614ff8c6a45c2634b630d8c8b22d9dc55eaf3c955e8f57ba201e817251ff84b915c828f7f40474bd153aa39239cd79276fcc697803fd198cdc98ea6289d4f0401e509057754ad955d7f1c125331b190fc9996a482dc23db93a76fd134a03d5f7d503b36357bdefc27c30e27130b77bc19cc072550f88b0ca4b623ab8a6b73e56a0ee917b044175dd15d0843f3ca00f61be5b0a2857d914e5ae948ca58ebb8e2c5a3ac0ff2f5db75a0de91c9b097dc95a0e0f4b43255445c6e10b1d116f160483403a03a64b0b5fd32bacd75a24512394e321512487569f862210e7a31cd36e761110507d285e535ffc8e3af3e8489f2b4f8b862d014a2ec1589e998aa09d4c1f8bd7f80d68a174b80df4d9c89cd1ed8a196399ad3d4c0dd1a22cfd22e3bdbbecdecdff7fef83dc63505de554209e905fd78141a802913388f558bc79ce13ca3e9e6836c7fd8bcfcb87a626d2e64b2439606a924152ba16bf9d6846501df0e46692f0e293a6988d8fd93a1e3da5902747255a98aee59c227cc928abd2d6c661cc90a9763043ec20e268f301b5a848ac99f5f442cd5305a6b0fd04ec8b0c1a0b5e3786f7d4ec294e47ffcb760883448a017c4610682550cd08248c1909af2d22e071d01908fe01b0340896d709c5dff944262e3fe7d8502939465699222a2fb73617fbbd0963db702e956d0d9a986686c27d86216d9ccf86b654d28791fe0a0166176053aba07f2a5b6dc4c23705562a315f06f13e29c64ff53660683fa97961e11827f733d40db4cb850a97a9d08cbf6e2a0e649ee5c44b14eb286d9751c00b4b9cbd351b64e230312428b9d0ee6e6c4e57a25761a35872d82ebdaac84bd36f8579692136ad88eedce06620f87dbbc63305cf9641130e52ad9e6abc703d3a593d1f4e529cb36a4937a77ccae5905fedd198fa217a2d6d68fd7b43559b9aa898cafa864bb8083c5b7ea2ce3a2f961529c4e791cf159719d288ceecdec00c694c6f052fb9782615133939170d59c12aeecfb0e4351891becc0b96435f8dc0f4369a22c7a934295e3d3f09ca85d5c239916591121404d288b12eb312128c462682d0fd4e8550bb542994af616d911fb7540f7562b378fff6360b667ae6215d19e96a6b62ad4c3989a97b921dca8c90dd0e5502694c8e9a7383e6dc6cbdb47d3f02c07e7a8b9cfd392437a3162c55dfe0fb4ac712da466583b388cfcda36a6e2a7de8165fafc003281080dd0876479a295d88f913166e72ab6a9109ed8904b6299894f1054f75d4ef61a30b83cedd1ecd8a20be60f6552de6e34e8063e688f95a8e7c49dfc22f05fd38f0a392164bd6ced209258cc7ae722eebe8d6f92e58207a7bbcc5da2575be2499bbc2ed2a845033a061c9adde9f044881dc51d4e9d41022e78f7927147904b2a1250e97f8f7d66d9e2c8e6584fc39c00f3a43f64581ffcd87c8fc88e6f03e20d0a0ea391aa5d0d0280f271db6aaa1885c4e10c87b1cbe42a7c5ef8e6bb17ab02a3ea23d84abf1465e0f98ab4a759c52b2efc23b3ff4bc58132640bf62a05a0a921953d9f7461b03f17056afd8185c73ff791a2ab82a5fd15712bb2ace8ab58fef115d9204b8b0985bdcef178dc986531d56f135482fb10c0a65a0f056ea6c3776ef9ba18769917597b2a35594254a20044cdb791b109d1a0916edf37c6b375e1817674a34d4e765a8d61e9131758788c557be5e5a621f36545b6256b3752760fbdc4f07e19c03f6ad818c5c2b387400d238267f5d57beb970bfb01c3a81f95d8039591cba7a23fdf480899aa141d67db01c68642393906f3888a2da2d8d38954eb1f87e25eba719827f6abbae8e1a00a99f9dc8f9270f1d4f3d3ee085dccfc4b195552e123c379d0258ba14a70d7046bbb071f1bb45a027d080c731ef73d3d991bcba5810f22e4dcda43864c445291b39553b66664d6c9dd4febedbf0936c76089eea77bbc7d1a3d0cc757e93ce70fb9b458c33b361d29a02c73f9c53c7432fcebf64bbc1d8fccf611cceed7ee16de01e434c495604989446063d2ee2816e6e67a76307ceeb019864d039b839e1eeeae6e7d51aa4930f654dcf35be51449da809a2603495f49b7ccf5d6e78b536208201f5c9d81ca7c59c8bae86cbd20027d5b3ddbbe54c6c2548ea2f20a6616878ec9c109d3fa5b3d4b26a3e504bc9b73f1f6e53be8ea00a6262686e057a78afac147e15ab26d6466612c6584980216ca2a3cc6c8cb84d595aaf8f08db0d8f9a254191036a3ef2226f2f2c7b8fde8dabc0116bba587ae981b33e446ef65c3e2943d303d5b2ffda00cfa616ba2d2f64f265f9bc138e461c372d94ad0c0c7586a22bb8b4295755946a1a8979b05ae1201e7eab3a4d7300efa4a830a99b728a11f029f60f90ea94b07e211fe5a1dc318dd8fbf009621d439f61089a149cb615374f055de771c21b221ebc58ab2ffb0832ef61de0c4479e9d3653b5b323cd6b387e797baff0ad7a864570095e2604dc563117d97619d974141ae1d5d5f3f042ae11c202c228f46c6f5e9863e6fc8129d01a8c690f4035ac2149d197d9888df81c1413004672cb218e0bf40b6bddab4c8ef9010a7f0cd2d9cb2da3d13a442a474c8956d74dbe2ebea0ffc12cb6f3f15159f78e7b58afa2024b9262063afa61631206419703dd42e8c1e89f0ebc6f73923d966be82850c53d8eb711a52157165cbbd7f031f9959dc876d1b547cc1dbec82424666dd5e19477991dc071cd233d4f1ee90553a6bbc3f3e568fcc88b170dd51fde5c9bbb2c9e90b96decbeeb42e169076b6e4254534d883910c0eed88d378b6b8a3c50dfcc1f97de303c29d25109e9ed6b3db0d1388783d4ba5ff3e2271c93a7acb07666a63b6a971611661a2b14dccb6c1018bdabde6fd45ea3263639c5df6bc4f8a87d3959715b1f771fb0ea9704c7ef093ad78c91e0f6513f2673cce4730c65ee949a6c751481d7c3c00042c5379ff001212adbaa53a448876c8b22b1e7674f07b215297d828462544fcfa8fd5867e086573c61839c5e88de89a920ff1dfe86f7387d3fc52ce9670ec6949cc61a1d3858b3ca820232a2f4193e0aa6f0187286012df8c260229e0c7cad375acd96c1c779807e0c848499c00fb2398620262adaea1c0f4b42728c009be10f7b7cd0b7b31b8cd9165b9c30c5684d298d15d7b92eca0a048d38ae4bace90abe99548ff58d45c792754278de80d8d4c5d7ff1cebd555f154a969957d1f3d6a8c994fbeb2aa4c116f755086717a270fc137ee2db95a2c10afdf801865e5e7446f029a19535b1ad620995b0b9347e501d2b09a1b33be0ce9ff1f2b2e164a07f24a41381cf186e09e8448e7fb59f1e121e6051f1c68b6c9783b0450be6d851d5c5f7c655ff92a52cadab600a758c105206051d2cd73f3499597720ea4e5301fb71137181b3212863eaa48605438dd737aa440e855141f43d8bf9c5cce6046c5538334ee3da2c95e4fec268001225f3833a029ab278e4f42d12f200ed017fcc64aac9be9322c6c72edf95134045b2b0f5850820eba67229b44dd9e54ea53426b8aa540ead0aeaa60c49fa255ae7f01f3b6287d6179b45bfa1ba927ecdc959ef2a6f702271e05f128fbac189c4efd7ae8c981996f6f9c0f45073d0e0509f45e391252a2a1f698289d8164fc67ba2826d3c0d1a68d05a38facfaa33f313a3ccf70b753dc9a8786716fdd2286a2ffe8763de91a67d4e0c8a2fd4644c0b27e116b57fc4cfbe1ea8979cf87241a73251c11ac5496255bd024f1d2cf03337bf20c583d7625e3569abd7c2e2122295305f524569384f5aa258020a621ab1f5de22cfb9e74bc6977884516406db36aef0016e7b25176341c558daa7b737969a9056376ae08db9e82130714a77f33b2bd6d58f585706aacb9e8b824a4ef2cbf7e1d6c69f2a4f4179d2cf2bfd665c7dfd1f6de6d80753096585d57b0d7588600c5f3bafcae2b11f61423402ddb78272eab869ca5502b2c182852f8f00e3847ef8b294f995bf744fe6a2623b89c1f1e99aa35cf5cab639f677a5b246332a20e9cabb3661231925926368292e9573f6fe5b70fba15a4368f53f8865cdc62c3878b1c201e26e0ca836a25878a14b36dbc944724f9387b19343a289b45b5897e66a432d90a04561b56303eae2c3fc8f3685f3f0e39f25a0f27bfff8959c9662d414d57694ffd17a0d4bc119cac61bf2b69921bb7d40e1d8579db86e03f0f8f7c7204285d86344412cddb931580df74567e0f568a2329b1fb59ae6cf50651aa3ff24257a29d78ad96a783c7ebfa3f634e388d13b6fbdfe496e4dd6cb24b3698950223ad313ca4c003aa1ed3fb26b500c37f0701e752f32f4f54bc1da27383ff0b9936fec28263f0fdc7164a55be6ade078a7bf3e6555ef2ac7953b8d249bffc79be7383fe783be651a38a3729058527d245644b2bb45ac9590fbb9febdd8d0400665cc24dadacbb9c38b671fe7885d70edc24da1a9a07ef6264f3d9c196d01cf17bc19e3c82324acdbbd631c0c3e337ee7bce5e5affddc428c2e335e13ed8396b3299997bdeaaa9aeebc24786fac8a788b3e34c40e08de73107a99cda3ea9a803ec1c112d222b0b69805bc60f590e96b396e529456f3288da3728acb80753ae788af90162e360a0d6dfaf4929723472cc6846484dc7f30b318c52a9480ca1600e6e967040b29953a0005c66b2c88ba34b00f223c319eff53737c77460a5a229792d280c655e01fb0beed7d024b71a0332be56a356b808d45ba980fe037a625a0bc608995f504702e6c3177fab911f25c3588f69626cf8b017e7fce78fd9dcddaed20a5705276385da4f23dedf18b9062b2e11e35ff3fed8e8b461086aee86be1efd674d2ab4f6fe3460ce19fc7a32ef3b8b26f76e982e95ea3436315624f585458b2681c56d30701d4ef966c8cb9618a951e9a9539083e03801e449a4625d8b2e14d0036b66c0576a9b2d3026eff216649833400a659e453fa4a8f60bc5e38dfd57c8be3449c54edf0b76d7d9f8d04617d7ca083a543e6fc896de39a2f3d862b319c0af974adf94e0ed9eee55a9cbcccaa18a4e444ecf1ecd7c863ca5c157081550284faaf85e01c313cbddf4401af9a78883b32f8e0ffc54b95bccd675615af57515f940ce659f7bdf706cf843ddb19399dabe943f34dee7c430c9cae129b527e606c1a6072cfc5b36baf70d44daa05db6d3f1aaf956b3da976cc6526218c59f612dd466c2e3fc9ffeffb6c6d5cd8d4899f14ea288a6a2788719a063bb76abadae0f246fa97f7f39746c5f36db4cc8caa9d652361f36897fd9ede44455cf977e06133756"], 0x106d) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) [ 183.824017][T17168] loop5: detected capacity change from 0 to 264192 [ 183.824509][T17166] loop3: detected capacity change from 0 to 264192 [ 183.861885][T17168] EXT4-fs (loop5): inodes count not valid: 2516582432 vs 32 [ 183.863649][T17166] FAULT_INJECTION: forcing a failure. [ 183.863649][T17166] name failslab, interval 1, probability 0, space 0, times 0 [ 183.882002][T17166] CPU: 0 PID: 17166 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 183.890760][T17166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 183.900812][T17166] Call Trace: [ 183.904199][T17166] dump_stack_lvl+0xd6/0x122 [ 183.908794][T17166] dump_stack+0x11/0x1b [ 183.913019][T17166] should_fail+0x23c/0x250 [ 183.917433][T17166] ? kcalloc+0x32/0x50 [ 183.921671][T17166] __should_failslab+0x81/0x90 [ 183.926450][T17166] should_failslab+0x5/0x20 [ 183.931036][T17166] __kmalloc+0x6f/0x350 [ 183.935191][T17166] ? __crc32c_le_base+0x250/0x350 [ 183.940361][T17166] kcalloc+0x32/0x50 [ 183.944250][T17166] ext4_find_extent+0x21c/0x7f0 [ 183.949089][T17166] ext4_ext_map_blocks+0x115/0x1ff0 [ 183.954286][T17166] ? ext4_inode_csum+0x410/0x490 [ 183.959273][T17166] ? ext4_es_lookup_extent+0x206/0x490 [ 183.964893][T17166] ext4_map_blocks+0x1cf/0xf00 [ 183.969720][T17166] ext4_getblk+0xc6/0x3e0 [ 183.974036][T17166] ext4_bread+0x28/0x100 [ 183.978264][T17166] ext4_append+0xd1/0x1c0 [ 183.982592][T17166] ext4_init_new_dir+0x177/0x500 [ 183.987543][T17166] ext4_mkdir+0x329/0x760 [ 183.991856][T17166] vfs_mkdir+0x2c3/0x3e0 [ 183.996161][T17166] do_mkdirat+0x12e/0x2c0 [ 184.000531][T17166] __x64_sys_mkdir+0x40/0x50 [ 184.005157][T17166] do_syscall_64+0x44/0xa0 [ 184.009603][T17166] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 184.015589][T17166] RIP: 0033:0x7fe6b5d0b9e7 [ 184.020025][T17166] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 184.039798][T17166] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 184.048220][T17166] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 184.056178][T17166] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 184.064211][T17166] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff 00:07:38 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x4001100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000040), 0xffffffff, 0x0) clone(0x54001000, &(0x7f0000000640)="b1bffa3fb2eb72a06e911d236b51d59ae992d38e44567e30a5d552f84ec89737c9f0bbdd6595bd814161bc3e9766156928ae5db0b1ae41a9cc00111a9d809f4c14fa1b68abec75129bbeaedcccae8599d9eac8f4726434d42f7a89dd0722093826527aaec4f49bc9c32fce28abf29a3e8f2e6e96e1382ec9ef0936458d117bea0d5399f3", &(0x7f0000000540), &(0x7f0000000700), &(0x7f0000000740)="b565ebfdff8d86b95ac703cadf902264d8d3710b99be2f6e1224a08d318f6b5e61a6aaeeb86de568e47c841f81d0b070ec6ca1f7acbf31ba9334c0a81e239d427e91316babf62d30decb90b73a30a7d9") r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000007c0), 0x200980, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000980)={0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000000b80)={0x0, r4, "713e2791c69d9073807f8aaa2326b4c8a35c947a30d36c68ea96b687e6642c1094fbc93af89db495c4900e15799f4f5c310ae0a4a5ac904a6bdb2da5de579ca1e1655c9dfe875191fed14278d4fe7d06e5ff83bd65c129ff670d7a110f471c7da431d0bf2152bae296b5be746523d9cf09f4819ff0a64f5ab0895e96919e319f75250a2bae339b47a474683307dad632d3abdb71ae83dae45800f6b8f2841c703e47a6b7081a9c5e28ec75a8818fdb2e35e9a15937b149d257f9683647af133b5113badd7ab51dc789a9c65d24d60d83f97d884e7f6c5b7dfdbe9a9a2d9de2d524a3c860446197ca39691c42a776cdb7f58c9ae0d5a0af2de39c757764f326ed", "64bc1b8d6d88d83caef057c125a5aa684e885183f715b22f3f910bc64ea51057b54235cf79efa8fe3f58ed248c1e1c927919f67eb931ba92130aa5fe0d62ce8a35475cd2abf0fda48e98ee8c4c454658fa039f8303473bf86a834435823f6a0d2a601207730579a4a1613cfde178b01a9f788d641b547a568d2c77dfef6fbee8683f15b47c41fd5963b57cd18722c13dc9544ac9fa0b9587ff1cbb8ab6509c05eca1f665157c18e8ef9134e8b1537df5ff3dffc5eb3fc3c1df3c2aca9855d4cf382b14fcb1a84836fb6641d6ff38c5fd7c77d23ae7449193b4c3022613ee80f7b88d4a967a23f99d6e990063ffd55562089e19c0302f70c7715d93438c859b1a45cb48732b29293619d90d0e7924104b7b9e724dfa74dfd7c6a08cc632aa1c1dc97bf8f5710be0822d918033b05c96586cab4cf03e75d0eac90a7bcaf5fb41b84b91c49b3b54d5036f12c0512652176e6d08edc43ae3d91f18985e0afd8a6cd81f9794130483d1e61b91380cd8ded4e53dfdcc7bf209bc008b068e4d92dc42ea123c2d2229ab6390cf2c7cd410fa50628d14cf601f576ea337ba521eb3ed7f5e3b50a6dcc7cc4d0e5cfd99c270b6d35a6badcaf5cd23f729f837aeb28de3233c1651f8e15ca0fd37270216fad48dd774bfde7a6eac3b07dec89997e04b2443f0abb01219de5bacc59b8f9934fabec9f2a63c672eef7a1ab290f3b571a1477c0d6a233a77e91da419490038c2797627f451f7141acb2492607ec8ed48608cdfeec631bc3ad6a43b3dfc9cae0fc0b0326a9d36d775f22fa67bb0cb7456575424f69cce421729a792139140d833bf8295228eeb41f27fd7ca4d676338ae45e4d77c2b88965b4c12208710705983b0a8f3bb60701b8c28b7b21077275887b2e836892873cd466a9b08fb59782b1a6bae6fbb0408bbe654e43e769b742b8937df8585a9eae67b501dfbfd3b26479f63fa467961dbd4aa2303c4b891a0321b01dac4feba7db53efb46c8998b3535902a3dfec2b5a3b51336d6f68a649ee2056992763fb4d493f6afa9946b94456b1f030d620d45f5790c2474e3abe1561a4f8496c4b5939ca17dab07630a44c5db67c41e3d7b4b6ae925b6acdf835574cad1184d455f1f66f3c6c3135b8dc6c09eec80258a5b65986ba37e6838ef00fec2c1fe41a7ebf7e7cc5199eccd1414b12e732cadb62d94b58e72469a6f0371258465b95b9cdbedd65f6c1ba80ee3267471b1d2552f531a9ed590cf2ceae6289c368c2eccc5bd3658658c970939e0a2f85b09e34840a33575630bbc3b85d205d5422016ad67bb4dc8a4f63b2ae7ad885bc651db4e4ef28e97af205f2a3d14959931442ad0d26511f6efd92df5e9df4acaad0afad5c001fc87f8a848b747549f1982c76c6c2711ffe2c6debf9966c6b7e072f300baf404548434b34e1e4ccc26e7631f0d836b9d5decd241d972823fa97b188a0658f12f635e926ea0a3305b41f277694be75b53cc434c45c6b4e406866b6e9e5fefc1043e9ad5a001caf224275ea1ea10c416360c78b14aff2b2ed37f9933bc80c8334e275e16bbccb39e5e07ca22cfbba8bb2151cf2d778febb3b803a9e7fddbe14feed301f12a91ad098cac13bcd23eb144f684d7d8ac350a6ae782d6acf73c613762f30dce58bc3d85eaab164eb25d083fdd71778c8db24e4e1612de0902a3abcff5a78eba23ce05774e10c10a0b36b3cb7a7b25f2fc337fb24d84ef1de1ec1e8b32d62c821790df066107a2515ff3315fe875c9ce624450b2a0ccca34ee76dc282c1abac91bc2fd10013be269a9d385409eee3bff85d04a1b88f26d87c71a53fdcd793296f5449d2b14e0dc971a65ca56acad199c8db5693cbb917682a2a649aa10f78157821cbd3e48a56871d731d52f75d8d191854a95368669927da4f772d15c2c8585d5bee3d6102999e9b853457ec7ebc9dcc2c330bde223e331e6eef823068b3af5e4246e6e092dce7b004b20416f55c6c8b53eed3bd04c4b003df8c90daa8ef07a57146dfa6ae64598aa38e44d2e4ac05f68458a52999bd98a7b601336d49300ead3282251bf3c9643c25d3f87bdcc07fbd6ccdde99ec38272dd616606e51851b6c2291e65dae9bb7b4caeb2dcc28b3cb91921cac0a85962ac35a833d4945dd9d48a9ec922b8750feb4a9bdd9776f4beb10445a9ab985d013445f82178ce369e5c5eaf0d5eb12223b1b298ecb90ec3680bc4eb2e7d75df8de792f025cc5333a5c2e445fcbddbd5133eef0fce5aa9f2bd60161c8284f628185c729226d984f90d84dfa397625c6ecdb28a2762102f48fec65e484022808b4223f0104475e2257d387d65f38bffd59b4c7cce494cf04ad780bc980875f5759b6cdaf00c24800a2a67c9803011622eed3510020eff19223f3a7a8243407904190118736b32748d617c2b1be4e85964bda945231b3587a4c17879bedcda556924941ea4ad2e5abebd318c83d66a96b27f55b18fa55c8bbcf1fdebcc9305e8b196b2b7aee615cfcf5a957657a6b46bbea815093de711460cea6687d9ede035977e128ef66ad23f04aee27f0abdf8bc59670c6af8c39bf3f4299b90dd625ae3a040059ed1231f8f3b457f9ba4f190841830eddac44f0d411c02080634f89d8aa60a01b4cc38fa7464bcd823142c84c0d892c22ff7d2c4c8bff992552abf1f54c9f594ccde25308961dff40bfb7355025c235d88ba67f022fbc10bede6a1af1d76583ef3c678594371a15a9c7ad7511a5ee7739eaf1f82fc519bafb15fb6b67bf4ab922c83d36b2b9fa715f85d59536a13eed1555df1321e3d69233f5bd9c70c3d96a4973e4722c1c299a59ce82de60723e524df3ee51d83218772707abea6b7e1b2bd4d7b9c50ea7b37481258c7feeb2d4940eb9cfb145f902fc2da00a9404f454824751d73bba446f6bd8fa92aac1ccbda4170ce7e279f46ff84af5df45bbb3fcc456dd0ffa9b344aaebc4ae433d449f1c8cb350ade6abcbf55ea1666499eae6c466950e98e46b1bf08ca6d057b1139a91559d9264aeee3315c11ecdc0c4e1c10cd7ba506fa0fb661c574263897142777ba72cb99733f3f16da3df3a78e9349043b64dae87ba24c8bea651eaa47d8531b4484dc220214c01d2b8761fffcd7a32ba5a05c489a47c09d67b5348c1122548a736ba8f9302b32966065e397fdadfad37dee299d2d3589c75e78833e7d99da88a1372e08a376d9842563ea55e225ba390bf14ec626627ae8850f2a08c21d4a416c3bf5b7ab6722ab6b1cb55994102052f62b456ce70a2c10c5addbfe903a40cef8e489152fb5f65be707b6b8480164060f9e51dfcd9e65c788c0885c78a0e3b947ed4132d8b66a54195b758b42beeda52d43b99667cb605606bb5471ad05893fbcea37c1fdff05581776693b18c4892ac204b0765a3b39d1695cbdbc57d1e49ce77d07eec63942402ac35a4bd6d12827c1a7850d8266f38710947d0cafd02657d1d7a9dbcc8d626d0c5da49882e238f32691485bc958608daf5cda2a3bfa50df4e952d7895163759c2ca5136815dc1adc7314dfbf1d64931e7101d18e8236020ac098498af4cf19a763cd29e3044ff5e67dd9ea39cea90ef3dfd116f6788043162e6f346f5fb7c35e3ab0a95707157f37434693c6a6561a40ae0f25a80354f0d684bfa589edad0ce44cb6b786f5403ab186cd8fb413bdf90b5a59a8518ca4fb643f37cb3b80fb6ecfe807c72b7e6cc0f9e1f9716318069eed54ee7e56a059381b3d7036aec60de5c73b6c5f876915a1b771eb1738c325e71211219140cd5823d31ceeca2f04e9b222c5f3c03681bcea8e3c48d028a0a73f0fc65b79e1020c2e0f306b253684f26497136fab6ab4e3c6cb122b138127e4c7b3779632fa9bc8b5e5d0fb7833abc89cc9f8c38e678580b2e5af39c17884b880cdde8f2f85aa8d57c2092cab13b20fd136fdac7abac21379b8576e1f03aebd8ebff84e72a76935043d333ffa0c86cf7cc769fed0e370ab3a9d1bf2f8d8eb698e3eb28271bb7c4fbdb6f2d2da957ad0bc209ee88eff88b08bceb81e9278e18923f36c809e90239dca4d236757c721acff504a00b7caad2f34bb792b9a31632f83bec28893e800238283b93d7427d642bd50b9a987bf58a5899acf943fa751871940a5fb55622c76042fff033d129829e3578e7ca511570eb81cb93aeba31660623f2b4aba4b45bd5169624f755b8f45e9d5c71e0fa5cfdd5f024ac9d1a2ec8953d04d5a897bc248df946f8f4bf2727d653f190b47bf422d75d530d7601ce649de3295d3890b85ce4f29b52e26250da8ba2c03824d9c972d09713b5a05d283eb81da7ece7777bc27909733f42ae8dad58d539a42d6a0caf9686d51b9fc8f928ea971950ca18f897d9f23eff27b4a3b6105bae4c6ea8797962c30cad192f7f90dee2e22707611368bba4b6702a88648fb3187c19663a3df198448270da02671309fdf2160f6304bf045632aad9bf9e9268ebd6f6bdf9bfe805ac6ca4c041a7df1836b5fde528a14497c0d59751e2c555d6b66f65c814ba267278bfc8fb750d092353eb036cd31b55273f75385766c9e84304a47f37638b705b63362d4b28d622d323ec34675affe08f99c72817897b0d1508f3dace2f39164ff518086c80f175a907760ab4c1417650192c3fb076405996ca425560a0ac8705d8b728556c6cd4cb881877d644fa8c53c39dc619089c5e88294492a382c5b83f3a3c3467652cca28905e9cd3c716980de3868caeda8582e58a235237326103c624f5db16b0002bc2fe34a134b9514ef59365d76e54507ca44ebda9d2a3924af4411ba87055744d6bb2ad5333dccd9e357b788211a27f6edf708ddf14367db858e60562385866278644040e0265ceabb364c99a5e17fea3a122154eedddb3ba018352bebee00b57851d8e694eda5e96db54bf25456d8fdd0e27f3e68017b60ea0dec23edb7d99b2243f2d3dadb765b3a897070d6fc89d01f7eece74a06cd5587a2c831b129c91ec911f58a920e0f6a9693fe55bd996038fbb11ef306bca323cf82baccaf9e1ec568d997efdfa14fc819d9c0dae7e0e60bb6217f9f9722342d08c78703ae047d1318b8d0efd3a5fb743b1862330e38e9d032e1a311318c7f9edf550f10c9e6d4f13761ed75be2ff9f55f66187d83d778a9bde8336697afe2c21e6194906348683088a5c2ba5114e761b5477706e570e02cd12a556cabd408c54151a97185b1acb5a05f8d147e80cde47ba97e53d26ec1e8683348062a68bef317ec001e2b9ddb8dd9683491cbff1366f5ec7f37d47236fce700126f4a38ccbf6db6dc58937bc7089caf04df35984c6ca64d389abfe7a0ff29e0b25db375daf6b60054bc75f17a7a538bddca3ad51a16d195fc3e4fdd7e278a3008520cddb1769121908e0c0e69f36e"}) ioctl$SG_IO(r2, 0x2285, &(0x7f00000005c0)={0x53, 0xffffffffffffffff, 0x55, 0x2, @scatter={0x3, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)=""/223, 0xdf}, {&(0x7f0000000080)=""/148, 0x94}, {&(0x7f0000000280)=""/219, 0xdb}]}, &(0x7f00000003c0)="b7e778e052c31b64ffe0d5eafc54247f01304f1946954812df062244c457d362f3854b0166f6ae44a0579cb093b3ab068c9729fe95e82075688fb525bc6d4e4df62cfccc45c098635f14d3e8c74c25356b40bba15d", &(0x7f0000000440)=""/67, 0x9, 0x0, 0xffffffffffffffff, &(0x7f0000000500)}) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r5, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5387, &(0x7f00000008c0)) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="7472566e733d666442ff7f646e6f1d8d003d", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=loose,dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB=',noextend,\x00']) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, 0xffffffffffffffff, 0x8332000) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000840), 0x80000, 0x0) write$P9_RVERSION(r6, &(0x7f0000000880)=ANY=[@ANYBLOB="1500000065ffff09b41be618cdd4a6430000000000"], 0x15) 00:07:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000003a00000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 184.072176][T17166] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 184.080193][T17166] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:38 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x2) sendmmsg$inet6(r0, &(0x7f0000002e80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000000680)={0xa, 0x0, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="2400000000000000290000003200000000000000000000000000ffffac1414bb169766008f2531109c8a89792cff51cfb9e7b2b7707059389f28429696b4580a9efb796ebedca23839ecbf84e448ee9284a18ae6968f2fe6db040284", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x28}}], 0x2, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = syz_open_dev$usbmon(&(0x7f0000000040), 0x2, 0xa00) ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000140)={0x2, 0x0, [0x6, 0x8, 0x9, 0x9c00000000000], &(0x7f0000000100)}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x80000001) [ 184.170539][T17198] loop5: detected capacity change from 0 to 264192 00:07:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000003b00000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 184.215951][T17198] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 184.245257][T17166] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:38 executing program 1: r0 = open(&(0x7f0000000080)='./file0\x00', 0x1cd942, 0xd436454ff0ba14fa) r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) accept4$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14, 0x80000) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x19408, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r7 = socket$inet_udp(0x2, 0x2, 0x0) close(r7) splice(r6, 0x0, r7, 0x0, 0x19408, 0x0) socket$netlink(0x10, 0x3, 0x8) dup2(r2, r4) sendfile(r1, r3, 0x0, 0x6) 00:07:38 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) symlinkat(&(0x7f0000000040)='./file0\x00', r2, &(0x7f0000000080)='./file0\x00') sendfile(r0, r1, 0x0, 0x80000001) 00:07:38 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 48) [ 184.364661][T17221] loop5: detected capacity change from 0 to 264192 [ 184.384376][T17227] loop3: detected capacity change from 0 to 264192 [ 184.407115][T17227] FAULT_INJECTION: forcing a failure. [ 184.407115][T17227] name failslab, interval 1, probability 0, space 0, times 0 [ 184.419796][T17227] CPU: 1 PID: 17227 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 184.422002][T17221] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 184.428559][T17227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 184.428572][T17227] Call Trace: [ 184.428578][T17227] dump_stack_lvl+0xd6/0x122 [ 184.456867][T17227] dump_stack+0x11/0x1b [ 184.461026][T17227] should_fail+0x23c/0x250 [ 184.465438][T17227] ? __es_insert_extent+0x51f/0xe70 [ 184.470635][T17227] __should_failslab+0x81/0x90 [ 184.475409][T17227] should_failslab+0x5/0x20 [ 184.479978][T17227] kmem_cache_alloc+0x4f/0x300 [ 184.484783][T17227] ? __getblk_gfp+0x3f/0x590 [ 184.489377][T17227] __es_insert_extent+0x51f/0xe70 [ 184.494449][T17227] ext4_es_insert_extent+0x1cb/0x1950 [ 184.499820][T17227] ext4_ext_map_blocks+0x100a/0x1ff0 [ 184.505102][T17227] ext4_map_blocks+0x1cf/0xf00 [ 184.509875][T17227] ext4_getblk+0xc6/0x3e0 00:07:38 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x3) [ 184.514268][T17227] ext4_bread+0x28/0x100 [ 184.518555][T17227] ext4_append+0xd1/0x1c0 [ 184.522881][T17227] ext4_init_new_dir+0x177/0x500 [ 184.527865][T17227] ext4_mkdir+0x329/0x760 [ 184.532186][T17227] vfs_mkdir+0x2c3/0x3e0 [ 184.536497][T17227] do_mkdirat+0x12e/0x2c0 [ 184.540830][T17227] __x64_sys_mkdir+0x40/0x50 [ 184.545421][T17227] do_syscall_64+0x44/0xa0 [ 184.549890][T17227] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 184.555839][T17227] RIP: 0033:0x7fe6b5d0b9e7 [ 184.560243][T17227] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 184.579863][T17227] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 184.588349][T17227] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 184.596314][T17227] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 184.604273][T17227] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 184.612298][T17227] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 184.620307][T17227] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 184.637305][T17227] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:38 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 49) [ 184.674542][T17221] loop5: detected capacity change from 0 to 264192 [ 184.698898][T17221] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 184.705928][T17247] loop3: detected capacity change from 0 to 264192 [ 184.719158][T17247] FAULT_INJECTION: forcing a failure. [ 184.719158][T17247] name failslab, interval 1, probability 0, space 0, times 0 [ 184.732107][T17247] CPU: 1 PID: 17247 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 184.740862][T17247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 184.750908][T17247] Call Trace: [ 184.754202][T17247] dump_stack_lvl+0xd6/0x122 [ 184.758794][T17247] dump_stack+0x11/0x1b [ 184.763010][T17247] should_fail+0x23c/0x250 [ 184.767520][T17247] ? kcalloc+0x32/0x50 [ 184.771601][T17247] __should_failslab+0x81/0x90 [ 184.776359][T17247] should_failslab+0x5/0x20 [ 184.780846][T17247] __kmalloc+0x6f/0x350 [ 184.784985][T17247] kcalloc+0x32/0x50 [ 184.788894][T17247] ext4_find_extent+0x21c/0x7f0 [ 184.793738][T17247] ? kfree+0xf8/0x1d0 [ 184.797699][T17247] ext4_ext_map_blocks+0x115/0x1ff0 [ 184.802958][T17247] ext4_map_blocks+0x71e/0xf00 [ 184.807708][T17247] ext4_getblk+0xc6/0x3e0 [ 184.812049][T17247] ext4_bread+0x28/0x100 [ 184.816284][T17247] ext4_append+0xd1/0x1c0 [ 184.820597][T17247] ext4_init_new_dir+0x177/0x500 [ 184.825517][T17247] ext4_mkdir+0x329/0x760 [ 184.829881][T17247] vfs_mkdir+0x2c3/0x3e0 [ 184.834126][T17247] do_mkdirat+0x12e/0x2c0 [ 184.838460][T17247] __x64_sys_mkdir+0x40/0x50 [ 184.843036][T17247] do_syscall_64+0x44/0xa0 [ 184.847443][T17247] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 184.853368][T17247] RIP: 0033:0x7fe6b5d0b9e7 00:07:38 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 50) [ 184.857829][T17247] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 184.877469][T17247] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 184.885885][T17247] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 184.893840][T17247] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 184.901801][T17247] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 184.909757][T17247] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 184.917712][T17247] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000003e00000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:38 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noextend}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) clone(0x8002080, &(0x7f0000000240)="922adc30cce29ca9deefd6eb3245647e615932888be131cdf372e256835c574bf47f9d490a016973675a3ec8a937f35447f5ca65e5cf91124313c5bf7eba565ae7e1de08d2ff13606f875bebfa9e002609830bc292eef2ac83b78c1af56507706459", &(0x7f0000000100), &(0x7f00000002c0), &(0x7f0000000300)="1ddfb38b835a321f403cfbb752e1819bf06f60478b07377c2e664ab2140b34829b0fe1ddaec06ca12c4b947f94e7a465da0b210e8b781e5888360d7d8119b5dc5201bf95c4af1f6f11148eb90b76f081ef7b795a76cae02eb24cad704bfc430277822e22c5967a82b51cc107aacbbc7b06a6ae3e955a624c7af78ad160d50c7134d60835a760aceea8e9dacdae63a4a83eaa3c1daaab971ce04099463a7140d32a9433ac33040a9198ed6ff51705e6f96e3edb2d26c9b06deeae69ab") clone(0x40100c00, &(0x7f0000000040)="f4e5c51447213c26a43a097c45b44f63a7f57cd1c6375f738d98e9fb1e4f4360a9424e5d46a3e5a071190a182eec6e5ddb86437fc9f86952ead89ed44aa4", &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000180)="cae658a7ff573df621ed0d50b31cefecf27d706b54580bbd7c373d82b6d71423a91d3d89a47aba735e2d09db0d4294b188a5900947ca0730bfd2717d174c7d5c51c07dae4c4d4a770470a4a6d2c442d2bc0424c3aa07a6073d2bb60cb711d645ac1611b016243ffe72ba71b500a58cf5239c73d2fa07a45c1f454a19646a2093840f60962d0399f99ef5dcb48c75dfcba81510ba2f06c1e82c5093f77862169d3fb1c71f2bdd13e5e4e50b3ad5ed79ca") 00:07:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200200008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:38 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 184.998953][T17263] loop5: detected capacity change from 0 to 264192 [ 185.008701][T17263] EXT4-fs warning (device loop5): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 185.016420][T17266] loop3: detected capacity change from 0 to 264192 [ 185.065720][T17266] FAULT_INJECTION: forcing a failure. [ 185.065720][T17266] name failslab, interval 1, probability 0, space 0, times 0 [ 185.078421][T17266] CPU: 1 PID: 17266 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 185.087229][T17266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 185.097283][T17266] Call Trace: [ 185.100553][T17266] dump_stack_lvl+0xd6/0x122 [ 185.105154][T17266] dump_stack+0x11/0x1b [ 185.109300][T17266] should_fail+0x23c/0x250 [ 185.113715][T17266] ? ext4_mb_new_blocks+0x317/0x1fc0 [ 185.119056][T17266] __should_failslab+0x81/0x90 [ 185.123844][T17266] should_failslab+0x5/0x20 [ 185.128432][T17266] kmem_cache_alloc+0x4f/0x300 [ 185.133198][T17266] ext4_mb_new_blocks+0x317/0x1fc0 [ 185.138348][T17266] ? ext4_find_extent+0x6cf/0x7f0 [ 185.143377][T17266] ? ext4_ext_search_right+0x300/0x540 [ 185.148939][T17266] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 185.154687][T17266] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 185.159967][T17266] ext4_map_blocks+0x71e/0xf00 00:07:39 executing program 0: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYBLOB="33919562f8eab1fa3779b500e5fb82081b1cca256f447711bddfbc496e0b3c7434fadfff839860b2631748ed1385c03ea3c2d0b6faef5944b7395029aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638640d8597ee5b8a9a4c48226a92b9352eae730e09224cc478b595c0bd9467cffc01d907790c94a40ead2114700000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d7498981067e00be73530746818721cd2a391f7a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2a65f481d0d57c5914186edd5d62960ee62b241ce3088de86e6fc695a55680b0aab4a15ae94ad364924ad79eea82985ad37cd7586378ef8d5b0fe99fd0012da8c2ecbbb447b4ce65789a95dc982bb8664f37bf46582a4c17238ada50a2340b2b1a35c57c9b21a458166faea52fede5a6f1ea749b23003fd69c1a77b3ad3789e74dd340a50ee9b096c7ee935d0e6e7fc3d12c149180dfcbf67350464da660490f15ab1a575db50d993f46ed69daa8c1c8fbe815e70dfea9ef0fc936687e84561af70bc40bd3e08350625ad98faa20d1ab7c203b2d33541b89a48c0cc220d2d2e7c4a5c3c61813c88efbd0c4174c18033d7b26f0487606bac06688f6780fb28817bdcfa89562e874cfbf9b3a88a1246da63c29cf6932f66bcb1ee7244116a36123ae638431a00a158c4f0ad98d0b28adb46ffb6ec72e9647fae6cc704f26b4d18fe2a099c259aeba3eb9ee675692a00"/560, @ANYRESOCT=r0], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x3) mlockall(0x5) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r0, 0x942e, 0x0) signalfd(r0, &(0x7f0000000040)={[0x4]}, 0x8) mlockall(0x5) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x10) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) r2 = fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) [ 185.164765][T17266] ext4_getblk+0xc6/0x3e0 [ 185.169091][T17266] ext4_bread+0x28/0x100 [ 185.173330][T17266] ext4_append+0xd1/0x1c0 [ 185.177707][T17266] ext4_init_new_dir+0x177/0x500 [ 185.182712][T17266] ext4_mkdir+0x329/0x760 [ 185.187044][T17266] vfs_mkdir+0x2c3/0x3e0 [ 185.191312][T17266] do_mkdirat+0x12e/0x2c0 [ 185.195645][T17266] __x64_sys_mkdir+0x40/0x50 [ 185.200238][T17266] do_syscall_64+0x44/0xa0 [ 185.204723][T17266] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 185.210704][T17266] RIP: 0033:0x7fe6b5d0b9e7 [ 185.215147][T17266] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 185.234891][T17266] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 185.243305][T17266] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 185.251325][T17266] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 00:07:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@msize={'msize', 0x3d, 0x2}}, {@noextend}, {@cache_loose}]}}) [ 185.259325][T17266] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 185.267279][T17266] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 185.275246][T17266] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 185.345370][T17296] loop5: detected capacity change from 0 to 264192 [ 185.363587][T17238] ================================================================== [ 185.371793][T17238] BUG: KCSAN: data-race in __delete_from_page_cache / page_mapping [ 185.379840][T17238] [ 185.382143][T17238] write to 0xffffea0004cb26d8 of 8 bytes by task 17296 on cpu 1: [ 185.389828][T17238] __delete_from_page_cache+0x1b4/0x280 [ 185.395352][T17238] delete_from_page_cache+0x82/0x160 [ 185.400620][T17238] truncate_inode_pages_range+0x9a3/0xad0 [ 185.406320][T17238] truncate_inode_pages+0x20/0x30 [ 185.411324][T17238] set_blocksize+0x24e/0x270 [ 185.415894][T17238] sb_min_blocksize+0x9d/0x120 [ 185.420638][T17238] ext4_fill_super+0x3a5/0x7840 [ 185.425463][T17238] mount_bdev+0x1e8/0x290 [ 185.429855][T17238] ext4_mount+0x2d/0x40 [ 185.433985][T17238] legacy_get_tree+0x70/0xc0 [ 185.438572][T17238] vfs_get_tree+0x4a/0x1a0 [ 185.442962][T17238] path_mount+0x11ec/0x1d20 [ 185.447441][T17238] __se_sys_mount+0x24b/0x2f0 [ 185.452095][T17238] __x64_sys_mount+0x63/0x70 [ 185.456661][T17238] do_syscall_64+0x44/0xa0 [ 185.461054][T17238] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 185.466927][T17238] [ 185.469233][T17238] read to 0xffffea0004cb26d8 of 8 bytes by task 17238 on cpu 0: [ 185.476834][T17238] page_mapping+0x111/0x1c0 [ 185.481326][T17238] __pagevec_lru_add_fn+0x82/0x490 [ 185.486414][T17238] __pagevec_lru_add+0x189/0x240 [ 185.491335][T17238] lru_cache_add_inactive_or_unevictable+0x156/0x270 [ 185.497988][T17238] do_anonymous_page+0x716/0x8b0 [ 185.502906][T17238] handle_mm_fault+0x7f5/0x1580 [ 185.507736][T17238] do_user_addr_fault+0x609/0xbe0 [ 185.512737][T17238] exc_page_fault+0x91/0x220 [ 185.517313][T17238] asm_exc_page_fault+0x1e/0x30 [ 185.522141][T17238] copy_user_enhanced_fast_string+0xe/0x40 [ 185.528025][T17238] copy_page_to_iter+0x2d9/0x950 [ 185.532940][T17238] filemap_read+0xee6/0x1220 [ 185.537512][T17238] generic_file_read_iter+0x75/0x2c0 [ 185.542776][T17238] blkdev_read_iter+0xb9/0xf0 [ 185.547428][T17238] vfs_read+0x66c/0x750 [ 185.551559][T17238] ksys_read+0xd9/0x190 [ 185.555690][T17238] __x64_sys_read+0x3e/0x50 [ 185.560173][T17238] do_syscall_64+0x44/0xa0 [ 185.564567][T17238] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 185.570440][T17238] [ 185.572739][T17238] value changed: 0xffff88810109e5e8 -> 0x0000000000000000 [ 185.579818][T17238] [ 185.582290][T17238] Reported by Kernel Concurrency Sanitizer on: [ 185.588413][T17238] CPU: 0 PID: 17238 Comm: systemd-udevd Not tainted 5.15.0-rc3-syzkaller #0 [ 185.597059][T17238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 185.607089][T17238] ================================================================== 00:07:39 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 00:07:39 executing program 2: r0 = open(&(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x343f80, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) openat(r1, &(0x7f0000000040)='./bus\x00', 0x0, 0x80) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4) syz_open_dev$vcsa(0x0, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) pwrite64(r0, &(0x7f0000000400)="91c42f3599456e2d39126d3c867d246668a3ef901654652e33336d660e028374a2a136b43b1ad132b73ba0963b1bb527e0d826d349653d0fa600ab68346ca535cd6f044538cc7f1f6816a428156356c76b50d6fca5b6a1eec649375600a159fb7776f01c26e291a9537b0b820924d829f44a39ca214833a158e86d16be4f95174da4dff54f89a7ebec49bf6331aa54074bd8140784f445591d225b0134de86beae58c07e75d9e11a", 0xa8, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r4, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r3, r4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r8, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r7, r8) poll(&(0x7f0000000300), 0x0, 0x407) recvmmsg(r6, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r5, r6) sendfile(r4, r6, &(0x7f00000001c0)=0x100, 0x8) preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000100)=""/177, 0xb1}, {&(0x7f0000000240)=""/144, 0x90}, {&(0x7f00000004c0)=""/126, 0x7e}, {&(0x7f0000000540)=""/213, 0xd5}, {&(0x7f00000000c0)=""/32, 0x20}], 0x5, 0x3, 0x1) sendfile(r0, r2, 0x0, 0x80000001) 00:07:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x1) 00:07:39 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200300008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 51) [ 185.644588][T17296] EXT4-fs (loop5): inodes count not valid: 544 vs 32 [ 185.739014][T17317] loop3: detected capacity change from 0 to 264192 [ 185.745804][T17320] loop5: detected capacity change from 0 to 264192 [ 185.758976][T17317] FAULT_INJECTION: forcing a failure. [ 185.758976][T17317] name failslab, interval 1, probability 0, space 0, times 0 [ 185.771614][T17317] CPU: 0 PID: 17317 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 185.780378][T17317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 185.790426][T17317] Call Trace: [ 185.793693][T17317] dump_stack_lvl+0xd6/0x122 [ 185.798272][T17317] dump_stack+0x11/0x1b [ 185.802411][T17317] should_fail+0x23c/0x250 [ 185.806811][T17317] ? ext4_mb_new_blocks+0x73f/0x1fc0 [ 185.812237][T17317] __should_failslab+0x81/0x90 [ 185.816997][T17317] should_failslab+0x5/0x20 [ 185.821533][T17317] kmem_cache_alloc+0x4f/0x300 [ 185.826282][T17317] ext4_mb_new_blocks+0x73f/0x1fc0 [ 185.831379][T17317] ? ext4_find_extent+0x6cf/0x7f0 [ 185.836405][T17317] ? ext4_ext_search_right+0x300/0x540 [ 185.841920][T17317] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 185.847673][T17317] ext4_ext_map_blocks+0x15ed/0x1ff0 [ 185.853117][T17317] ext4_map_blocks+0x71e/0xf00 [ 185.857965][T17317] ext4_getblk+0xc6/0x3e0 [ 185.862384][T17317] ext4_bread+0x28/0x100 [ 185.866631][T17317] ext4_append+0xd1/0x1c0 [ 185.870963][T17317] ext4_init_new_dir+0x177/0x500 [ 185.875966][T17317] ext4_mkdir+0x329/0x760 [ 185.880287][T17317] vfs_mkdir+0x2c3/0x3e0 [ 185.884517][T17317] do_mkdirat+0x12e/0x2c0 [ 185.888935][T17317] __x64_sys_mkdir+0x40/0x50 [ 185.893533][T17317] do_syscall_64+0x44/0xa0 [ 185.898035][T17317] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 185.903925][T17317] RIP: 0033:0x7fe6b5d0b9e7 [ 185.908327][T17317] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 185.928091][T17317] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 00:07:39 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.FinderInfo\x00') r1 = signalfd4(r0, &(0x7f0000000280)={[0x1000]}, 0x8, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/consoles\x00', 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@broadcast, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@private0}, 0x0, @in6}}, &(0x7f00000002c0)=0xffab) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}, {@dfltuid={'dfltuid', 0x3d, r5}}, {@noextend}]}}) [ 185.936487][T17317] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 185.944441][T17317] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 185.952413][T17317] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 185.960444][T17317] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 185.968399][T17317] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:39 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:39 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200400008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 52) 00:07:39 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) openat2(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x2a, 0x19}, 0x18) openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x220040, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SG_IO(r0, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = openat(r0, &(0x7f0000000100)='\x00', 0x2000, 0xb) write$P9_RATTACH(r3, &(0x7f0000000180)={0x14, 0x69, 0x2, {0x1c, 0x2, 0x5}}, 0x14) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 186.001958][T17320] EXT4-fs (loop5): inodes count not valid: 800 vs 32 [ 186.084118][T17340] loop5: detected capacity change from 0 to 264192 [ 186.122496][T17340] EXT4-fs (loop5): inodes count not valid: 1056 vs 32 [ 186.145762][T17362] loop3: detected capacity change from 0 to 264192 [ 186.156844][T17362] FAULT_INJECTION: forcing a failure. [ 186.156844][T17362] name failslab, interval 1, probability 0, space 0, times 0 [ 186.169761][T17362] CPU: 1 PID: 17362 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 186.178572][T17362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 186.188621][T17362] Call Trace: [ 186.191893][T17362] dump_stack_lvl+0xd6/0x122 [ 186.196516][T17362] dump_stack+0x11/0x1b [ 186.200714][T17362] should_fail+0x23c/0x250 [ 186.205125][T17362] ? __es_insert_extent+0x51f/0xe70 [ 186.210325][T17362] __should_failslab+0x81/0x90 [ 186.215158][T17362] should_failslab+0x5/0x20 [ 186.219653][T17362] kmem_cache_alloc+0x4f/0x300 [ 186.224400][T17362] __es_insert_extent+0x51f/0xe70 [ 186.229409][T17362] ext4_es_insert_extent+0x1cb/0x1950 [ 186.234838][T17362] ext4_map_blocks+0xa5d/0xf00 [ 186.239602][T17362] ext4_getblk+0xc6/0x3e0 [ 186.243972][T17362] ext4_bread+0x28/0x100 [ 186.248290][T17362] ext4_append+0xd1/0x1c0 [ 186.252604][T17362] ext4_init_new_dir+0x177/0x500 [ 186.257555][T17362] ext4_mkdir+0x329/0x760 [ 186.261866][T17362] vfs_mkdir+0x2c3/0x3e0 [ 186.266097][T17362] do_mkdirat+0x12e/0x2c0 [ 186.270416][T17362] __x64_sys_mkdir+0x40/0x50 [ 186.274996][T17362] do_syscall_64+0x44/0xa0 [ 186.279411][T17362] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 186.285294][T17362] RIP: 0033:0x7fe6b5d0b9e7 [ 186.289713][T17362] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 186.309365][T17362] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 186.317763][T17362] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0b9e7 [ 186.325807][T17362] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 186.333846][T17362] RBP: 00007fe6b3a84040 R08: 0000000000000000 R09: ffffffffffffffff [ 186.341799][T17362] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 186.349755][T17362] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 186.376484][T17362] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:40 executing program 0: write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2c0efa61a0bc526f9a8390cb7fe3c9e3e8474b0d4c519ac2c216eaa1b64b515a5bd16f770ccfac15bee26f91080bf839120dbe1e47a80", @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace$setregs(0xf, 0x0, 0x5, &(0x7f0000000180)="2afdc603dd07ddbc8c3b7ea5cc1acbf026afcfe4cc05cbf855308c966fa7d3d6d8f91b953f04366e8794daccff8c65ac072ea5aed8893852705b589a845d4c741b409d8228cf41024b0835e1d9bddddcdaea356e5136855ea8f89099750c65d94cd0d2029ac2fb24b508f078bf29e3b0c317e9e3c7e04a15c96644a680f025f383e8c0eeb2594522e751c5e15e05e8d9589ef20a442926506698a837097feb52c574139a3843f77c6056486f6e52619f076e2103d14dbb367c25d90d1c4b61c1b14864476690633982e892735acef341c036b1a71f09487dba6db8ab7c706373cf9a") pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendfile(r1, r1, &(0x7f0000000040)=0x4, 0x9) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200500008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 186.611789][T17382] loop5: detected capacity change from 0 to 264192 [ 186.636710][T17382] EXT4-fs (loop5): inodes count not valid: 1312 vs 32 00:07:40 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) splice(r1, 0x0, r2, 0x0, 0x19408, 0x0) write$P9_RWALK(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="230000006f010002000402000000070000000000000026040000000600000000000000"], 0x23) r3 = open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) fcntl$setlease(r3, 0x400, 0x0) r4 = syz_open_dev$vcsa(0x0, 0x10000000, 0x82) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r5, 0x0, 0x80000001) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) recvmmsg(r7, &(0x7f0000004800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup2(r6, r7) sendfile(r4, r7, 0x0, 0xfff) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', 0x8, 0x1, &(0x7f0000000240)=[{&(0x7f0000000180)="1e66c2e59ed59bf9f4eca944fdd37ec4f59b355832d6bf566581f158f6acaed95028efcb244de4a7c5ad12999a1e7d64267e80286a69e6b55a038a6255db7cb14a75806d95b72d1f27a082a11fcc", 0x4e, 0x4}], 0x40000, &(0x7f0000000280)={[{@cruft}, {@nocompress}], [{@dont_measure}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x15, 0x31, 0x33, 0x37, 0x34, 0x64, 0x57], 0x2d, [0x66, 0x65, 0x66, 0x32], 0x2d, [0x64, 0x35, 0x30, 0x64], 0x2d, [0x67, 0x66, 0x66, 0x30], 0x2d, [0x39, 0x62, 0x34, 0x37, 0x65, 0x63, 0x30, 0x62]}}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@obj_role={'obj_role', 0x3d, 'n!'}}, {@dont_hash}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]}) 00:07:40 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 53) 00:07:40 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x3, 0x3, &(0x7f0000000340)=[{&(0x7f0000000180)="92ca551d2978d9a1f474c37a098bb27c4240fa7c3476b00db2abdeb2c5a134e57ac95eb097628d8279ca43077df0d88fff112195018952194498c5eddb30f095c3c4622a4f5d00d65603eb7fce62d8df2a5b22d967102fc3009af057c82549a742be32ecfc52ad232fa50311e6cf748aa5da1461ab1487950f74a7c613979ef08414dbaf9820a13c3626c79c23fd3828a19a376cb1e559a6f907d70d05c0e7b169295608433920b789a25b6eb0ffd111ab47242092b43cf6f1cd46e43065ee57525ff71319c66a79727f3e273f38caeff8d6e209219c63a7e5d74fc4c4841461971168827d5cba4917", 0xe9, 0x6e}, {&(0x7f0000000280)="2ac5d7644ece558a9bb46edc86c5b2239da2046581de93d53352042a1c3c1fa63926f53da4ca74e4decb6d411f333e894517a9f40e8557cf106c9d722d1e57b15013a7fe30ba51b3dc7398be4cc8953de3fa38a186fa9caf727fe2371023baa7fd05872b11ed", 0x66, 0x2}, {&(0x7f0000000300)="2c78cea8b2601a16fd0d1f51e5c70917048b190316230a33487180a7155ca20cc9798677540b6eca52", 0x29, 0xfffffffffffffffd}], 0x200828, &(0x7f00000003c0)={[{'.%$%/::})'}, {'$--'}], [{@smackfshat={'smackfshat', 0x3d, ':'}}, {@fsmagic}, {@subj_user={'subj_user', 0x3d, '.\x00'}}, {@dont_hash}, {@obj_user={'obj_user', 0x3d, '*-'}}, {@dont_measure}, {@obj_user={'obj_user', 0x3d, '#'}}, {@dont_appraise}]}) sendfile(r0, r1, 0x0, 0x80000001) 00:07:40 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x19408, 0x0) statx(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x800, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r7 = geteuid() keyctl$chown(0x4, r6, r7, 0xee01) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x80001, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, r5}}, {@cache_fscache}, {@cachetag={'cachetag', 0x3d, 'dfltuid'}}, {@version_u}, {@version_L}, {@aname={'aname', 0x3d, 'wfdno'}}, {@noextend}], [{@smackfsdef={'smackfsdef', 0x3d, 'noextend'}}, {@obj_user={'obj_user', 0x3d, '9p\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@uid_lt={'uid<', r7}}]}}) 00:07:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200600008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 186.702799][T17382] loop5: detected capacity change from 0 to 264192 [ 186.725089][T17382] EXT4-fs (loop5): inodes count not valid: 1312 vs 32 00:07:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) [ 186.773360][T17407] loop1: detected capacity change from 0 to 16383 [ 186.781517][T17410] loop3: detected capacity change from 0 to 264192 [ 186.837954][T17410] FAULT_INJECTION: forcing a failure. [ 186.837954][T17410] name failslab, interval 1, probability 0, space 0, times 0 [ 186.850588][T17410] CPU: 0 PID: 17410 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 186.859365][T17410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 186.869685][T17410] Call Trace: [ 186.873035][T17410] dump_stack_lvl+0xd6/0x122 [ 186.877632][T17410] dump_stack+0x11/0x1b [ 186.881863][T17410] should_fail+0x23c/0x250 [ 186.886347][T17410] ? __se_sys_mount+0x4e/0x2f0 [ 186.891116][T17410] __should_failslab+0x81/0x90 [ 186.895891][T17410] should_failslab+0x5/0x20 [ 186.900406][T17410] __kmalloc_track_caller+0x6d/0x350 [ 186.905695][T17410] ? do_mkdirat+0x293/0x2c0 [ 186.910197][T17410] ? strnlen_user+0x137/0x1c0 [ 186.914904][T17410] strndup_user+0x73/0x120 [ 186.919324][T17410] __se_sys_mount+0x4e/0x2f0 [ 186.923966][T17410] __x64_sys_mount+0x63/0x70 [ 186.928545][T17410] do_syscall_64+0x44/0xa0 [ 186.932952][T17410] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 186.938839][T17410] RIP: 0033:0x7fe6b5d0ddfa [ 186.943238][T17410] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 186.962829][T17410] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 186.971223][T17410] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 186.979176][T17410] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 00:07:40 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="a2fe671f4613a93aeac65f5b", @ANYRESHEX=r1, @ANYBLOB=',cache=loose,dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB=',noextend,\x00']) [ 186.987181][T17410] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 186.995134][T17410] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 187.003235][T17410] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200700008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 187.032183][T17443] loop5: detected capacity change from 0 to 264192 [ 187.043082][T17443] EXT4-fs (loop5): inodes count not valid: 1568 vs 32 [ 187.051533][T17447] 9pnet: Insufficient options for proto=fd 00:07:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 54) [ 187.078398][T17448] 9pnet: Insufficient options for proto=fd [ 187.098372][T17407] loop1: detected capacity change from 0 to 16383 [ 187.121981][T17461] loop3: detected capacity change from 0 to 264192 [ 187.127675][T17454] loop5: detected capacity change from 0 to 264192 [ 187.132466][T17461] FAULT_INJECTION: forcing a failure. [ 187.132466][T17461] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 187.148064][T17461] CPU: 1 PID: 17461 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 187.156820][T17461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.166858][T17461] Call Trace: [ 187.170133][T17461] dump_stack_lvl+0xd6/0x122 [ 187.174790][T17461] dump_stack+0x11/0x1b [ 187.178933][T17461] should_fail+0x23c/0x250 [ 187.183332][T17461] should_fail_usercopy+0x16/0x20 [ 187.188375][T17461] _copy_from_user+0x1c/0xd0 [ 187.193017][T17461] strndup_user+0xb0/0x120 [ 187.197419][T17461] __se_sys_mount+0x4e/0x2f0 [ 187.201996][T17461] __x64_sys_mount+0x63/0x70 [ 187.206582][T17461] do_syscall_64+0x44/0xa0 [ 187.210999][T17461] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 187.216948][T17461] RIP: 0033:0x7fe6b5d0ddfa [ 187.221403][T17461] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 187.241081][T17461] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 187.249495][T17461] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 187.257457][T17461] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 187.265550][T17461] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 187.273502][T17461] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 187.281556][T17461] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 187.295062][T17454] EXT4-fs (loop5): inodes count not valid: 1824 vs 32 00:07:41 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200800008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:41 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r3 = geteuid() keyctl$chown(0x4, r2, r3, 0xee01) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, r3}}, {@cachetag={'cachetag', 0x3d, 'syz'}}]}}) 00:07:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 55) [ 187.415534][T17479] loop3: detected capacity change from 0 to 264192 [ 187.424726][T17479] FAULT_INJECTION: forcing a failure. [ 187.424726][T17479] name failslab, interval 1, probability 0, space 0, times 0 [ 187.437354][T17479] CPU: 1 PID: 17479 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 187.446131][T17479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.456208][T17479] Call Trace: [ 187.459486][T17479] dump_stack_lvl+0xd6/0x122 [ 187.464165][T17479] dump_stack+0x11/0x1b [ 187.468322][T17479] should_fail+0x23c/0x250 [ 187.469124][T17486] loop5: detected capacity change from 0 to 264192 [ 187.472796][T17479] ? __se_sys_mount+0x91/0x2f0 [ 187.472886][T17479] __should_failslab+0x81/0x90 [ 187.488841][T17479] should_failslab+0x5/0x20 [ 187.493339][T17479] __kmalloc_track_caller+0x6d/0x350 [ 187.498676][T17479] ? strnlen_user+0x137/0x1c0 [ 187.503398][T17479] strndup_user+0x73/0x120 [ 187.507851][T17479] __se_sys_mount+0x91/0x2f0 [ 187.512431][T17479] __x64_sys_mount+0x63/0x70 [ 187.517067][T17479] do_syscall_64+0x44/0xa0 [ 187.521467][T17479] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 187.527345][T17479] RIP: 0033:0x7fe6b5d0ddfa [ 187.531829][T17479] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 187.551419][T17479] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 187.559851][T17479] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 187.572269][T17479] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 187.580232][T17479] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 187.588186][T17479] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 187.596227][T17479] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 187.616469][T17486] EXT4-fs (loop5): inodes count not valid: 2080 vs 32 00:07:41 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r2, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0, r2}, 0x68) sendfile(r0, r1, 0x0, 0x80000001) 00:07:41 executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2(&(0x7f0000000040), 0x4000) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT=r1], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) r2 = openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)={0x400, 0x108, 0x2}, 0x18) io_uring_enter(r2, 0x11d3, 0x37f1, 0x1, &(0x7f0000000140)={[0x3]}, 0x8) mmap(&(0x7f00007fe000/0x800000)=nil, 0x800000, 0x9, 0x20010, r0, 0x65e13000) mlockall(0x3) 00:07:41 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[], 0x4240a2a0) linkat(r1, &(0x7f0000000040)='./file0\x00', r0, &(0x7f0000000080)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 56) 00:07:41 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r2 = syz_open_dev$vcsa(0x0, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000080)={r2, 0xd8e9, 0x81, 0x4}) symlinkat(&(0x7f0000000040)='./bus\x00', r4, &(0x7f0000000100)='./file0\x00') 00:07:41 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200900008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:41 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r2 = geteuid() keyctl$chown(0x4, r1, r2, 0xee01) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x34) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r3, 0x0, 0x6) sendmsg$nl_netfilter(r0, &(0x7f00000013c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x1224, 0x6, 0x5, 0x201, 0x70bd26, 0x25dfdbfc, {0x1}, [@nested={0x105a, 0x66, 0x0, 0x1, [@generic="c6cb82a817820b45fea94e02b14fa98aceac803245a0df6847144e7b52f5d159e8d30b4b45f81fbded7a7ffe5c101d99abc81e997d1ffc61345a", @typed={0x8, 0x1f, 0x0, 0x0, @u32=0x9}, @typed={0x8, 0x35, 0x0, 0x0, @uid=r2}, @generic="f97446b553ebe55d405caebbc5c249e952e346483f789df36f217a6f9f1e474219f51fa056f475e8f46e72c182f7e169842b812a8d5c068da475607debca6d8b5582fdadcdf3ccd6d80c95e5ab44837e8f4e8309415dd0fd6caa0642a48d453c957f61ec1adecb0833ed52c98083efdc2f807bce0e251f0a9eb59ded2fe956a2ccd34ddfdf2e58351d5a4008ac6660bb572d6eeec1287a2b554163a44f18bb1c0605a4dd2e70a4d8acff16c29362164bfc4d5fcee6bab56c174a99b79ced40f3dcc2c57e68a5e5a58739b9630fca24335b1904aff3d1925d9cc61a9223545422c554ae84cedbe3275afbd195a2d8891eb02fb1987d457b748e2bb1a2c1f00d28ce693bfd984ced16ea25c57917ee955a097ec5b44c135eca46a0630334d50d4cb7f92434f6a9921d93ef440250f8183d4dc2c7179adbabca98e58342285b3003b47d6ffbd64c6075afa0c04f5b3dd1ebee6166da50b7217accbb98381b2d26f978d36d91881a4fe579b51a5d8aaa4287d4103bf9ab211e8689d736f51e2bbc0603f994e77e240526a3d5bed76cfd3a3c7d7eb6dfc0d557be51607407c4e01313e8cb131345c7d43c46d8f389005ad4de24efc731ce3e44869ae302b0a6f5ea8d2116c1f7353cb011b7caf0a912000e805347cce2c27f999edeffa625a4b46c838ee785a54595771c31941b68c3aeb9d984ec8f61a89f619563d823be28d5c5c2b03c8b3be86a253cf1b6dcb3edc56604c0dded5897be007e53b2e163e7f5ceebc28a5f72d3ddae698563256c6793196dc388802beaa977d51795b816b0e31329c2ad392ee60ebbf968f02701d5600616edeaca42d5106c479e398b65a49e0bcb603417bac5361462d67a765efb651778ddbf1cac09260dbf06f325ba7cd1ec5b7df4b091ee200912f5fc98b9ec009440318523224485b2a99b0353aaa1d9888fbf7b2b84d28cac2fcbe745204c475ea3626bd4547116c441e74c1a971745966a5e85dbe20f99477773ecad823495d1190e9de4d01c54474fc654b71f9268a2db54a026ac111bb4b7f91f08528c0470c4b1fcd647cdbfc1cd5e95396b807fcbbfdf29c9bed24d770d957a9ab7213f21c20f0f0a71f59dd73d868b6d79a12db942c7855b56fe7d6487b70d15f12e0c292904c6395344653a4a30a0f649c1bcb6dfc2720c4f06cdd0d1d0e92b5aee3a02c3587346b774618349241992e9f1e389d57f29e8628fc327576c64b2a2533af9144925e964ce24005b02397dab3308b1cf7201f412569c43a0ae4bf576b2940e391d440c4b6d99eaa2f8783fc1151d0349bda081f96ea5fa61495c53aee773c576f125557c3bf40678eb6420604e7241d777cffc5c6fc0fb3df702a9a44159cd6b7a997f86032e20d14eaae1cbadf09cd513a28562f4227beb24852c241ccca420590b7fe78168d906176d26cc339f18598fc5101c0ea1fc07a5511e3ac6555ef0afa65b98fc16d311f1972b40ac0ccc43d8d10740aea6ae8e0777348079b0ae0c8994681ed5971b43875e32baa69a8fb8108a6c7ee8bc826bdf4b08b9f77b963bcb52d3b5ee686334a9f4a85330b4fcb2ffe4af2e22999d75ff01cc80af57e84ab36c8180218f417b094ec79a982226bb9fa998bd417c8d86bf28a6e53f4c767557f32ddebbcd715b366761a65ac5bed1e75772f25a289352931f7a15221c33f03388e3570adaec989ad4c1f84df23f25ab08e01bb25057ddf361c21bc565eb1e96937c06827d7f02311cbc25762eb54a602a2a6da70d4015cde763cecc4231cd5a36c4c9e7a7cb17ee772fcdfea55c649b858f52732d98a5ed5c8d721492427bc464198132d2e3e353bfe9367f5dbfbc768a886a31438d46fe9e1a5fd67d25dae0bda12495f6f575e3bf96c7e81c8b03acb04079398a4f14628fb0bebf175f41b5e7d13a3eaa89e00118b78939c33a75659510a5026575f8af43abc99351760cc10a56a5cbf9d624016d7a6eae689aafd00ec280fd8517f8881f3ff5a6c24b2b82d9fddc227cc7bd26b57167a2f52b38e7644234ab8c9e424461c24fe15c8817452d0ee653dd71b86c25096bf8abf2b21a1ceb721a323259fc4d7715334607894b956dae3fb2ac5917710cf52377345e208aa6d2a2c61d2e4d27936eba8467d28e6d75980792af398d0ca879ebcf8bef6edc30336ee109157342261741c31c4d89f101cb467aa683090dbddbe55569b94bc1c088412e10dae5fd642a8f4dc93956f5118c995114dcf0e06ac7507253397d651f964611e11afa0fe3b3948d3de50e2b97c2e213916682885ce45ed770ef06c503e0dc3ab22f3120527dde97b3ea1cc02d0cbbd5776790da8457d65f944fdec84b054c7a88dd9b36edf41e5d742443382d981819c89e56bbd9e690367a5cb6ee58e699a5e8a6092e6f69e33830f68bbb19319c0fc04836ecb5f203dd0f88fbf45c317ff15371ba39a6b8c3e0f5a51f9b9c0c025bad3ca7c4e810375902a633e352ae2bcd386b82bd564b429aec8c514d68619f13215495aecded3379564f2a005fd0c09be543580721ca951fbfbf7751333b0e5b7aa4e9353b730981e9c8566a0cb31c9d5799e4cc298241d174ff4dc7c74305c03041f6a123da58459729648163b999d967e2c354ae360a8240ad6f422f073e1228d0922adde258f0f1d96a9e7e0bf07ab97fc310fb7076a15334531f4635b2bf1d05ef1a56d2db9e542974a52b5f50491b7605aa3a5bd5fc3a750d80ece0fb42f06b9d32fdd511a96020d584b16722672d2a2e077a98fdef772f43872896902285e9bfc1b7a82c1dae968c9b601c9712086f8ce2b648447aead0935299282a561654de35a754205e90c5b4e21b9a921954365be7ba8ed28384848030c0752af28b5f21f325f8416dd2d4f0948114ee3e5566b658feaf4abc909b7d39e7b3ae3254516962731a7587d1dadc62c44d6d40b477f1614a6eba110a345ec3184c66c9f76f0af1c14dfa762f9489f399690a23ef7d688a10dd5fc0172596da196b4b4913f5ee6bcd9a059671ae89a0759ee947279c13b8411ea5753e7bcb6b69c48596fdc38c80ebe0c6df5a9ef514a88763c29903035345e61fa4d8ab1f8631c4b165250c5670728bce2835b7db2c1733f1dd5cea7a81e592634f8f6f4c6d47937ab4cdb0b38becd8706dde7df4476704d04251b609113f9640e008ca56b9a71cf10e79984a113a8ca8d8cac999de57e5a2b234b18acb2ac5b29482d3fde17a33b35ab8abf135cd4bc54de03a73d816591a1398958d915c083172645d8f0ac51e24ae868c536c4a018c59458c8fd96a67a501a30e8a0f1a36fa6b2df175786fc6a81b7c5c3bd97181c7bcb83d18b07143199f35792c613d03e7e70281e2f255387c2b78842c36774457b5104226f6aada06308c6cfc103662b9c555e9ffbddb83f963eb10d24e2c4b9f8e3d94e5d81f8662dd30e18fb6032db23bdfa766bd58ae48940490a5262d9e2bb7cd3c2c823fcb9e1847e96005a77c0d0ed6a4fa0a3455451aadee1557633e835529f90dca78370e333391c0aefb6379c3a2329d3a7c1ac3ee4840d15fe41a3494097d6f8219f8650d847f42856d0f88e24ed74986bf5327931ed1e488a13b6f12b55758af489d9be185e7b26bcdcb3b3c7c24c29c6ea67c9ffc575645398826df08f0f9f0265c302c1e136e09b48f7c7729d8de290195bdbb56814332643b948b30e1d3911301e0fc51d844f66843054c41386dd8269c36a5fe566d525a7e71babbf21564074377d2922edc2ae5c100e8508d7b0ea9580c5b82f6ce702aacea8b9f324cc40a49c3aedadc721cbce65caac39b57fe24864f5a4c3bd35003fda3e1d0699aff2662d237116c1ab5048d5f42dd641746ee8b15b10d36552d9fac127fbc60456fa91d9c6cb7c0a7567608b4c1d0f465778ffece0bf7c012ac8fc243d462974646c2e0dd5df24b94174504be0c3f2903a146ca5d8b19dbefb4103c38bd9a290460b9b130847d9852ca1b048bfe8102c49f43c351699139729f443d381aba716b2aa13fe9ce56056995dc7a682eaa5faaa00c176baac56824a8965d674640c3b7360fa447f16de14d6df816d0175e2ec34dc5c65c98a7430d11412d90e587b510843241afce3a8be7c95a8bf1d6174bfcdb822cf1fd5ee59a272c721a4674e067e6754f5ab06a0d05e9a72517187c15aabb8ab364400a16b6e39e84a314e8db4cc9423e2584d3799c1054eae4a562b25cf038a38e4abb3ea392f95b426f85035ac120f5bca21d0a468c9059726868bc1d20f3a280887d8a0fd3a11697f156b6cc85fdf2dcfeec867615d941fe227bc8559ef50a74e1ed9771c2b670bc8c496cab436ce5e3a47579e096311d4a0f62953338b6ffccdd7393f0b6099e5ab4f88fcd3dd651f784fa51e76e02bd01da4c58ace845652e320f28654eb0110e72ab19e1c3987224f02907ed92b71f3fb61e894a7689363765c35169eea96829856fb7de0ceb61a7e27f5aafdadc7c690d094a517f2baee1ac2690d12152816bfac7113c2238b3581011ccef4fb6a8e9441e530a697b330ab032ae3f6a243cb048fa4fa7bebd6aafb5184e0c1e26a4d1e44d55b3736678e323db40ccf68fc6a4a09778166333af76207998688853fa4393fd0112041a2d503e98eb7a71387be4129ab480286ab7505b64efa7ccb9fdc15a8dadb5f00b4d4c293abfd779137c23ce8b16c87b00c741864e074c754f15b399f060b299ce8196f0dbcaa78043449d0770a804dc55526c849e1ae967bebd602ba85e065c3ba55cee440cfd773045916472929f6ec822c2207da340ab526f1e4e9bafba288ef6fe3ecb19bcfecef0dddadf22ea0427b9bbb5fe151b85f33467aa88335622d03cca391bf1f9f3181596247e7575f3bf157d38b28f26ad9bbab0155971b1483aa45d1d79367485ac1eef2a08d689190ec32478927f1b3880f4530f77bd9d6d84190357f925604d4bb789589a5ddae6b415461eafc30a2782809cbcec9454998f25add40514c094fa6e40b87465e7885375ddba4b9dd4229750936128456f0bdbcef85b711bd245505d12a935da76f72f31d21fa2d6d02c64f8218680e806001f8f12fdc4f19945d19185399d4b22d38e8a24b4fb215637d9b6ad05c48ec9f87fd6dae90eaeed8a7e56afb6e174e3044f17a44975ba21d6b92f680d2cc73194793d04b0b7ef65f61c0efb67bb47f3270d719a73b8acb0ee1c1800406f135aa003f3972e48efcb24234de85f3955702d73c7c0c48a035ffcb01aefe37d2a5dba58ed478c6118ddd6beaa2d5b2f3b354abb5f94872567c82ca5ecd40db4524c13504529e8cafc6ec5a0a97ac2c655ca88ce2cfc83b2a8003dcab5c593a3ecdd059596c26cae81e55ca8ee7a63cd28b78d4ce835bea1f463763de4b35f0c7ece62bb5e260f688b08f95e47998db1cf042d768b8410a97e39f9ea22425fffe94ddc6f1255ad606fcd5ff20898b9ff974c3ab095af8b962d7aed3f1525833aaf4f3c00dfc9bca076938fb3bec948b945b633afd0323fd9b57aa7883fb03c639665ef519b40de094c343552ddfdf424f543325cbbc352b70365b40cd0a7ecc86ee1c1a9a462753e5f2df432b92070e874f0b0f36f77364832568ae2847891bd40b2acd2d0b605d1887a9041417e62751c9926dc1b0dc42fa1c33045dcf9c90bea63c441b99d60a0e265961d82c6b32f9e5674cc0bfb27fde68162fa075402f61d779ac598651774ac9b195261da440918df9c1a12ce74fcd52e81175803d4d57f71f131a906aef4167a0f952c0ebb3596", @typed={0x4, 0x20}, @typed={0x8, 0x8c, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}, @typed={0x8, 0x26, 0x0, 0x0, @fd=r0}, @typed={0xec, 0x72, 0x0, 0x0, @binary="2137a3b2dd99145a74982adf461ff18e29509101a72ba45bacfbcb049ae8e617da8d942023bae3b5d978982d74637edc2af663c16fb888445149364692094537ea41704ccd585d97959707aae0bee4feb16c6f87ce5985e436bcd5e1913a5a05a14401c4771a2bc0f35f34bfaa4fab29a7b11263e1cbc4b49598e03f4144b410fe117035dc2d550c51d081af1ec336c78a3f5a6764394417c90ba4b0e2678e57674aeb62865df01bd4a84b334244576f66d23889619e2f8cdaaced2b44b4330f0bca2c50c5312b15bd431ffc6939c20e81a9e7224fc8a1b4fd49633267741e6515d70bb543fc9425"}, @typed={0x8, 0x62, 0x0, 0x0, @pid=r3}, @generic="9d1b1a5f2a8935f057f85ca53380a021e97c022c2b27959651538543cad8048d961e2d4d4208d64330445237a821c8b719c4ea789a634e0244f5bdc330af30be4bb003b00d0feac7c64f671705013a1e77f54d75c20aaacbf41c2146661e7d7ca23a012720a1", @generic="dc5c520637359da066ea9a1a27ad5d335282cdc66c1bac23a48f145050aff9276f20ed7cdeb69c12075f07543b05106a6d008c566cdf68fe7271014f021ce55a0e84c5ea5da15ec47100fc8e5a02eeaeaf5e"]}, 0x1224}}, 0x800) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) read(r4, &(0x7f0000000040)=""/69, 0x45) r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r6 = geteuid() keyctl$chown(0x4, r5, r6, 0xee01) [ 187.727929][T17516] loop3: detected capacity change from 0 to 264192 [ 187.738792][T17515] loop5: detected capacity change from 0 to 264192 [ 187.755102][T17516] FAULT_INJECTION: forcing a failure. [ 187.755102][T17516] name failslab, interval 1, probability 0, space 0, times 0 [ 187.767798][T17516] CPU: 1 PID: 17516 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 187.776553][T17516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.786695][T17516] Call Trace: [ 187.789966][T17516] dump_stack_lvl+0xd6/0x122 [ 187.794609][T17516] dump_stack+0x11/0x1b [ 187.798934][T17516] should_fail+0x23c/0x250 [ 187.803354][T17516] ? __se_sys_mount+0x91/0x2f0 [ 187.808129][T17516] __should_failslab+0x81/0x90 [ 187.813003][T17516] should_failslab+0x5/0x20 [ 187.817504][T17516] __kmalloc_track_caller+0x6d/0x350 [ 187.822796][T17516] ? strnlen_user+0x137/0x1c0 [ 187.827523][T17516] strndup_user+0x73/0x120 [ 187.831938][T17516] __se_sys_mount+0x91/0x2f0 [ 187.836546][T17516] __x64_sys_mount+0x63/0x70 [ 187.841143][T17516] do_syscall_64+0x44/0xa0 [ 187.845562][T17516] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 187.851603][T17516] RIP: 0033:0x7fe6b5d0ddfa [ 187.856014][T17516] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 187.875618][T17516] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 187.884292][T17516] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 187.892265][T17516] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 187.900233][T17516] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 187.908262][T17516] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 187.916234][T17516] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 187.926761][T17515] EXT4-fs (loop5): inodes count not valid: 2336 vs 32 00:07:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 57) 00:07:41 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x200902, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x404200, 0x160) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20100, 0x120) [ 187.994844][T17515] loop5: detected capacity change from 0 to 264192 [ 188.021990][T17515] EXT4-fs (loop5): inodes count not valid: 2336 vs 32 00:07:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200a00008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 188.081621][T17553] loop3: detected capacity change from 0 to 264192 [ 188.116997][T17553] FAULT_INJECTION: forcing a failure. [ 188.116997][T17553] name failslab, interval 1, probability 0, space 0, times 0 [ 188.129761][T17553] CPU: 1 PID: 17553 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 188.138668][T17553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 188.148723][T17553] Call Trace: [ 188.152124][T17553] dump_stack_lvl+0xd6/0x122 [ 188.156732][T17553] dump_stack+0x11/0x1b [ 188.160989][T17553] should_fail+0x23c/0x250 [ 188.165410][T17553] __should_failslab+0x81/0x90 [ 188.170184][T17553] ? __se_sys_mount+0xf7/0x2f0 [ 188.174954][T17553] should_failslab+0x5/0x20 [ 188.179462][T17553] kmem_cache_alloc_trace+0x52/0x320 [ 188.184748][T17553] ? _copy_from_user+0x94/0xd0 [ 188.189515][T17553] __se_sys_mount+0xf7/0x2f0 [ 188.194113][T17553] __x64_sys_mount+0x63/0x70 [ 188.198713][T17553] do_syscall_64+0x44/0xa0 [ 188.203139][T17553] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 188.209095][T17553] RIP: 0033:0x7fe6b5d0ddfa [ 188.213504][T17553] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 188.233228][T17553] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 188.241645][T17553] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 188.249616][T17553] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 188.257583][T17553] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 188.265553][T17553] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 188.273525][T17553] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 58) [ 188.339516][T17570] loop5: detected capacity change from 0 to 264192 [ 188.372998][T17570] EXT4-fs (loop5): inodes count not valid: 2592 vs 32 00:07:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200b00008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) [ 188.404527][T17575] loop3: detected capacity change from 0 to 264192 [ 188.440782][T17575] FAULT_INJECTION: forcing a failure. [ 188.440782][T17575] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 188.453897][T17575] CPU: 1 PID: 17575 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 188.462711][T17575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 188.472764][T17575] Call Trace: [ 188.476039][T17575] dump_stack_lvl+0xd6/0x122 [ 188.480701][T17575] dump_stack+0x11/0x1b [ 188.484945][T17575] should_fail+0x23c/0x250 [ 188.489415][T17575] should_fail_usercopy+0x16/0x20 [ 188.494503][T17575] _copy_from_user+0x1c/0xd0 [ 188.499223][T17575] __se_sys_mount+0x119/0x2f0 [ 188.503904][T17575] __x64_sys_mount+0x63/0x70 [ 188.508528][T17575] do_syscall_64+0x44/0xa0 [ 188.512957][T17575] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 188.518858][T17575] RIP: 0033:0x7fe6b5d0ddfa [ 188.523268][T17575] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 188.543049][T17575] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 188.551505][T17575] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 188.559473][T17575] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 188.567430][T17575] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 188.575470][T17575] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 188.583424][T17575] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 188.636356][T17584] loop5: detected capacity change from 0 to 264192 [ 188.667674][T17584] EXT4-fs (loop5): inodes count not valid: 2848 vs 32 00:07:42 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) [ 188.810054][T17575] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock 00:07:42 executing program 0: write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb82081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb629aadb7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ada638440d8597ec6b8a9a4c48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a40ead21147419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db2", @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) mlockall(0x5) 00:07:42 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200c00008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 59) 00:07:42 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x34) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r2, 0x0, 0x6) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x7, 0x9, 0x3, 0x5, 0x0, 0x8, 0x80000, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x5, 0x4, @perf_config_ext={0xb9, 0x200}, 0x8, 0x3, 0x80000001, 0x0, 0x51, 0x5, 0x9, 0x0, 0x0, 0x0, 0x6b4b}, r2, 0x6, r1, 0x4) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x80000001) r4 = syz_open_dev$rtc(&(0x7f0000000180), 0x3, 0x101000) write$binfmt_misc(r4, &(0x7f00000001c0)={'syz0', "8ab32eaebc1f183ef5eee082cf033479c93f1f66469e94bd4ab93292149af30384449811f2ebb8ac674ad74180bffca202726553fb9ef1715741427fcd1bdc0e25172f394d0d67c4532e39420d2405a18d0bb5714efddc5ac91111646fc9e44ce180005ece244e932a9aa30ab6bdcebceb4221f41b2ef47cf7205b32a43567882d41eaa471963a200d35e8e8df6a482ff21a8c917243889bb52e41fdd882b3352f6e07c679d4700654dd0d7587bedf00a3bf27ffc1332a7eee75ba10a50437f2d526ee0ca70af7386266169b"}, 0xd0) 00:07:42 executing program 4: ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="de7fc54ed1acc4673580a17aad612f49de04192a466c4fde741b15d6d99088277e78140e6887492ff5641a4d6da9c0df6e89976f52a39a8b651b2df595cfa988e7ac96a4ff0700000fa5638301ebb381e53af6eb7b7e461af5bc2c5c2203", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=loose,dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB=',noextend,\x00']) r2 = syz_open_dev$vcsu(&(0x7f0000000040), 0x8, 0x22400) r3 = socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) splice(r4, 0x0, r5, 0x0, 0x19408, 0x0) lstat(&(0x7f0000000440)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x40004, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, r6}}, {@dfltgid={'dfltgid', 0x3d, 0xee01}}], [{@subj_role={'subj_role', 0x3d, '\x00\"\xe2\xfd2\xc9vm\xdaz|\xaa\\\x8f\xa7l\xb4\x8f~\x80!d\xeb6\xc7\x9b\xe6X\xb5-\xba\x9b\xe3\xce\x8a\x14\xbd\x1e?L\xf2\xb6\x83\x7f4o\x81A\xb7\x86WE\xa2\xa8p3h\xe0\xdd\x89\xa2\xcbhu\xece>`\xa7P\'\xfew\x83\x88\x16\xb4P6+o\x86!\xde\xf9]\xc4\x15 _\x91G\xc2\x84D\x05t\xa4\'\xdd\x81\xec~\x91\xe5u\xe2\x80\xfc\x01T\x9df\x9b\x86Z\xa6a\xf9\xcdP0zb\xae\xd9\xa8\a:S|\x18m\xed)|\x8c\xca\x99\x9f\x04O\'\x02\xe6\x8bz\xda\xcf[\xc8UBp\xed\x1af\x9d\x0e\xabp\xb3'}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@hash}, {@appraise_type}, {@subj_user={'subj_user', 0x3d, '#{-}--\\^]'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x5, 0x34, 0x65, 0x38, 0x35, 0x31, 0x38], 0x2d, [0xc, 0x33, 0x50, 0x61], 0x2d, [0x66, 0x33, 0x39, 0x64], 0x2d, [0x33, 0x5d, 0x36, 0x52], 0x2d, [0x62, 0x33, 0x30, 0x36, 0x37, 0x33, 0x65, 0x30]}}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}}) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001580)=ANY=[@ANYBLOB="28100020", @ANYRES16=r7, @ANYBLOB="010000000000000000000300000014000100fc0200"/34], 0x28}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB="000000001de6cbbffb63c734c316186abd88c61cfaa33a16c38f2250f2484b49b181b6d609680454e2dfbde18d80d757b8ff38c6da7ccc07c11348e37f606bfbf519ce840dfe056f42d2942fd17057cc07b7ee2aab3c640c8d39b79c0004000010fc13d24d7ee868cf59f871d213dec547b16b5583fc151d45033ff6116e034b936e5866a50a30261a6e1d9d141808109ca31699", @ANYRES16=r7, @ANYBLOB="100026bd7000fddbdf250100000014000100ff0200000000000000000000000000010500050005000000140004006ef2ffff40000000ff0300000001000008000300ffffff7f0800030007000000"], 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0xc800) clone(0x80824200, &(0x7f0000000200)="a944bba31d4916dcfd89c352b82791d703a8a5be787c5be2298d465726", &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)="0941a7f71942564bbcc3ae9496ecc925c405fb6da94d495896214fc1516ad8c1eba3d8fa878ca3cbfb9bfa61a0a067c82a008d654fee1193b65631ccf571c7736eee864bb6148aae7306ecdad97828ce68a48d16d376a29b86aa84de9671ddae73efc452aa593a5995040076d9b6497f1b1161645f5fc5057db7a0ff582abd5579e4d594d034144defe17cc1bf710a48ab447630840988b12181d810c28527de938e1a011cc0") ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x6) wait4(0x0, &(0x7f0000000000), 0x4, &(0x7f00000006c0)) [ 188.931371][T17606] loop5: detected capacity change from 0 to 264192 [ 188.957347][T17608] loop3: detected capacity change from 0 to 264192 [ 188.966532][T17606] EXT4-fs (loop5): inodes count not valid: 3104 vs 32 [ 188.992116][T17608] FAULT_INJECTION: forcing a failure. [ 188.992116][T17608] name failslab, interval 1, probability 0, space 0, times 0 [ 189.004775][T17608] CPU: 0 PID: 17608 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 189.013539][T17608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 189.023599][T17608] Call Trace: [ 189.026869][T17608] dump_stack_lvl+0xd6/0x122 [ 189.031488][T17608] dump_stack+0x11/0x1b [ 189.035729][T17608] should_fail+0x23c/0x250 [ 189.040131][T17608] ? getname_flags+0x84/0x3f0 [ 189.044800][T17608] __should_failslab+0x81/0x90 [ 189.049600][T17608] should_failslab+0x5/0x20 [ 189.054096][T17608] kmem_cache_alloc+0x4f/0x300 [ 189.058848][T17608] ? should_fail+0xd6/0x250 [ 189.063422][T17608] getname_flags+0x84/0x3f0 [ 189.067928][T17608] ? should_fail+0xd6/0x250 [ 189.072414][T17608] user_path_at_empty+0x28/0x110 [ 189.077338][T17608] __se_sys_mount+0x217/0x2f0 [ 189.082017][T17608] __x64_sys_mount+0x63/0x70 [ 189.086654][T17608] do_syscall_64+0x44/0xa0 [ 189.091062][T17608] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 189.096977][T17608] RIP: 0033:0x7fe6b5d0ddfa [ 189.101382][T17608] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 189.120985][T17608] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 189.129382][T17608] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa 00:07:43 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000040)=0x80) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200d00008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:43 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000740)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r2) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0), r2) sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x1, 0x0, 0x0, {0x1a}}, 0x14}}, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x40, r3, 0x8, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x81}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}]}, 0x40}}, 0x4000008) sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x24040}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xb8, r3, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x101}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x18}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}]}, 0xb8}, 0x1, 0x0, 0x0, 0x890}, 0x4) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x5) 00:07:43 executing program 1: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x81, 0x1, 0x28, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280)}, 0x12000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r0, 0x942e, 0x0) r3 = eventfd2(0x0, 0x1) dup3(r2, 0xffffffffffffffff, 0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f0000000240)=0x1) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000005a00010a"], 0x1c}}, 0x0) write$binfmt_misc(r5, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10) splice(r4, 0x0, r6, 0x0, 0x4ffe0, 0x0) r7 = accept4$inet(r2, &(0x7f0000000080)={0x2, 0x0, @broadcast}, &(0x7f0000000200)=0x10, 0x80000) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r7) r8 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0xcd, 0x81, 0x81, 0x0, 0x4, 0x200, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000040), 0xa}, 0x5b820, 0xcd0260, 0x6, 0x5, 0x7f, 0xffffffff, 0x9, 0x0, 0x2, 0x0, 0x2305}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x1) ioctl$BTRFS_IOC_BALANCE(r8, 0x5000940c, 0x0) [ 189.137338][T17608] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 189.145316][T17608] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 [ 189.153270][T17608] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 189.161223][T17608] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 00:07:43 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x80090100, &(0x7f0000000040)="a735e9cf3511aeaf4f8cf12c97e3c1710dcebde257d62335cbbf7a8d1046823d46147820ea", &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000180)="3cdab34ef070b4dcb5ad11c10d3e98484757ce75eab00d4dd9d7082f48ccd3aaec86d1ce052ed2958c694e17163b47047327925bee7bd18a82641b37eb48279c6627f1282cdba3ec9121807e0b8abd692c9bc1c2069928a27b5a2c77101f568e") pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) write$binfmt_elf32(r0, &(0x7f0000000840)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x0, 0x3f, 0x8, 0x9db, 0x3, 0x0, 0x9, 0x2ff, 0x38, 0xa8, 0x6, 0x78be, 0x20, 0x2, 0x0, 0x6, 0x1000}, [{0xac9d2ff5, 0x101, 0x80000001, 0xfffff5e7, 0x1, 0xfffffe93, 0x8000, 0x7}, {0x6, 0x8, 0x3, 0x0, 0x4, 0x3, 0x40, 0x8}], "7c4cf5a5d1887936d4c1ba0fa2fdf1f4cd8c34bd21c669be28c2d4a401c638c657528974ddf6ab52a1f4fa3ad1abf1348e5ea63b69681027d44eb63c16672713dd171d5b3303fe9e52", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9c1) 00:07:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 60) [ 189.277083][T17643] loop5: detected capacity change from 0 to 264192 [ 189.302413][T17651] loop3: detected capacity change from 0 to 264192 [ 189.317308][T17643] EXT4-fs (loop5): inodes count not valid: 3360 vs 32 [ 189.323246][T17651] FAULT_INJECTION: forcing a failure. [ 189.323246][T17651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.337172][T17651] CPU: 0 PID: 17651 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 189.346033][T17651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 189.356091][T17651] Call Trace: [ 189.359376][T17651] dump_stack_lvl+0xd6/0x122 [ 189.364007][T17651] dump_stack+0x11/0x1b [ 189.368244][T17651] should_fail+0x23c/0x250 [ 189.372647][T17651] should_fail_usercopy+0x16/0x20 [ 189.377745][T17651] strncpy_from_user+0x21/0x250 [ 189.382594][T17651] getname_flags+0xb8/0x3f0 [ 189.387228][T17651] ? should_fail+0xd6/0x250 [ 189.391712][T17651] user_path_at_empty+0x28/0x110 [ 189.396656][T17651] __se_sys_mount+0x217/0x2f0 [ 189.401428][T17651] __x64_sys_mount+0x63/0x70 [ 189.406060][T17651] do_syscall_64+0x44/0xa0 [ 189.410469][T17651] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 189.416363][T17651] RIP: 0033:0x7fe6b5d0ddfa [ 189.420764][T17651] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 189.440492][T17651] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 189.448886][T17651] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 189.456836][T17651] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 189.464872][T17651] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 00:07:43 executing program 2: prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) open(0x0, 0x0, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) [ 189.472944][T17651] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 189.480896][T17651] R13: 0000000020000100 R14: 00007fe6b3a84000 R15: 00000000200000c0 [ 189.500975][T17664] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 00:07:43 executing program 0: write$binfmt_misc(0xffffffffffffffff, &(0x7f00000017c0)=ANY=[@ANYBLOB="33919562f8eab1fa3779b54bc4fb1418a16e3e47d71546788922b0623c2782081b1cca256f447711bddfbc496e0b3c7434a60fc8a89860b2631748ed1385c03ea3c2d0002c63e9420a1cb62914db7903537d331cea7a885c1068d138aa20fec0aa64f6e8419a5590261ac48226a92b9352eae731e09224cc478b595c0bd9467cffc01d907790c94a0000000047419980138410ba1cd001b72f0000000000000004f8cb715772992f7da50ca2eb163f272805dda6f08d743eb1307468a2ee389f46021495e6a10bffbf2ecd8fcd8e5f772d76afd98752b492c67db20000000000000000000000fbab03e07de8e7d999db4b5ecbb6ab9dccb5119ff666ff14f3525c8a027abf2f38942e9926f8fb8688af180379e526ecc25461dee7755ba0a5f40433cde2537b5c771ca094a552587dced5b58562186275cff7a4c6e120294eca76acbbbb521a8e50831bb87cc19cd249c2d58b6e0fdf7bf99b5d807bb244a5e620ea9681f7908b84", @ANYRESOCT], 0x4240a2a0) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}) mlockall(0x1) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) prlimit64(r0, 0xf, &(0x7f0000000080)={0x0, 0xff}, &(0x7f00000000c0)) mlockall(0x5) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000001740)={0x53, 0xffffffffffffffff, 0x0, 0x40, @scatter={0x6, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000000100)=""/198, 0xc6}, {&(0x7f0000001300)=""/164, 0xa4}, {&(0x7f00000013c0)=""/10, 0xa}, {&(0x7f0000001400)=""/217, 0xd9}, {&(0x7f0000001500)=""/135, 0x87}]}, &(0x7f0000001640), &(0x7f0000001680)=""/101, 0x2, 0x16, 0x1, &(0x7f0000001700)}) 00:07:43 executing program 4: ioctl$BTRFS_IOC_SYNC(0xffffffffffffffff, 0x9408, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) renameat(r0, &(0x7f0000000040)='./file0\x00', r0, &(0x7f0000000080)='./file1\x00') clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@noextend}]}}) 00:07:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) (fail_nth: 61) 00:07:43 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xc01000a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200e00008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000080)="01000000000005000c96", 0xa, 0x560}, {&(0x7f0000010400)="020000001200000022", 0x9, 0x800}], 0x0, &(0x7f00000000c0)) 00:07:43 executing program 2: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) open(&(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x2, 0x51c41) ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000080)=0xac) open(0x0, 0x0, 0x0) renameat2(r0, 0x0, 0xffffffffffffffff, &(0x7f00000002c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0) syz_open_dev$vcsa(0x0, 0x0, 0x2) unlink(&(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x80000001) pipe(&(0x7f0000000100)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) splice(r3, 0x0, r4, 0x0, 0x19408, 0x0) ioctl$RNDZAPENTCNT(r3, 0x5204, &(0x7f0000000200)=0x6) [ 189.769389][T17683] loop5: detected capacity change from 0 to 264192 [ 189.782066][T17689] loop3: detected capacity change from 0 to 264192 [ 189.800403][T17689] FAULT_INJECTION: forcing a failure. [ 189.800403][T17689] name failslab, interval 1, probability 0, space 0, times 0 [ 189.813069][T17689] CPU: 0 PID: 17689 Comm: syz-executor.3 Not tainted 5.15.0-rc3-syzkaller #0 [ 189.821843][T17689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 189.831951][T17689] Call Trace: [ 189.835319][T17689] dump_stack_lvl+0xd6/0x122 [ 189.839906][T17689] dump_stack+0x11/0x1b [ 189.844066][T17689] should_fail+0x23c/0x250 [ 189.848473][T17689] __should_failslab+0x81/0x90 [ 189.853244][T17689] ? alloc_fs_context+0x46/0x500 [ 189.858184][T17689] should_failslab+0x5/0x20 [ 189.862765][T17689] kmem_cache_alloc_trace+0x52/0x320 [ 189.868072][T17689] alloc_fs_context+0x46/0x500 [ 189.872845][T17689] ? strncmp+0x34/0x70 [ 189.876916][T17689] fs_context_for_mount+0x1d/0x20 [ 189.881942][T17689] path_mount+0xe0d/0x1d20 [ 189.886357][T17689] __se_sys_mount+0x24b/0x2f0 [ 189.891062][T17689] __x64_sys_mount+0x63/0x70 [ 189.895707][T17689] do_syscall_64+0x44/0xa0 [ 189.900120][T17689] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 189.906130][T17689] RIP: 0033:0x7fe6b5d0ddfa [ 189.910538][T17689] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 189.930166][T17689] RSP: 002b:00007fe6b3a83fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 189.938576][T17689] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe6b5d0ddfa [ 189.946593][T17689] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe6b3a84000 [ 189.954563][T17689] RBP: 00007fe6b3a84040 R08: 00007fe6b3a84040 R09: 0000000020000000 00:07:43 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f00000075c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000003840)={&(0x7f0000007400)={0x1a0, 0x0, 0x8, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x4}, @NL80211_ATTR_REKEY_DATA={0x44, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x401}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="a4e94cd89d1ebab1730d4689ad8933f9"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="6cda7e733cd7e7f563df8ad0e0eb69bb0d0ae939d66cce649b6c73d793c4ada9"}]}, @NL80211_ATTR_REKEY_DATA={0x74, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="bf1b37422c4be6d2153a7f76644d5e831c1cc38f91357dba452d90ed58b305fc"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x2}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xffffff75}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "daa2795c2d027a1c"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="5b3c3483e8e2fbb721e74569b68acfe8a0db266f780150cf"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="1a550d114fc242c13e38316533ec81c7"}]}, @NL80211_ATTR_REKEY_DATA={0x48, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="2408b62edfb8a004c64ba6c113c26697029a110af63a802a"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0xf0cf}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "8d51bafa891c36b3"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="4d42e1e49f07620d9994868ceb3cd066"}]}, @NL80211_ATTR_REKEY_DATA={0x74, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="5e27a691f04421dad2830d8249f6abe2a353c8ab5e39a8e7"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="3955ccf172d92fbbcc0d9b6a36ba249e415c8a7e27e41907"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="d180434b2c480d221eeff0e8ee537aa6ea77c267bac4b2ed"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="00764a6afec10b2441740a8583305246fca3796705b4a7f1"}]}, @NL80211_ATTR_REKEY_DATA={0xc, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x6}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x20000830}, 0x4000801) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sendmmsg(r1, &(0x7f0000007300)=[{{&(0x7f0000000040)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x80, &(0x7f0000000100)=[{&(0x7f00000000c0)}, {&(0x7f0000000180)="7fd8f84419fc62d468c3681a43d729e90c56975da5f77ed69de8ad0cf7904d082d009686008a0683a705b2ba3f2fcf97e2b30b32bcc518f645068e74025832065837703476a82214a6a3f684aa6d268a2d1b6c3e5ce5a031b22a46315955567a7ec7b483fdceba9d65c92f020eb42ce129a61be38a7f87aaa436057595b9b630b60a", 0x82}, {&(0x7f0000000240)="f56cc5dbf83411b61dd7a14b1a34d85a5bdd9d734565c564150059be0085de8e3a498024f993b09b51664303c27d0bafa3bdb42b0f657fc24a4833d2d513e3041fd649f9cb9db0dd51c8cf585e03b84b5862e50494ff71b6ed9a3d145b7e1cdba6346e09bf513234f5e61e0475d12eb2978dd752db22bdd37c00e1f867fdebbf8e0e6ed0849a7578772e52577f6d3aadf5c2c0c9ef550f2638915d3cc226a4bb208400671e88f68844", 0xa9}], 0x3, &(0x7f0000000300)=[{0xe0, 0x10c, 0xffffffb7, "638cb8a91dca5b7e9abdf70c3f54cc55e2a6e44fe2c3d66aa25ce552942b13081461f4962b9312aa9bdc481a52590f7072b1ad81c652d6ff90855a348de08b8ca123c10040ddb947082a916bb8744fc2b71323de0c3fba4c4b926d10e10447c7cc87f0d80b616f3e1c4eaa4203481c3b3836247e7b12eed5bc86c63871b49bca5e0fe064fe58befe942e6807c41290835886cc1a1d6ab1790a875646a474b90c9a94a3024a8989195d91b8992169bfce03d58519cfa5af3694af3f9341b54e6ce02e46a1dcf81fdbc4687b3f"}], 0xe0}}, {{&(0x7f0000000400)=@vsock={0x28, 0x0, 0xffffffff, @hyper}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000840)="a79672fff4a2ef884ea9e503fac13c7d3744160ab838b6e77d03ee45c4e9d37a91484670d4046cc6fc3a25eb553178620540f3e955ec34cdb45fb04a1710abbe0fda0de2e0a36ed7617fdd93fbbf383f0b204d6cd7023cf220b88cf4d08b908139c4f5274aea5d789fb24308c6dcdd83378b0cefcc0f5b2484d6cd33fca2d13d4e311fe0bacd82c90f4a931382e8dd61f23564958c726d52faa35c166746106fcf79f0745c9d73b5b6fed90278e1a8732250f53b8068c7ab88b6fb4889d846a838646e7d5acb47b40e91015bc65f1e3fe57f8b585b9291ade5aed8daa4e467b7d0d61d5e857ec027c2d60af75edff9b6b8a9d343dc06b4afe4f0c4ac8b9cdd8fef77e1be2e8e85855960b24699b784cb8e733423dc466abfe0acac9e4e52242181cb4487c1a6d2f3fcd9820a206a1d4283519978a5caea8bcb720b539eecbf50b5e062b0bcd1ec16c61b5c9c0aa61f198f9375825a58d1c02ee0ec1740f181f908fa755d931093992ee2de30b0f10f91e8574decaf8f705052542c0f638820f3a9db82b4779873e8dc2ef4978e7a3c8e345b7074ad10af28ad5f2d56e9ed8a3a4744c98fa89486cf4790cef02912e2ecb7eacc4a84cd0f256238c42bd977712ecd56ded5c60c0aea6d88f6d901d0e1713aa41de3cc1c835ad7ed9d411613aab0adf561909f225f199dbdba394ae301b56113da667bc1b6f64c40511de5349c807df11a87dfa665c39049ef1c6b89310bf8f63cf34eb2e60c52747d1cf712c10c22d417a9dde9e0fe62e3f6362868afb5d91bedad478fa9a87915a927ba57fecd8216924fc712aa19d16c4e037379b027ccf44da6ed0e5877b528b0f44a8c3bc6b0019269244ae01f6914e4e6d97d6fb93e1e052e9549f8119d1d27a21a836ca1d92ec822f11c556c8a77408141dceb26339cc5d8a1ac6627488d780ca839394b69413d50171be710a88af32915222c955a95b1a191e486a687d3859f7bb9931bb1ad111634e145afd7a6408a08b6faa8b9da46abe422308fc03abbf37bd30d2fa25a85d8b04ee593a56a002029f3759de5118aed020c7559bcfad4227f5a52d12f52883704ef766df42643c9fe8da7bfd1722c9af0a652ed798c9179f5b1326a70667397bf9566f59d53d0447b1652a78bae2c733c6e97c5ad3bbd9b1b8f20808cf77a732c08b76b7e840c0807b30eb676565a6e567bc28e0a9619daa051099f9fadb27c357393b2d7676f49acce58c939e4256faf8f09c1cc16b23239fd9ef08582a6c6d4683df4ea1f28480d37c6eff272a76decdba721df96cbde6d002da006964c81a98dc22c43a42a82b2c752c8dedec498a8e9dc15f194a2331a971c3590cff244b1257eb588660435918b4a7c72ff99c1a5a531970303b5a41329aaa4843c8fbe44570b0dbdb5d2496eb862428b12ce32e8607793f2d2c1ea0db42dbce1afa1338288dbbcea8aebfd3461470abbfb9d0c041414d8a6b9511c4170bb7416af48f3a6fb90bf757065934ad6236c0e8d4940b343f03ee23b94e65826c6009ced3ecc959b8735836774087f1d458193675ef534e2ff04acd0a2f23ca4348ba891de3915bb3f52d8f9b38563d15d0196dba1002f1c7fe5265483665c6eda7a9e518e02588f8d6ca4c34dda9be8b3780c722fee567d10b70a9447e2a00c05490685c16e8097f4798e2d993e571e28f994543d3a8f02057855f399740eee8e03ca7148e9e28909462ad57b7bb189515a5495fe888eaa361bd2b0091eb9fd2d24ab3a218addfb12bb0f4385f780fe4fdd404914306aaa7e539b35c17b83a803cc84c963e64ecf711f1ee5fbd70c3a49885292503317082e6390702967b7c87df8b7cd12d1ed49c3ec7fe6435ad23c18754f5c5b2d15d78a51fa3164e0675806c5c69466fa8e99d696a8e25bbdd9cdc3ac1227db40d80bf5432f578af462d1ee74d41c9e62e4aa50f42aef99a17fe36305fed42bcedf67a8b9de6973a837963bcd680a72619695111d38f699ff7daf156629cbc4ca70f0553ba7625f6869bb69407086e55bf70ee98f3b179c4f96afc37c9f61f418e94226fe0fa7073a9061bec7a747d072ad23b5dcdfc43d454366b7c8e8f0e1f778ec4ad55ddc08b478507ad6dcfb5cd2f0cb9f203bfaf9165680ec209652a80d66851df151da22f3f8ad9e56748dcbbebd2dd7c1f7c5b87343d671e2ab48610ccf2ae562b4c019166f286fda5844d6025896beb7c994a5bbf20245eff8508eb7771ee1c7f0348b57837de09cb2de1a9f8521e44806cc7bd299c99a91d895c74e5b062dc8686acc68710789a55cb35a5dc9b4c7e0cd1b55be55aadcaa707128a276f983f6ad7c0cdb113b5879b547c7d2ca70271e2943fdbd7e5a024a5bb24a26a486d4f358cdddf12644afb25467975a65f825d9a31b6ade85af3dfda7cf7b193ef612955fdd09d8f3ca3a6b0e7d9b09d32994fef8c32d6b0bed6254a34948ff8e2d08db31632b99b41de1561a76f239870658ee98aab7a39d2bc886480ceab3500182a9b483dd99225cc9f3a558c028a55bfeab1eeb197a1120a733aab1c85ac1c3a52cb59139c761d2d93b54f3314495d87110372f3bcaa0c082c46f56cc65ac8fb29168d2b25eb82026f02919db6cb389daf00b752c0c55d35a21e6c70e854a04747f7ec748fe7a9d951f5a3c7c151ecc254bae6442d9a2bb8fdb37ace67266f7185750f7820c87d2a39377824315ec3ae502ddf1d6df1729b1a7d61074ddaa55c121508e246416851fc9dec1add8c07a1c7dd6b38bb7beeaf0c1da2fa870665b3b54312d0fcdb074231219453160c38eea3d85f97e89bb57d0393f394c7a717ce273676c6b640146bacb5e16aade95a04a41d2cb63a848c9840a22df416329dd41ff50f712215f066c390c2d67e1c13991bec151d27348e5d868549970aa6acb590e522626a9dbcfe84f7b7b24757e76a085f1f2d77c2e199ac22b35eba930e0aeceed3fe4b31a1a965fc0cc28bd304cafed8b61e909dfa540bd42d22741f1d07a2cca2d6824baf429cfafb185ccb221c56c45363b8bd5eb7f4167bc484c40042ed90bc77bb1021295e7200eaf3f0925aee1ecf5b2750eccc29be4063aba34cd01d63769485a5cf8c66385f0b0f9ff8f9dc7eecb60bd2eb116f85fa61008dfed4385e7a31cfcbe488f4c74358d71252d3b097086ec65778c1e948341e8a85a468597b991d48fc514d18581070c17eb989a0cb7652aeabe0491167da93d4f656994a30fb0bc8aecf77bd872ba39a75b4fb7e51bbbd697d09c0313088846a6d7d4cff09bca29c63e8350e6e6efa344d3ffc952d27f9131963e248b98c37ab2a38752d1e81c8b8b9a0f70b5381e6f73b088ce4778a4e382dfe3a1de6baa8079bfb3f6647069fb0c65a898e51603facc9cf07b9918e3a87a456228d380770c478f574d7bfe7ffd9d5dae27d4349900de25b114660946921b7185d7053eed735bcebbb616b49f546b9535bdecb4bf72ee430fbd0c4c64759d2db71aad2a9476fafd730f1b8f36cadb5ac4d07134dbbc2ed40439f1ea297dbfb84e24c6f95ba7f4693d858b01f29373381b209616c657d4e2404962889070ecb976bba795f6e5b66cacbaea9adcca406fdecd70d72a82feca82e66b579a677b74ddb956081a2b9f0297a3e8122b88860cf4ae1c593ae90a35c21154ea1a54e41d0ebd9020336a14c0b57230be3de49278500983a242a21053edc8259d4cc5d4551e1a939479819951f1881f3f8ac642884b1dae0cd38c41b25071b7b542dc44f23e11ec7e86ad6597f6ffcebf3e8c834a2db1a34ea4ec8abd2fdd3f6dd5fb2bb7f870530a204331bfd38001a5eefaad3607e497d267aaa3a77ea842789ea83310d5f200bedc0163bebe3b8839b48930915686c95eb060281bc3e05452cbc29fc7da05382e7d27fc3303de44b966da7fd24d3644d5a89bb019181e7181b467a240fab6049c51818ba1e31680cbd0eacde580da419846efe4450a73a9b6fb99f8f186d62c16e83361eb0e08ce0e739625c3032a2d8b968c50cd3da1146ffe9000132a88325e41e34451ba5acbe5beaa19f8ee933f972d4a55ad5bc12a96e927a2960a66872cdf92077ae891d7d559d6b1ccd1f78c4dce21dde808d6a4da152297de8c5f26375379631581400d82df091bc84225f7dc21cb80646049d14e517022c26eb94966c95790111001c55bf960963b28ada9717993f3ba8e1af8a68970d991d7e64f4152e06a579de319ab74aa0ddca8bb0803b9a89d543a58546ce22fce92ba2a06406af7f080693fded34f69204eefaf3ad12f5c4cae4769e88b4b814c04a953743248046a6bcf2fd310d61ffcd7fee76bc40f3fc59a5ff062e4416e1884ff2d04d60e40ed57542503e080d6f4bdc2f70a08d216076525fff2f78b334f74e8ca2389338af58d53c9a2060372c91b33c19ff9b515c5849a1de25b56ab6490b49629357ce3b70168465b0660299680647a3eb2aedd5d896153e8723cd54a8e852700a7796e23758cf0e9cf629b2e8b8da9b860205dae2627d62a27d6c3262986d3462b46368b36d791070e32e4e873cbf25b8c08daaa7dda359e1220ceb5b555bc4223f313e4e542ad59836ccbf925ae85f322cd9493bac855995c88b89c4ced953a8fb11e3f9353091892f96579fc435d79ab2df5b5205da8adb3cf7b2018be42b95a14601b202e490fd685f8b754e84125dbddecace81411a771b80a2fd2cafea647c572fe84d6e82a176d71006f0ac98cb536375cb138a978cea2209ecfc2fa258730cf490a446ab958d20b069daa2d9fcb25e3a40eacc44b576da5b3c4d1375ef07a41b7a99b1be9b3462391e46af62f6f246029c17511fc56a0581b1d56919126e50fc96b912f625c0962994eb9b3b29633c93c6116a060e86063af5914bf07fa4364af6880f2bce9d2f0bc15bdc56a73769ce4e7f70127f136d57af2da521f3a1e1054930eb20bf8e9d29a86ace10a1044d1fbecbce7876ea603aa8584d4bc469b31aa15fbd5d77865a381df71e5715c5a3183a0dc245769031c28e8b58cc44302bd07c6212304a61465b649c668b332ee081aa93a27ef98475f898f3a388378bb474349cc2dbd1c1cc6e6d88ed2015fef62c738dc2a540c473c03ba991109f6ad27b7c5f0167cc737c26e8d7efdcc54e37d7e91732cf504da1f0faff01f5fe7cf8f4f733d80d522766a7db1ab3cfc6d2f40db1699fe002a225ea891126fcc3db012b87ee779f27d2d9416dd146199633dec75ee6a8427ee8f58d68118dc3ce52029568f2bb9a6635a297ee21ab4b9bd0f09e94986634e1395368071ace6fae7572d9e4c2d5308871acd55df6d1905cd177c9ab5e6f72447cd33611fadac88837f684688dda5b6ea0ad58f382f3d35dda44a58d1eb26fdae3c8bcc07b2b710b892e6675b31e4338a4deb90f3db1019cd1dad3be1fbc0352575ca1b0b05088ca745d2ed5d5794ab5c64418538152d5b510c4f010c9f658945d5b813d36ec861b27e2ff61a41f4bd4d72c138471713bc37ec6347146e9dca4c4258db2dd03757e0b5ff9dacda83037bfd9273f8f116fa3cd47b786485e5f18e2ca63d47af5184c1e02dc4b2ffc4156e9c22ceb25a9e2402740cc4f1285f47959dcc63d8d83ae8ca3387f7ba5823ddfaf995f581aeb8a861c9c4370353761014090ded501a78a533fec7b384656f179436261beb67db561f4881ee135e2aaaa8e036eaac70fe3feadde1e72ce548532ea966821ad26043bc4cbbc95d283e8d164dba2ea4f83637794253b3d8c4a710cf9ff8a189cd1d2b", 0x1000}], 0x1, &(0x7f0000000500)=[{0x80, 0x107, 0x0, "46fa4b38dd7240499407b91ef70f50c7ec1018d07841bfaa44de03515f0ec7090dd274f783b764fde277deefe8569884b9df24bce402d0d33f995ec06a9aa9eed4dc56bff4f32969377344deb2f8a2a195846a46e9d0a8d7d4ca1b4bdb8721ae31748fb68417c5449142"}], 0x80}}, {{&(0x7f00000005c0)=@qipcrtr, 0x80, &(0x7f0000003a40)=[{&(0x7f0000000640)="d05daaa0dd68c46395d22a2cd2b408a5277f580b5ae1d5a48fcc47b1186ae74e28b7190945e6a00ea078f1193875832998877e86bf998c16e5d474d9de4d83659a39f3dfb72d5a3319073201ffd68c50a8d83c", 0x53}, {&(0x7f00000006c0)="0d0a627dd653cf52b00d37e28680e79bf60f4563e5a34af516cfa1e840cc9c4958b1f347822c9d393c12baa506206a4d70c80582b4f2c3fbb365e1f037b5a74b834bc863b477282740b94e8652592ffe7475939739bfc99d4ffbc90e27ef46f64742b01841db885023df261a7bb55e4b3cc998b7a34c5d02b87224abacfa8e84feeda9746d2fd525296d98b9a8cd04a8a9212bb019d72dff6c7f267f8c60bf37db8cc59c05862465aa1b88d6c768e7ed937c642fa41bc1a8959aa1421ee2e7f47b809b813571404152d2f169d833382a192d8544cbe45ef3eeebca26498c0136fd9a4b74f3697dbe5a74b7c52ebcce6eeb11d8c602388cdd1198d3365bc191", 0xff}, {&(0x7f0000001840)="368d14f6f22836d4e545a4a0cfec39f6d49504cd0d28768d0730787c0196539f710e281da69e6b27e4aaf62d1cb6c2fde4f20e35b002a853a6f1cc210bd129c7e74e03a30621265d0dc2272161174ac336a5449ba40e7094e7f8edd573015fb731df52021df2dbdd1117c855933e2d7ebcf26bf4b44cf734afc5131c3e2b686750ed2e71abbb5b8edc84738a64d57f4a2587e7ae79692ce28c90c9f995f1b8c2f2a4f1d98172de6fd1868e536acd09508348536a8306dc880a702d5feda0cdb838483174ef0042f35a0bddc7d1bbd1d2408f745eda78b497b1a3627ad4ceae83736e1474bc32bd0936a5ad6b3a32ab8c51cf8cb9ad0f015c830cd8ad87e8209c85fc6d69d96930e1f67ed638295675615160b9e6aafacd5d543e51fe82a591c9c21b461c38f4779e452139be62a1a5f3176227619229c704ae6331b5c7a9cda8d259cced823368438c9ad0844e660442cf194f03799372ce354ab83b206f21ac400cf914ed551ba7776e79d5706a11a41b17829df733c27dc551e3649febef21c63e1e092ef05fb2d9b5e57d6aaff36ee904e0f16d5e203d7f13391bd6e82147add9fe0fd5ba237b69dee9f8f809664b5a2b64bb76d06da87df875d54ab110b968c523dcbaa7e502a385258baa296a656fdb958f76a773669f06056b4ccfa87a47adbf498304e54d515a7066227ef0da338c45427328b2e389c3066da316bf70285655b01f572a89334a75bf9a1a6484cb29182e126f03d2241461be2da5d610e286d1fa28fdcdbec62c718a289bd3160e8dffa40f26df41c48ead3bf55f3cf1680bcba51fed9e7fc9dc1fff24b2baa56ed59158ca94cc3c79e85b62961be63ad0e310422baf675714d9eb88285a65f64144da063c63e222d7efea7a6bc30982b34434283b635ba627bc7f001b62e9d413d574cf0bd64305a4a6d6f14f9377dbbceda7e61393bc2effa7359b3321ac57edf175a31d454e0b7456b35dfa57c1982bad2e81ae52ae7ec0454e08137730ccacd4bad729b2db95c8b7a264b71391bb529e4d404ad23650ea13916a40cc1ace012e5c38b3afe771dd1a540557db40e27e2566c6b4529784691716703aac6742b87bc0d9b6fbe035f960a9625f67d39dcdfd9d072f54635dde01dc3279ff7817a057e5ac72dd947f6229a74658d61f47852301bbd7cd3016e672fae86da0ec8dc0f4c478b4204a218ca289a6e7444e3fa2db3e6bc1fb75c3ba502185b80c7c389b8acaba3df80cbb9566d76d2eb9232711886113fbb302284411ae4c1c11b720e4dba5c75203680909587146a9e90abb2ddfc2f703741ad0a0752a255853d546f50bf0217a8562f179b8e2550a55cdec63e60562f838ecc579ed2b24c80cfcddafad4a26b571cf74d0a4aaeef40398f60bcbdde8c88865b54aae340c14ab817bbf3390ba9f6b0fb663242f68536113c7a7003d31f3d72b5050c7134c0fbe269b0ee2e1dc9722fa147cdeec60224b66cf08dc577b819cfe83bb1fec548bcacd4279628d14afa3bb0364e46c29022279bfc55fa068b1582ae5d9d290cac548b153d4cb6575e48ab0b9d9ece09dff2c1014e316a5e4d0dfaa7d6b016124c14cc81a69bb0a50dbc4cd99d71b0e4f2a8f1d5ebe6c84f2b80bb6d3e807f0000901d032b5112d713adbf4c7b7f24da3ac58021f2baf80c4b5f08232e6295795f9648f7890bf378c8bd0b194b9fbd8c0403f8ea529054e1bd1e2dc77cb64400bb0704b0f313eed42c5db5bc4b5636897e8d28eaf21e4d6868a1017f73050a4c550ddd8abcb7f9ae9bf0c8e095b21a084a08b863e68671aa34e5c9a0f5d99bf6289ffb800b81ca35b7742e29fa704250ea4d15651483d63902f45a1bb59cbe700d8531713a4c2b4812d5c32c63a5e83a3671c8520e1c6a3d8e6e6f3a516f64fadf51cf07bed2198541898c908002dd8e8a5052b2f793a921ac77b0e1ad1f05d1b4a666fc990a4f05cdfb014a3de1563c18c94e9961806c33aa53e22ab9ab44e884ea3a7bdb5a419f7cf4d8a19fc8f4d48d728485655b7cd053e6af2db39b1dabb4398e5c314f02834e5ff110ed470cf3fda47a33154cf2bf88701936be4db8190ccbd77292ff4c08b14dd9e72dda3d16fc5d4975c979252e9f5c8039fd664b084a89ff3738bc7ac2989f2192150a2964dae5a98068a8d779e5ed9dc2e7f8647f8d776d27b4a59899428b14d13c740efcab757ec1ce6be7f9c9464085b8cd328ed1aa0ae06ff92641801ffba715f03b9db04704922de81ab7c0992117d746f6a974ee997455371804344f69c57ca455fa20e08e3977b2b538c2b43e91acf147ae8a6cba139125a17293cc2908bf8bd518066b13678a6e81f71f9de34d0c3ca69ee8b59d762f8a61b73dd6042879007dd50aac8626c1d560cca4ffa3363eb8d591291887c1c21bb2cb18fee24cbc81a4fdae854adc9d9bad5f9148f7d7c0f3594908ca3620ded5f2006bd559a6b87f32aac20ea1b3696b4e67896cbb1867acea3db7095064d6dc4048cc4ea8fba9123075cdcabbf1f230c8c61190c25004aa7378fb13dd329c6c11a036f0f6d962957468838661cfc8098755a7605281978084b9f3a02661d5bd4004577f028bdbef46a10bfa950d0ebd619ef2919f6eac103c909b9dc1b15a2796b6a89979c6d9e14f40b23d52700ac6d14ce9fde05faf08aa8e9a1c7099cb41f87cace0de2911ef4221eb9fd1de97776eb466fdd7dea56e0bd29d37dc4da3b5a694dcd2ba46f2e476dd10b1079b8299b7e0259d106587edfb4d26c9a43508eb6ab256319023391c475fe18bcb8f557b3d6f42d9e08f5bc26359a41571d3e6eca16b4a928335b9172f6202575397b14b099c545df00351fd57c794fc7a7d1dab0abb6c520e4ae15c8167b04b9ec5c043ac942f6b7c6c86c6cde4bf5c26ed4104b4171612b1bf9701ae712d7556f28f8f1baa104037b5271aae81346af904cf041248938147806bc4a771073d25ffdb0adbdf60d7a90fe216e7813b0b21cdc9797ffa2e2423a468c5851786451e3a6a31918c94465c51bf3e60dcc81f650715936023c7fedf2cd3adf5460408de3f05b33bb1b2fd6696f6447e13cbf68041d7cdc8fec45294fdcee10bcc2991da0a35ce6d773dfdfa819df99debcbaa355cd29a9dfc2f9f628d09edd81c2db4f32be7ce242d6694c33d1470bac1bcabaf6ca506edd13b7bd2901b20da69b4b77d0c4278d3b0f93def9f625fb61827afcd831212f2376258767913cfc262641b134c528e77afbb1f884d03b6fdba80380d60d1731ec59311b828fe2bc47c69fa38b488ee5445501dea72a2f04ab73b53a625c8719f777f69e6e02469c5709fd62e52700d7b9ba54e99bf2d46025e8a67a1fcdc1b43982e19c35222229cb55be6fd23fe823f819af074285eec4e803b5387ba968be1c87d8b2fcef733a6f45329df2d10ace907841a8066ad6857f8f62a6ab3fc45c78320c57942763ce57a1e50f39eff495cbb8053c1411e0b71a759fb532421cc750600a7c4c472ed3a40291e2a4023b3e787ea1fef0195a47c6238ae4ece6de03ad11e44cde52c6692a6619e8a36d413bb44df135a780e2703679190f520b1e90db093b374e273d92cc6d92f3b401cd9f317d472ce0e570f0cf92c18502c37bd30cde14b32c1695b06ef464bc762dc1ed2619f739103fb51856881ebce1f912a499ee7e3439399d2525d0e9eeb5770d20de3d57f7d48ed8c316a6d1a533c0d7ac8e7fdb3997b1baebdb29a192d624088bf63039a865a28f0074c0182d43e28b29955a44ca00b29fd6d6c0592561739b235f208a53046e9a5c4eb5f5c3e9e2132e58c98dbaafc3b44d96f362c2a35bec815286ad9c56b696dce2075401ecd186f438adfb4082a06931307fc6825cd65b349095c6cf983f2e3c9f26f8e254fd383d7bf86b93cc2bf9afa707b16dd4471a991fdce74dbb4299a8a6e9cf1d061f4ad028fa77401296919e32d096b9b2aef1f604bae8e3512ec11c4f8711e7c1deabac622a7370fc7fc3f1b3abe2f3437ea5bda9762b4885742141cc38ae5a86c69b9f00ddd6213bc24c5bb4a100ee8108874eb42dcd772b5e35ffa89fccc220d6a6309704c4bf88108bfee95857066a5ca752a73f786009d2209694dfa978a0ee55f4e4274bbc37485ed6c61363a375d2c7d07e9638ecf52fb74a498bfabc82e88d939b56bff9564b0bf1654c17dbeaeabacce9adb229ac8423d9363d6d8290650f26033422e3bf78e06132a0772641d4f57f0de7b43ec571655235e6b7412cc49477bb6847c3be0b7a9d82d2c4ebb45fccc9b6bda172fda2b1783e0aad5cad99a393cc2c337c751f10f0498cf9080dfab415892d368b52f24eab13d186c9fbcf7542570e37352b8001661fe06ab5e9fc1d232b0329648957c68a143d8fceda228252ce8ec2099a4bde4ca8e52151c8c70250ecf1127ea21d3383d5cdb153f99f996257ef651b9f69f1016d3a9281c3ed75d8aedf30a4a5f9015a90aadd5ac9e62fb430bbf3a4769e828e8af89b1fa561dc7b0ddc615bfbed60b45fe5d0459d887761befdcb72269355dc1b337aaf338f096bd0f24e93872e0e219736f14b9bc296484cc5e64ada6770ff03d7cf44a698f106563ddd87854e7954214acebb08ccfd8ad951b1b5f165473b128e0b19b5c7e7f49846bc4c315968c8537795adcdc78d249243775035b2f0476ba1cc51b7991af61979c88a320bfbf2f89e8ee5da94eeedc3846eb82cbb247e2ada54e2a0570306d71edecf7559bca18c18c2bfb22239981b9796f68f82066d91c5ab6416f4bba12eb6db7d4b34f384367803277112982a4a6332241433bc66546c876401eb969d1d40d3b649608640897e2154606e9ad703214f2d2368eab405739e21d86ea4d92a5c04781898e04ec7385322e64100dd59e4fd9d1e4848145660d3514e25d72b8e8c74f7d05b92fd7be8f59a86d9c0a07094b2d7a3122df879ef3d5ca742143d88c425f01cfbfd04dfad4f6f32fc8cd62da2f914cfe425406885ee438dcf9d7c21123da7e5a8b090c70d4a8e01435a824b573f12973c4acd146b528098889377d1456c23d4588c2684d9235db7c7bf1e2b3b5c8703126c2d936fc4cfbacf13fbd478c2332a910e5964e21c80a734cfbf6e1fe19cdbeff73e745003761e7fecef55bd09939841fb45783f2258fdb98788cd6233509d5c253d112f8011212628215880ef841762decf38da358233772dedac5576ff364bc7a521f3330b507d92c6da2d86d984eaf2fff1954278435ac17267ec659ec4f7e48934e88a1beae991edcf6c62a0bb51cb1ee107b3cdf1e7882f1bf3a81460c25dff380e69b888fcb26e7fa13857d0a56cbea356490642d7f745f97b699c8e9f8987fc7bcdf5d10e7899b28ffdf4022f98842539ca8bcc04305b79ed84633a3a85cbc441bc7e1e0bae2a7599ebc641a65ee10405b6ed422ed0e03cb78f478a45588ffd541dcaf5a8cd165b08c3e2d67d678e78612acd9cb75aed4c862db39871cc20e870fbd2488e2967062b6b12f543b74bb509fed13daca37f33cc0d3e46888866e64590d9f118b0a10196ed665c984f1ddb9f155ba51013eba5c7391b403be009a98cbcd5d9377d050c8a24eb58f2ed53bee3b2e62e8916ae5d7123165b8a5884c59cf9586dfffcf029436ab0d3b87b1b013810fb2e8314db50019076d377b81f8a686cb5b88885a66fefa9f175e703e67e5a62ca2723d4b690cfce5cbfbb59723141782275e6b021a1fdf482346fee51c04f9eb336d1ecd27db02d1c3d4b44efe5f88a18b1a3", 0x1000}, {&(0x7f0000002840)="eee455bfcd3801b3b9db4357deab1fbe27708fd96e9ed7d141625e30566b59a461a8ab428749373c4dc450c7817ffbb8541d92c6fbbdcf1366a5b89d39347cff8a2d125c4902932d33fefd15a21174bf453e034f4011cbb608899659d12375c4a0efe297d2ae0d400aa248a1b136dbdd5e1ef079c8c6e38da06fcf2ab80be86368fa63ac4e9545ebc50d640aa9f7ec24ed2700db503161a4c15ad1651a796b6b6605bb5757cfd0c3e7f4f712f587ca525c94070df9f58c4b8249312256a46d5c3f86a8d9b246f0fabfeba02ce57631fbe6eee03d3c8d24dab165b348bae9aee317a85247b2ba4a0873babb7c3659180e069cb97919f8223a4a6b889cc7bfbb3ee050e86d096926f798c57c003ad24cb1900245171ccd700f1d72633f0a4d2bc0f77f4134462d422e1a48a535279c64d50dfd364bcb0f46b30a42955f401b318bb5491fc25f7fe308def272bccd95ad6983ee684de114c6d4eab11c08c4cd870daa0c7fa9ad2116d16df5ccc52ab15f2d53e77a27ef61ac625dd597f16ec791e4a041f46ee0563e44b76d0b8785a6586e911c93d5796f7eb5e79755f23310fd178f001c44929be66ba392987d0999ac3878a44b44e0beb61553c1e60fc29689603fc3f0a05c16d02c60ddee4135424a34965ac7e4babbf07cb795c5d8aaea82bb20d147d32b8f4b088d97943d5e684620062d04dd9f3680e702cb27ba7826835b78b76f71f434fa5b4a459a0cb1a30fbccf57245f2529f38f634e7e0486e0423c5b82772d1b034bca72e89a8613c0defa8e543efc8db85e84a63cbd8be5483d61ca9032a6391dcf9551bd79674b1299e2b8d1876a074e64dc93f7a316ed8c7e9c4ed8ad3686e2c87fb02d09fbb4e38caf7e39e6ee4885f25834cb2622318356c1d5ff290270279ef926ae9c1970697fe6013307ef2bb06aa4ea700a45bc01a5e39ca478dcd70c9db1b4e4acf804a7cf4356924f5d565e52eef53aeb6aa17e5e4c285b3c1df2eefec1b89c6298469e73e87f303cb86740a4709b3008a74d1da6b32efa07167900a7b68a1b9f6ecf960f6fe220ac97048c340c635efcafb6c9d4ad25c2855bad6ff968dcf9de1c414379e0ef80c46866817f7ca47c68f0b01e004f437731d6a61623b37a047a637ab7dc282a3cc0b4ba40ddfd3025305470c2a3f5a3e19bf0b7d8c0d23e62b9f4e5fd5744fe83094b9f5c571901da5a412606517a32a03f90d32d46fda210f8dee83a3e0e9f93f0ca03f7f2e6f2146c1348dfa3842ebf6d2c1b8bb40da1d9004dbe965864bf0c4af512b6daa83cbc0ddd35a1f4353021f5666f0eb949965d2cd8db696a29d104f25af19de18862d0ec70c68cb47a50d53cfd7e6d30bfe4c1ff151c00abb134a2822b7f9f505c964f8dd15fd8821329739e1c0fa6855cdea6b88d4da68c38cfc2cf8085f8b58e4de00ed37fcdae9e6fff653f33ebf8d79ffcdc054963024d527007651963854d29c309a0b2cba3b9a3e021217f37addf5992bd9d33fb5296aa0a5ceb929693da4940dc254efc73fcfa710feb4405496b94c5628ebdb6e2aa23a7be3a2737bfc39e661c321b6959d0fb6df4fe7f99b7a15f9be60be536c320d1570065b9c7bca94b20147ebe2b769a9116c10ccd4fc165ce8c9a7fd427da32d86dbbfbe57a0f5b495f65e696fcf823f4f2b28412e14c2b66b62459efcf84ad07b78bfdb5d4ea4c403a731a655906b9027f3b783db91d92b56bcba054523b33b436c4848371c6648b0be4309972c281b15da5f3521e99770a3269fd3bdfbf84473063cacd7a4b6fcce9ec748ef38928dc489ea68d23a96972fad8127a4f110431bf5cbb9e86daed118b667d84a7b02aa88e8ef95418243de98c5b4f3f26b322eadf98896123a84910623a0bbbd9af8191b120d5eb394c1df5e9afabbc5d6c561ca70914777812adca917419589163076da8036baa209f9cbc7c825e7595494951c0d65b80fe165c1dc78c972ae5850698022da67bdc7b37adc6838f369a54a0d651cb7b4dab4cf28afee10b41781d7e14745d73d3a64d4dbd02534ae4ee40f6a6fd3d52e169fb4d05c1f74a5f4149b64d47475f2afbd18c5c38185c55a467a54df3493f6f309f10a6227f1480f8d669f22262e00f377e673d8c58a3c6f2d6828dfc52b7a92cc7d63418109e9f2f15efa53d97d2d986c4e2ccf9c1c7def91d5a2dcea390446fab0b3a5f6b9f9e2fc961da6dbddb28ce46beaf11a0827e2f59e4cc2ab90e99a474ba8d765dbb27c13adc9689fca82fe68086f0c8ef87b147117f436032a6cea1c79afd04bc2e796afcdb5682e73dff704fb2a9a797bd7c5adeb678740e1dcf306dc85fc61d3529184eed2972e255922ede6feedb65bf927c7c3011f4eec03d0eb7c4778aebd28ca9964e12e63c0f819617e1b7ed8c9ec124224125d2af84aa9369ebb3da356fb33dbe3b639bfcbdeb980b5be9ebcddc8123611a0e4dad0127e6a51dad71b7d787cb3ef9bc0eff168e31956e9c41a2533c5b2aafd6ae1d485b1f93c8c6a272ef9fbe15cb7440806499f6582e8c5871006d23dd1da7313a4da7c3d3041d3f132721e4b31fd96847e04a6201617706ffc0f1da627d989ff2404def32d1c993413af541b00a41721d0c2c321c7fedf674989be746810df953ca237b564c6fdc3d7e7b3a6feec7e206bfca770b3a95d616367d8a6f2d9bb23d85c3d95e613d10241b652c848644076e6235f36d5755ba155c5cdc3b38ccc2fc44793b77efd229e6209942fd0de232cadaf9892cadad2735a830f800b3f61cfab4879443e1722c07e52f252b90ea293e59a5492f26683639aa04fd870ffc39f67cbc01f428227582f7c2072afa1d3cf429dda21e53e43000ed72db6c154a87894cc2db24206c7d4ce4cb59d93f233421f1eea86d50cb1aed57dddfb4bbc9b29261ce94445def84a3d041b6da2a65ee9064497950303d359b68cb8989001323a7b710ea72a884f61a80b8c743559ffb7f0278cb56705d2236082ccbc43e069429c739f4085098fd9413c8b0d6ebbea4cc2c50e75d234531a41b7898959cbd6b724b2f758345990075b56546ec4a9b598e66540a980d72de92a34bbe1151b1fe150707aaaefbceb2753d1d96b9d2c1c96b2b2bf9c167b8c1b09867abc1406e14d8987bc1242ab16a55ae122cd45636dd5af924d746ed880aea83400edba404f8460e8913128eec856c63c352eab082de8f89aa9b71e304883515733f373bee0bfc3137946796ddd0038d96092a7ffb86960be3d9bddc0df91c0e08ee9aff12d2b9cc845794202b0089a0959c1b1857c5707dfad9ef2d48bc6124f4a3d1e87812efb74bef96fda2f50d23340982460e133936e9a6580ee9274956dbe2771a04bc43db210c941d12cf12d6c74197387e87f9c3bd912294a909fe0237a5ce7d1cf8f274f024ec7a635958c5002bb86f05044cbcad30d7fa4b99c1678fc8c484e98e99db5586db62a1b41887e4fcc952c3cf0a4239242a9cf1424b11246317c6cc15938ea681453143f5402cd2d69a882375d4a20f87fcb900c7a0d339825a6f0973631ed3823984fdad254fb0c4941fab735b7b02f76a674902e1c840fe8bb7737e2309c4218a430ceaa8cf57714c1a6db9e6f5bb644115bd1378338596bd219bf53b1d9f27bb300814de4c33347e8528502c5e15b47dfc5764aa8d9e1cab17524d422c7fee0212a3cbb4232b1e9def246c3bcd5a69427b2ea3e27fffa01fcccd9860fc120dc6c48c360b15b0b4219a4e25ae32838e5d5f37ff27f0b57cfd60eb10e8c75701ee11184cda3fb911d0336cad5c3bed41542ab0ffc2234e8a2bcb92acbc5da71fd85cf16619792fd31d6380699012a7acf63884d8bd4553a93acfe6ed9643364174c29a865614c1fb4fd66b9841e47504a58b62e811b8c5687357f495c0031893cc95ba767d061a25ccf6c997dab7286b90ab629051700dc116461dc07a6326b0f2381abf40ff5ef9d14d81dea94e0286884305bd820f7a18b2bb2e465161b7df8ef27f13c28b6059edf3fff5ef5ff5e615433af2981e5a0fd9837e6f5eb67128436981c3c76ee088cd2df6e2d7ecc7f1d2069ad8e1286263598cfb209e7362c2ff204b323079882a201a5364a343d5cfe9d4bea84414034bb4336d08f1328917af8860c1a0bc8cd09554265b8ee3a1472f37ce7970cee28bfa48465c65a82b843ff71fbe23f62dd0d039decce3a503ff2ec2833bbdf55ba6ee2120c344b21e3bca090897ae8487ebe2b857e0b054d458d61ecb98898db990796cce5d0c3208627f08e4bbad11e37dd7785c40526e34f08d182f7bdd0dcfdeaab6846273303e03cd31607b18366cd614da152803b487504de47b66d0656376bf9d62146d50d048b7cc3845e955e614a1d53003e961e8b3998fba20e6fb0dbac9f6666213c2e22e6a12f15f4248e3ef2f84f7d9eb61aedc8f8c6c638b076d6b4040ab19eb9b0e5234def143a73899af7dc745e11659d7a4d7bd34c465b510454bbb108e81436b91fff2e99cf5784982d0dc84996707e7071307ed0b4f3ed837e8e7a269870ed2a459d202839d9cec7f7a1fb5812ac0116dff6e9a013d22974c9d9dd23ec8f5b3c9c4bbf98e506daa7d403c47cff6c7417b9b02082f876301844ccdc940a70855c36aef6aa5d7429f89c3e6192b99fa735d8c2f08a7dffc9b0e496925189df98d0d4c7e7e49f40ce1ec422a1f15751adc343c52091dc06bdfa7a6fbc7ab6b39f6fc12e86ad17a9260b34c2b35a4f9e35575d31ab44afdaebd5a6c956bf00602f4b549530638260121dab0928d411a3c2e72dacda342d04f0af9354c45713d1112a014aa4cac62ea013eb9c11f5568ee2197953a9c745322514b6aac0e9743cd39669756d0f64fc50ffd384bb100ee772980d539e581bb4f8722064e4be34fd92f2a7195cab4792fc7a565dfca79564fffa4abf4aae3ab00ff460b764053f58c82118e4ba0ca7bc64db767f00175829ec49c9e82643ea354b95eb1ad4539027fdff104fcc3a9ec143496d972295823494f85fa3969da74bacd9ad20a437fd3c47eb355abed2b9d0dcd6c48273508bda0f9bcd0cfb93b3e50b2cf0e63ee63c79456a73d45e9b7a24757c160fddb78ff4092cc1add80f45f3322da1f1a8842d70245d47eb8d6625ce02c95d3c8d5bd5e3af282ce78cfe446f5dfcb9035f50071583ffba43b48bb783d261ed44a754826c5615f858f101c11c660c0db1cd68ca63836d964ce7f86ca3a37f3209baff8f92c80d2f55277b7f25d80d9f39fadc5c3d1a59493c69927ca9f3eb6a6fd283744fdb5bfb7ddf856bce69b08e611f8b51564a134839c37521c44b07d0e515756accd3159cfc30f05808b0c9873787f83b8ed2fc48f871e59b6ecd7893b3647ac40e987f3f8f10712e8c44b1c7d7cdbb167f5eda957fdbc0777603a48b9878b6d3fe5327e21efad2b4d355a6a0a1a66fefd706abd77c95e0aa9e8cef30c5532e42b0910f2a94675711ba3cca38e293d82805504fdbc84835836ffbde6c03946223c4b60d104865fb55ef7ef75fef8e072b7ec483f014cc1c4f127e222f5b04a6b1b4e8c7c4ead59092757e4cd199bf6e1821cc17447f0618aae7279adeb11c1cf6ffbae0af418187d358894a3898b8bb6faeee1ca26fc8a9eb81338316c81e1c701f143806136096977d5997303ec6f6648569eca6903895b41bd2554c9066661a337fc376e1f118b746e8f1a291ce89b24e533c8b09fb95fcb908945e324786dfbe26e04fe7409daa83e0eddd8871a97857014f888c3a68142b06ab1fb47", 0x1000}, {&(0x7f0000003840)}, {&(0x7f0000003880)="9e01e1670776a745bff9db81fac1f7c1c9c1ba28f19aedc15b0c90e99cc20d083fdb07015e624680a1518e34640bfa15ee6cf061854f39a516b88260ccd0dafe36265ff813049990f003b819e7bbfeb57df1b2fdc32b64389d34009e13b0a8180ebb88ff15a4f6f086e41412ff71f5cac13765fb507e1944caf414f62114e9dc51c8e4c0bed14c98c8745498d2b5cf2dc2ca7a745e611d676c", 0x99}, {&(0x7f0000003940)="f1ed70af42f6e0d09498dfc8676182522041ede8bbaaf281a69df36dbe7834952baab624597a209b21a17e0070a0930c99da116005eea6dcc5ac61b0b6d815e1c7a5b8291a2757acbc4c697ce591ea3b3fa07601cb979bd37ae7f5b5db01be5f953b2fcbd681196268ddb851c2f4fd0b96a29b1d35d554feacb7f3b5971750874e2b1bc684d9c73bb4fe336039da9049d6cc869c8f5e34bdee36ec81b7e9fecf1eebfef206f67fd825d16bb721f269e956ba7932fcf32dd6584d4d53187c70f7ff1a391fa52a1dff321d966e530432fe0f7d6d20e16dc532e8e3970346b8c83f1b10639e1136a9809f1c", 0xea}], 0x7, &(0x7f0000003ac0)=[{0x38, 0x108, 0x9, "1abf7cb80cd20e9791e33286d3b32180d96c4dd71b5f4dd200d7392c72fc04bad1"}, {0x10, 0x11, 0xfff}, {0xc8, 0x10c, 0x5, "59b7b1ed1efe14bb05ce0d9b4e6a123170030848e405781e6bdb64594feb3c428f10cfa96fde26a5c510c0f47ed5fec659ec2d8220d838d40112a9135bf8a14a6706b6340599cf60dc5b208d3181572955a14393d90a3d4760c86c3cd21dd280b2746d82f4cb663e3892cb3d431785b2488b2b45d184119838ddfcfd13c409d180844032e487b6ad78c188908267ff17246950f0531733dd5b344d00930c4cf3fd6bb9f6db03e05f530f9a1fdef17ae3edcfc01d"}, {0xe8, 0x104, 0x401, "ed2d4b1525520b01972ecfd9c2385ff0694465272448cbc1cd341f590ca80f8a287e4ce2e803c5661e4305d086744f60ece5b180513b2d8504cf75ef6741b98dc3cd0e96777e73fa0f0498f2cf36021dab7bcc9aca70c6f87bc3a0593316df66ca42b8d875a6cff393c93d81c1bb4a852c80fd4058b2d4067659a89fbde5378018792d1b6adb832b56a8b09c811971d6df92b06c585f13effbfefc9f8da221ea36ef7b54f3dff9e3232674ceec88f6e761791925ac0ef3bdeaf5df34ba28a96fee872ca2469c1cac6cb3c4f1b2eec5c73016bf6ffe"}, {0xd0, 0x10b, 0x1, "0cec0e89ed87dc07ec41b52a239d7a4c96d4bd5fdca79a080dce7f18cc0a2cc39b47ba150b31a65d5a81b01b2253a40b184a082c488bd9bdff3b90e42ac9dabffedf59213bf89826816cac25258082279886018d2ee36551609b3fd979825efb621fa033a8f2b8ecb30df2adfa82cddedd723589b51d7baf21ba9a3d3e7ab2f7a1de402b45e8133b405865062576f7ae753eac29c850cdff17149d20091c8604ba2ab255b68fd76ed063743796041db926ea5700f0364530331baa"}], 0x2c8}}, {{&(0x7f0000003dc0)=@ll={0x11, 0x19, 0x0, 0x1, 0xf8, 0x6, @broadcast}, 0x80, &(0x7f0000004100)=[{&(0x7f0000003e40)="fd64bf887fc4b928ca85f731228904d2b4b9cdaaea5d0ab8ee025b1b0a4d7a7f711ebe15c61fea54392ccde64ac409cd1ae52b306dd0c2396eb19e664ee5f74cd04e504844be5e87aad512e8ce8aa0239e153a654551e605ca159658096ccccbad440ea35a6e46b9eca3d7e5", 0x6c}, {&(0x7f0000003ec0)="bed9c04c624d82a290fc4e322bb051f68dff972de5261478f91823eb3c1e7489e2ec82f200703f8dbabd66511f19e8cc9c1c17174d1a17464782e7af18f403c4408a4c4b4a88e3f3fa2ea8be171ec6260ced131c32944c0175904df544905d42718fe693d2d09d89ed81f50138840b66dfdbba5f4c5d37a52ec45ad12c509e69cafbff3add230351aca87947592c493e326595dc5e61cd62e8069fd4a616ad07295f902efc09408003aef706f5727b3bd9d82a12764aa8424138077c89367529fdaac8c76fb248395b2b19bf7e53a3231c", 0xd1}, {&(0x7f0000003fc0)="27cffb72e424a4a11abb41c4f030f474c5173047546f0c4f2b0e7b9994e1880a1a9aff798f75b89dc2fa4f09e9781af7d3940d5c0c801dba96553cb7da8ee9a1eba32fc7fe8d1f093f18bfdae415db9e1927dc3f9b96936f8211dbd4658a878a00cff05859c5e92aec66d3fdd7cdc27571cfcb33699a27f3c862fc2f0dcb640a4b8519c81dc30868bcf777e76205853a9e9e407126f613758eca92ea7155f538f46d1077026fe0f16457253e0ed293a6125a50e59fb19139af9e85271ee876af5b98bd4090275a70e8376d75841a78d11cb6c7d3875ffe4d49e5c2d6cf792d904511a6", 0xe3}, {&(0x7f00000040c0)="34fbc01f25d1f169b098e3dabfdfd94656c0a3748d761934eff8fa8a5cd20727", 0x20}], 0x4, &(0x7f0000004140)=[{0x28, 0x10c, 0x8be1, "e3d87a15adc155ef7cf489d15911da663e71"}, {0xe8, 0x108, 0x8eee, "d4a80f74cf7a07372fbdf27e6296384e04055a5e09d1c0b9190ebb666836af2c8657240f0bab336524e2d88564ea70a87b3e0db1ff727bc5edcf51b5f5236f5b413359339fab1bdc65d0e01584200c710c31c534bb08ce18c757cd28a9c46bf634180dee05e6f9336b60b317398a49e14f93035475d7f347f6a833fbca3468c1ff0a4c24c15a26eae0c12aa097678760aa2db263c5b26b33c1373f8bb86f38e5728faf5e79639837ab6569b83d63d55542dea7273466b60dff60e39a93e37e216c80cc8505acacc8fdf61a7feda3341782"}, {0x1010, 0x108, 0x2, "dc097b816e12d7898cf075d312d9804ad6c1a1e64bb8f986813e0d5283eb86350ad40709e05bb1edf0ec26785f267e9dbae6f16f0e5a0a1d38727942cea6e2052cda8daff8cd58a87e7bc6e7a4e1e90a2e4a8ddb50464198e9ff3b9fa82b3b1320dad3f6c0d48ab9a645e0fa86df87cfcb446adb0d1e3c83621c17c512affade3d21053dc708616d7c0f49f26f046a87952637e475354cd8e8d21ac2984c923df2b2d01db963606fd7baff5e7d47c5988c558f1e93ae66de4afb8f1d9c5caf8d5d09318f7a290d2ae2719117757e475107a97b77a1a16a0796c17fe8d2d54aa6dbde33764ae40d709198895bee016d715b9d03c36f86c4a50b94d73f52da5746ff1f9f356dc6219669fb40e8c8cb66d93e6d31d6f2574a44fe110beea42e90481e5e219f34959dbc5d51b83ae2c9fd2c9793f53c05a17bd6bee155d61042003d7c942c4730b1ce989452a6693bc9313ed83301465a371a17b8bcb141062155c2a676c19fbe29c05646ab542a1c9cb40c6d32b4393531899d07f493902e7b572c8833d63bb0b52db052dd244ef4d0a27940d35a5342cc63c0764ed0030b7ec0d0f0cbd6636acc5a5be394067fe67b2518a1dc237999f871126e4935c54c4d997a8eafc4ea60c607997df5176c836c3cc5117d16a39cacee42e5ea3faadecd4c6ffbcc1472acbaaf580c7dbab253338961e0652814c6dde761e5698cd1529635683b8f06c4c279d3e86765bbc2201404f7dd67a6ffe09b79855c1c6674aaff0af292aea516498106a9be61a942990a974885813377e2123cc5f0c307c63a43ac97c07a1216a9856d01db6b8d1dd4075d802b20c844ca41f3abf1066b153757c70d4853b4705831c0a6082e8fc31a876c2b84485c0d57b7af429553fdd816a2d2bee1743b9595e61f798a2d6cf2b6ac18121379a3e596bbd36623cc20f2f4d6d6ce53cd8252209a74e13b3c3674e4f589ef1b7da626a9ab65435b1e34aeaa228e45f274d3e34d23b217584f44bba4d31c64bff88ad1089c496ab694ba291c7e4a79e617bbddacfe196a512fddafae4954e19532b08aa8f892982a263f52ffe6707b13b083e278264cbe1be5c80919172fc1bdcaae997229581de3f783571ed0a161010ff62128edc65bf6ed33dcf3f151129b0d2547b8b3899d6a3e4a7b18e4b17227b8f87d5bef82ce5e7a1ff5c8a7b40834c43d819d6d2a7895b3aae0f82b4e5d9fca56360aebd75ca732ee33e09d30067a7929a7c7a376bfb7131c34f1abcf8a89a5e891a2f5730d934e8ee0a113cf6952d6b1403610bcde5bdf047d35b6ea95a63fc1d396645367b8ca355bbc2515af025413dc8a3bb12c9eec7d3c9639b72f65dd1c64506a02abefb049504a5f2ffb77a7ae0815d7c1b90cebdf7236fc00a59796343b87364d9b48dae2affabef78a4c406bfda90fbe90b92132e82e6e1944ad6b961a570254752c30a626cd24fe1158372a1cdae938bb0851aa1456b292bd7081b50f5f7ac3d512fb6307c35b95b3df18b392cd172fab46369812a93f604cdeb080d201680b951b24f09eaea14591d850cdbf5b42506837ea4b718cfd0fef983b8800fb705591de5075cbf5fd232cc445ca36d2847033780ea69933eb90c2b420907228ce4c35216055b63f89f3550cbd1ccaa3deba64d09b14c8234eab90e464ed5ac5a4119749e9fdd884933616b66f838b158910456d23df6db383335e02b7c56c0d4ae2b95a2daf98c402653b77c2ea741c00ad97ffec885ff31d1e1070b33d43ef35514be778dd951f4f0e141e3b7bcaf65a9d706868cdd786d18d4a57ce938c981ef1f9ccef9616ddb85d35c1549240c6bc46af9360de51485c6af0862c1a77408c01900a4c0c4fe8731751b6fb53beaca9e47969cc257f850ed47cca9af65f90e68181da23e6475bfd21f67e8f3a28ca930035bc5b77ef841e1d59425b3346e5a8016c4dfff36488bcbfccba46d4fa2a538d398861a7949b975f253bba66f32398df6721acea998a84fe2bd0da674825b16bb7736bdc6e9af0fc1b0e053b78ba25ac18deef91dc6fd756e05422e58bc7ef1ca74bf4caf604d3f0d5e10ca68e77ece6b7775c56c00be48aadd82c5e8c0f840a99cd7762a143938defe15f538c6a900d40e68dcc2a73c28670e722f37454ab13ad2becf5134c0ae5b553e00e112e4ac2563b9ec489fd9c80909f6bab1ec74a4b8fe64a2c2c5095e7c312deb9e3aac9683560ddb129b17758e2983535304f01460d7be9bf434be818aee8eb36daf5f9442c544c7c1f3e7c9821bd36989f6e4e763aa30c0c14b57542cf6214aa912b1f092d6662814514833075906c770e301e6309bdf8134a171b7a304e70563474ed289f34eb696bef314a3e3def4d330a5344269db9be94d9ead0dddb51ac69b1304787db630a8a0fdf82d46cdcc496ba0a8ee40229611dda7fc7ee1bdc23e1fb1d81fbf8c0bfbff328ffb41bab427813e7205ec61df589ac9ba73ece689f875a5cb92bfa232da22a37e89aacfe2af66a24f4dedbfa56f0781e526ad5d57cb91866435c9628c47aa683209b25d76b249b3e8f2f791b0b770d30fa824764d7b968a904a6bd96e3f02fb6d05f85fd52d5e358616822e83ca446cf88c995d5792465a04c2d86597fde935afc37ea63b52d35926aad95222402f0ccc7f0f050c230be5f48432a3923eacd13aa0323f454704e71ce9d8e45b3c9a27f73b7a2abe4b89a32ae6d56ca47fbbe2e6d312ca22e02dd5967926c5a6bee79c3ad15d8334ede1a8cd51e4983001992fbe14e6c167a77fcb26603e253538ea92c38c5309f22aa3fbc77dbe3f68eeada9a4c8135efd74d358857095c9f545b56524d3a6f819f6610f24e420bb0b7800daac6781936b1c539c6132c97d691c8932653f69fe876e41c173dd2ce6cd7c5c8cffea68dbb6044a8350d8e50611ec94d975901a8cb66e21181f6068cd0db165b97ded3afa6f1e73d7343d11d1f372783bda5b2bfd989bc65f19947f6ef12b067cd406feb8849cdcf794d77197c6dcbe9780f5017f875e477f7e8a54b5aab219e705c675b9b6e8a7a09ef2f8e5666747fb4d6bde2ddd8ff3ab6a62f7a3f6f6541fa610cecd7db33b9e1402a57150d92e4d6dd551c637d23fc2286bbdfe979aa6b12e46a4c70d3bd2d90c6792b5698b68ed4ca436316a7a59606dfcd6563996812d9a2c831a8ad53c8a2c635d3f741a50554ca9bf18b244c3a5e288cf5c60b438ca1908b2abdb5a9ba5419ecfcc945906bde88a2c9c59f62f6804eef90a161a0a716fbbfd3647f31efaafb40fc2f8ab1458fbe1a83b09c5b622a30064f102011f14c4b74adea4379ca31e0bc24825a88b103d6ad3b4e2e4b43f69e3ef44bc2615e6c5752b0e9cff4e15acf75414cdf8bcfb93815456741623413d5e49fdef7134f09143428831d1023072762c056d1b95299f3a4cb3354d7347eafacc57146962a50145cba34b2bc589b1ec817b7e4b635c9c3f6e265fb41d4050fc684d6f4a0ede10ec7b8d290b3b567cf1cdd04eb6a763203d4bb0ea1911d76d4f0b34f4065ca39d8ee38b887f61665a36e13192d3be7869145741660488677101cff1bf3ffd37286f63e208e01a6a1f195e661b585073ab769bf789bcf359073636ffde2d78b4c2df4b8433d9c145c833043e3300acde0db2b5ff60ebeed6686df378a19654b9111f40a5bfdd1e4b9338da5a36b77633f87bbf64c51546c1974eb6ddb026833787befe3ed1367125723361585135687b163f63a27cdec0c1f2c9de21912a75bce60c5d0a5acea9742a22645bea845aba80bbcff8f652e921a0db4329c6d2d51306ca34bbc1a914b7750ccccfc98ca53d002d33544f118adf1e214b72a674b837538af7f2b33cbba217c2942f1a2dd19fc3225c02db608aa9e0d1a7689268adbd3995e702a991b9a0ca5634719c3bf1aa1f6bacb10b8c1acbc941dad827e6e3649927d1c504a1929c6a268310caed7d5b0c7a259bb438a232c5dd07f5f0b2097eca403da9236c960fc099fb908b371ab568f910b60e8d3a2f42ae994dc4c42e470a90dd30c49d761b39b5ad678301fba162d037f2ea7372f0d452953b1e7f819f4cab178abf50ca9850570b4b26c6d46bb1a44b5824f09e76047b3d77626ba6c8271365bba58bc97076029cc6cca573619e8e4756d010e15c748f13666d09a92f61cb8a74308305f72d631368d251e3127dea8f179085e88e9b544178e5df737aa22b3bc0539d3727d66246196b63605bb8b7e17c18e68de90061c083905f1e72d305aa8dd3eda0fd200ce7148427824cf786592c402cd9a49b86ad48dafed102efdb1ef7ecc105dcb85acd49238b437fa4074e317911e1e388c263f26ad9bb8e4788074ea6ef9f1f3483ad56bca82539ac160127b24533f35edbceef96e7eab8444c7499356fe3945623d03c11833c875b51d233355cf4f71d09a75c9770491400c6b230e2f4ed920a32b8a0836ee32d05d892a147b2b9c1de8756d978af8b973b0d388f21f64666b918b970881f49a47aed02c6a7846231de797b4e6d216e9480df23f723fe6c74854ee94a2dd34d919b21204f9987549d35e440d39f55996ac17c19605e01bb6ab20caca2ae4e5a99aa15ddb8af245f39f1a483d733e110466815c23c3ac25aa81b64bdbb07eb099f2ea30e90e0bd0f41c86336ade7693a99172c322ad564d44ea1684676d5803bd130133f6e196790140e03cd73cddbb2970a9c0a016e34c409b62cf17e103c697eb0938ae2bf21997fe0dbec4fbf5a655edf9318aab97be60e59834d5b1b9881fa13f0fd7025503bbcd6310bf82304f7d5bf3d16d6e4d7e96f1da01a723a14db459e266266798537a36f1228b9629cedbd6d4371c60dedb28a5bca27e2109364e4904bb3470c6c25891542568e34a6664435581dd7641d9f9bf77bd0fe4058c2c164b8d21e7aa6ff40c72a89f7c9af728a4cb2bbefa0542fb4e4413f77aa73c15b1f0cc44e60fc87cfe5ff741f1e551681bd1fc173346894d53c9e7b508ca752bed4bf6ca25d2c1edf372edb1ab4a10a7b6aa9274f23e6b43cb4ebcc090fca7bb873a633d2b0bdf37fa2f2e13c5658fade0c6be392fb409f7686442d38d72e377b5eec0822e7ec2dc46b86a091cd3eaf4c845b215ec0501eb98cc7e0607731a75ce528bf68c78310819506dc2859ec9b71d532e8da412b2cf417a38a2f8366749bdcfd6e9ff8c6cb72217192854be5a312cda575095608a46c371c68d55187c689c36e7b340b41e101562aa9bec9fb4ba92104e4f8a6fff08bbce57e7801713dc196179b53246904bc959ed8786e897cc39816e9b5035838f9838fcb0d66bccc8862ef6403926a25fe4c3b1ab817260b0c58479bf634a75330d89f700c3e5809916ebfd6690796aa635ea7dcd871eb3bd39df8a69090b990a42e107908fdf242a59c8ae8b0c67873fa2105cf6b6e99353d248d0691d46c28b57c5f959f8aa0e294f3ea1482b75a8a911b0a2b5129f774af81212842e5429439392931a88cd6ddcdef92fc120bdfa1e71cb375d7c9b1dace79275394cdabd1c1f9eb7db1b885cdcb950490f241e14f2b07e517480b45fd8f37d6fedcc4bcd0719f22ffa2b1b56453b65888242aef888548235c183fc6e6962cdc1924aff1403a84a375b5575bf56f9a2e851a48e2bcd6bcb8ed917d0946ecfebcee702b1dc8226cb011028d39df1aea0a8d534a4b0b981bac393d9a446a39cbe4a571e154e471b8641d3b4b8c0aab581b8e98525a3068732f1da4a2949c4ee97c874a86a73291ef2f962d3134bca08c600"}, {0x60, 0x9c, 0x1, "63d683b507d69df2fe45449f8db778e6c2c0ea4f07ea3e49122afb4c55d58eb5c3fb72f965aa8087ca6495efdc3856f0411cb581433e6599742387706d21008b01c66c2e8bc85a2456a4e64bcfa0"}, {0x1010, 0x107, 0xffffffff, "a3778a79c42e157d57f251dfe7632b15c6b4ff9e6c8f2713bf83fb4cce160f1f8aee7a7588439a9155d2893c359e713cbceec44e0b7c082d53160dbdfa1f2ddca9282f8d63565e6c47a36d860f7e19523da6d4cd746e68ff993ff356cf8204cacb05f03d36beea742b484819ab560de2da83718a0b3c2664a9c6222e72687253bb04d04359842e5ed5de1a72f25e056325674dfbba39b63d830c79804a6adf854b776251a8970898de799b58eef74e8ef6ecc5c0cf33ae479935618949fea3c4cabd5ef102ed19cf49e14fcad0bfe22915f8b2e64ff95cf8e5f0c7edc9334404441f59e543f0fb84fdbc11d31e8ac4ceec35fb7a8987cba3d6c92542b2ed7728edb7b4ede606b7687e45a7aa264fd4857a45bfb6ef6cd7272dfaa7647e5ead2427d9382ef395d2bba5529e84193bf3ed18b9af9b3283610c5c8c3006d7524a59ce31271128c99827cb0af1284657fbe62cf33853ab78490eea9918ed3a6f570dd0ad93a118417682f1c93a1f7126c7402f538833ec2f473ef66009cc1519c070b09c16bb892040cfaee12277a331bf6cf5a35574d28552992a63b8314287ccd54ef44f4fac96bbdc09841da254e85b8e25f34c96f658518953a20c75fc349beb4c4144e4d51d7ac9cddb0815410aa8584682a7e317a5f4a0023abc9af41983d1c1de6c5b50c3227bebdf529a0015fe4dca45926d5d4496776e7f403c592652ba5373df8dc9ed5d4e59de9fc234b032bbc87a6e2dd3a9c7a1b88530e5f43979cfd2d01b4e6bb3684a2093a528eb49c3421403118e1f35b1873ce991041d8d5f7a5e86dbaf273449ce3be8558a2a2ef630a49ed26c3d3982e4757d8631d37d939f5db76dfc81c0f5a1013c78ff5166841ec1d04cff3040543506ed1508368045522eaac9117787c09c11809d3f6a87567d5e74ea2238924e93e5bc9f1c96d00e69942530b9cb30f2993d97e9c7b05cd90a7b23c1c3be1596541bfddaec2458b2269415318355e0cc7cd19bbcb8cb0a16766fbdcb4f21fb812490ef097b7eb45d635c16c600684504ca7f1cadaff8fa7ca9390ed927940700a587655f9d04e09a49c42d973a0465dc75f109d72e34a8b449a71833aec07734f783ba67e8c0d775fc78266c711bec791083074f00a5d7638fc884b66a47c7ab4d3be7816f5b304d08626de9557f1ab9af444ebcaf8ee15b4bb05a006537f2d82097602a0778a157e4e8598bb973f4a2002a1c28ad80a8030ee51d6d5d6959e7239ba9a0f75eff8aacf7f9fe3f9503fcfa88a4712e44296d5d0cdd45fc94d8931d2942867591b4e025af868512ecd0b91a9ed6e5e67392b73b5dcc79dc31153fdd32558524370769aab80fc4da053497881d551d4b13eb99e27a1c481eb29c1fc3dddb67d2d28c7bc7128679557061ca3006b267adad3d205307b18b9986bade2e2d384eef36c5cfcb9d885e86bd4fe30a29a407b386606ebf3d11c48d9256ef2f18fe7fd463cf94008aebfd09cb3b4102d38cd0a9f26930bb7f1f0983170f8d7b4b40a2441a28a8246d35e0072d6943972c8e818184597d184ef4db46991592272f848a16d5e09baebf8fe7ca52954032fe37235fb8ab5d1f5f57865f623a965a855b021ce7fa78d5df006cd910d1a407b741d18c4021429fb009881e74468a39e319a88fbba3a3cbe4e78d6c30dea7cf057eccb0a388e585c381f2c34b6eb52f982507b963073214f2cac9fb9c27b64119ab54d78abc252a7a050ef51b59699d76335e53cb583ec78c442dbfa5733931437a1ad2592809d93bfda9b1e7bff4afeda6cffe7ebba6b578386a57ca78531cc61700fe4b10cf4bee5f4c1c9b54a4ff0804912c0c388702d56e94196e5fd2c1cbd4b64adf794604be563b1e054d60d1f2dc084e5d50cc8cd2462071c81bd90d98f8f09a3e97d2e132475c740f2e0ecafc8c2b86621ea34245e52ee0ac768b833106b3bebe8a2a43c7f33da741878cc4ed6620e3372da8d545cbc8a14bdb4b1a62d55ca7f34a89405a966ab3a1bc1fdfef38b02dbc8e2aa40c995e07382ef6cf87a0c8377017ef5326e44dc45e09fe3f2f30854452fa6ccdde4f3a65b7ee6ee04bc0d288616616173260283354844b52eabaa2b3d715681d237944a3f81854f242e761a27c39b64aa4d140c29839906273c9efac86394eb860c10f9582a1da9286d38c439035f60381f2149c6c095586714c3c3706b4ba885ab33a515132dcc254254fa418a51b021f1e8c47b6