x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:57 executing program 3 (fault-call:0 fault-nth:10): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:57 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:04:57 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000001940)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, 0x0}}, {{&(0x7f0000000140)={0x2, 0x4e22, @private}, 0x10, 0x0, 0x0, &(0x7f0000000600)=[@ip_retopts={{0x34, 0x0, 0x7, {[@rr={0x7, 0x23, 0x22, [@multicast2, @rand_addr, @remote, @rand_addr, @loopback, @dev, @multicast2, @multicast2]}]}}}], 0x38}}], 0x2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x8, 0x10, r1, 0xfa824000) [ 283.117168][T28346] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:04:57 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r1, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:04:57 executing program 5: r0 = socket$inet6(0x10, 0x3, 0x0) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x1c) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0xfffffffb, @dev={0xfe, 0x80, '\x00', 0x18}}, 0x1c) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)="5500000018007f5f14fe01b2c682c3c40206040200101301021614123900090035000c0201000000190015400400f2ff060022dc131a014883139b84136ef75adb83de441100160031d521e25aa274c71bbe999b19", 0x55}], 0x1, 0x0, 0x0, 0xf000000}, 0x0) [ 283.231563][T28410] FAULT_INJECTION: forcing a failure. [ 283.231563][T28410] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 283.232801][T28409] FAULT_INJECTION: forcing a failure. [ 283.232801][T28409] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 283.245303][T28410] CPU: 1 PID: 28410 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 283.267352][T28410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.278354][T28410] Call Trace: [ 283.281617][T28410] dump_stack+0x137/0x19d [ 283.285935][T28410] should_fail+0x23c/0x250 [ 283.290361][T28410] should_fail_usercopy+0x16/0x20 [ 283.295452][T28410] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 283.301500][T28410] ? shmem_write_begin+0x7e/0x100 [ 283.306525][T28410] generic_perform_write+0x1e4/0x3a0 [ 283.311793][T28410] ? file_update_time+0x1bd/0x3e0 [ 283.316801][T28410] __generic_file_write_iter+0x161/0x300 [ 283.322420][T28410] ? generic_write_checks+0x250/0x290 [ 283.327878][T28410] generic_file_write_iter+0x75/0x130 [ 283.333402][T28410] vfs_write+0x69d/0x770 [ 283.337714][T28410] __x64_sys_pwrite64+0xf5/0x150 [ 283.342634][T28410] do_syscall_64+0x4a/0x90 [ 283.347036][T28410] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 283.352913][T28410] RIP: 0033:0x419777 [ 283.356793][T28410] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 283.376380][T28410] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 283.385208][T28410] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 283.393161][T28410] RDX: 0000000000000009 RSI: 00000000200000c0 RDI: 0000000000000004 [ 283.401157][T28410] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 283.409118][T28410] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004 [ 283.417333][T28410] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 283.425359][T28409] CPU: 0 PID: 28409 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 283.434169][T28409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.444321][T28409] Call Trace: [ 283.447597][T28409] dump_stack+0x137/0x19d [ 283.451938][T28409] should_fail+0x23c/0x250 [ 283.456216][T28410] loop3: detected capacity change from 0 to 4101 [ 283.456377][T28409] should_fail_usercopy+0x16/0x20 [ 283.467863][T28409] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 283.474120][T28409] ? shmem_write_begin+0x7e/0x100 [ 283.479137][T28409] generic_perform_write+0x1e4/0x3a0 [ 283.484413][T28409] ? file_update_time+0x1bd/0x3e0 [ 283.489425][T28409] __generic_file_write_iter+0x161/0x300 [ 283.495078][T28409] ? generic_write_checks+0x250/0x290 [ 283.500483][T28409] generic_file_write_iter+0x75/0x130 [ 283.505845][T28409] vfs_write+0x69d/0x770 [ 283.510157][T28409] __x64_sys_pwrite64+0xf5/0x150 [ 283.515546][T28409] do_syscall_64+0x4a/0x90 [ 283.520412][T28409] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 283.527021][T28409] RIP: 0033:0x419777 [ 283.530913][T28409] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 283.551946][T28409] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 283.560439][T28409] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 283.569474][T28409] RDX: 0000000000000009 RSI: 00000000200000c0 RDI: 0000000000000004 20:04:57 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, 0x0, 0x0) [ 283.579644][T28409] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 283.589958][T28409] R10: 0000000000000800 R11: 0000000000000293 R12: 0000000000000004 [ 283.599531][T28409] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 20:04:57 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:04:57 executing program 0: mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="b7ca485d19630000000007"], 0x1c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x12c, r1, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0xdf, 0x2a, [@peer_mgmt={0x75, 0x6, {0x0, 0x0, @val=0x2, @void, @void}}, @ibss={0x6, 0x2, 0xff00}, @fast_bss_trans={0x37, 0x52, {0x3, 0x0, "f31c3404252f213787e9b0599b910d8a", "6f2e9c17eb12876fa44ad8b5ac90ab2a6663c309fe24fb8737d5fe530fcfb1bf", "a60e3aa62d11af0157ec6d4a166f77cf7a55a36ac453e898fd85d484ddb4da3b"}}, @erp={0x2a, 0x1}, @fast_bss_trans={0x37, 0x76, {0x4, 0x1, "8089422dbba3c72ea8e12723cdd58dd7", "0c7c61aaf1b4fffe0ed75e83ca7e3b861e42773040f24d9776eb778cd5447cff", "4d1964026fad50b05b18f5e0208cf144e0c3f9be864d8ec31f6b692a51c6873b", [{0x3, 0x22, "50362f7ae9c451040d770ecf012d61a9a61347c9b49ef65efb1b8ee4fba97b113bdd"}]}}]}, @NL80211_ATTR_BSS_BASIC_RATES={0x1d, 0x24, [{0xc}, {0x6, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0x9, 0x1}, {0xb, 0x1}, {0x48}, {0x9}, {0x6c}, {0x1b}, {0x1, 0x1}, {0x48, 0x1}, {0x6c}, {}, {0x41}, {0x1, 0x1}, {0x1, 0x1}, {0x24, 0x1}, {0x4}, {0x18}, {0x6, 0x1}, {0x2, 0x1}, {0x1b}, {0x6}, {0x30, 0x1}]}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x6}]]}, 0x12c}, 0x1, 0x0, 0x0, 0x4000090}, 0x80) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=r2, @ANYBLOB="0400000000000000000000000000000020000000000000"], 0x2c, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$AUDIT_TTY_GET(r0, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x100008}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x10, 0x3f8, 0x200, 0x70bd25, 0x25dfdbfb, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x44081}, 0x24040885) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000480)={&(0x7f0000000280), 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x44, r1, 0x1502, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x100, 0x2a}}}}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x5}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x44}, 0x1, 0x0, 0x0, 0x4044004}, 0x800) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$NL80211_CMD_RADAR_DETECT(r4, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x38, r1, 0x8, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x37, 0x3f}}}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2c1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}]}, 0x38}}, 0x4000404) r5 = socket(0xd, 0x2, 0x6) preadv(r5, &(0x7f00000009c0)=[{&(0x7f0000000600)=""/219, 0xdb}, {&(0x7f0000000700)=""/70, 0x46}, {&(0x7f0000000780)=""/250, 0xfa}, {&(0x7f0000000880)=""/20, 0x14}, {&(0x7f00000008c0)=""/254, 0xfe}], 0x5, 0x800, 0x8769) lchown(&(0x7f0000000340)='./bus\x00', r2, 0x0) creat(&(0x7f0000000340)='./bus/file0\x00', 0x0) 20:04:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='shrrtname=mixe[,iocharset=maccroatian,iocharset=cp949,check=normAl']) chdir(&(0x7f0000000000)='./file0\x00') 20:04:57 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, 0x0, 0x0) [ 283.693919][T28410] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 283.713638][T28409] loop4: detected capacity change from 0 to 4101 [ 283.716096][T28410] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 20:04:57 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, 0x0, 0x0) [ 283.723809][T28435] FAT-fs (loop5): Unrecognized mount option "shrrtname=mixe[" or missing value [ 283.731922][T28410] ext4_test_bit(bit=16, block=18) = 1 [ 283.754510][T28410] is_bad_inode(inode)=0 [ 283.759906][T28410] NEXT_ORPHAN(inode)=29447707 [ 283.766100][T28410] max_ino=32 [ 283.770499][T28410] i_nlink=144 [ 283.775288][T28410] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 283.806105][T28409] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 283.828922][T28409] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 283.841334][T28409] ext4_test_bit(bit=16, block=18) = 1 [ 283.847703][T28409] is_bad_inode(inode)=0 20:04:58 executing program 4 (fault-call:0 fault-nth:11): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:58 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:04:58 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x409, 0x100000000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x3}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x3, 0x38, 0x8, 0x9, 0x80000000, 0x7, 0x3f00000000000, 0x1000, 0x2000008}, 0x0) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x581) getpriority(0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x10b79332f702913c, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f0000000380)="1c0000001a009bae5700af0f550000adf86e28000000008d00000000", 0x1c) recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) sched_setattr(r0, &(0x7f0000000100)={0x38, 0x1, 0x2, 0x8bc7, 0x9, 0x10001, 0x80000000, 0x6, 0x5, 0x10100000}, 0x0) 20:04:58 executing program 3 (fault-call:0 fault-nth:11): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:58 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) [ 283.852480][T28409] NEXT_ORPHAN(inode)=29447707 [ 283.857821][T28409] max_ino=32 [ 283.861146][T28409] i_nlink=144 [ 283.872142][T28435] FAT-fs (loop5): Unrecognized mount option "shrrtname=mixe[" or missing value [ 283.876660][T28409] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:04:58 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='!!~\xfd,\x00') ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000100)='!!~\xfd,\x00') open(&(0x7f0000000140)='./file0\x00', 0x212c00, 0x50) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='!!~\xfd,\x00') 20:04:58 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) 20:04:58 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 283.991868][T28481] FAULT_INJECTION: forcing a failure. [ 283.991868][T28481] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.005161][T28481] CPU: 0 PID: 28481 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 284.013942][T28481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.024078][T28481] Call Trace: [ 284.027354][T28481] dump_stack+0x137/0x19d [ 284.031672][T28481] should_fail+0x23c/0x250 [ 284.036096][T28481] __alloc_pages+0x102/0x320 [ 284.040668][T28481] alloc_pages_vma+0x391/0x660 [ 284.045413][T28481] shmem_getpage_gfp+0x980/0x1410 [ 284.050541][T28481] shmem_write_begin+0x7e/0x100 [ 284.055436][T28481] generic_perform_write+0x196/0x3a0 [ 284.060705][T28481] ? file_update_time+0x1bd/0x3e0 [ 284.065732][T28481] __generic_file_write_iter+0x161/0x300 [ 284.071509][T28481] ? generic_write_checks+0x250/0x290 [ 284.076865][T28481] generic_file_write_iter+0x75/0x130 [ 284.082277][T28481] vfs_write+0x69d/0x770 [ 284.086503][T28481] __x64_sys_pwrite64+0xf5/0x150 [ 284.091560][T28481] do_syscall_64+0x4a/0x90 [ 284.096034][T28481] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 284.101937][T28481] RIP: 0033:0x419777 [ 284.105931][T28481] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 284.125523][T28481] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 284.133920][T28481] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 284.141907][T28481] RDX: 0000000000000003 RSI: 0000000020012100 RDI: 0000000000000004 [ 284.149874][T28481] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 284.157826][T28481] R10: 0000000000009000 R11: 0000000000000293 R12: 0000000000000004 [ 284.165786][T28481] R13: 0000000000000004 R14: 0000000020000260 R15: 0000000000000004 [ 284.177282][T28486] FAULT_INJECTION: forcing a failure. [ 284.177282][T28486] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.190645][T28486] CPU: 0 PID: 28486 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 284.199409][T28486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.209488][T28486] Call Trace: [ 284.212758][T28486] dump_stack+0x137/0x19d [ 284.217076][T28486] should_fail+0x23c/0x250 [ 284.221497][T28486] __alloc_pages+0x102/0x320 [ 284.226078][T28486] alloc_pages_vma+0x391/0x660 [ 284.230915][T28486] shmem_getpage_gfp+0x980/0x1410 [ 284.235965][T28486] shmem_write_begin+0x7e/0x100 [ 284.240810][T28486] generic_perform_write+0x196/0x3a0 [ 284.246165][T28486] ? file_update_time+0x1bd/0x3e0 [ 284.251178][T28486] __generic_file_write_iter+0x161/0x300 [ 284.256880][T28486] ? generic_write_checks+0x250/0x290 [ 284.262237][T28486] generic_file_write_iter+0x75/0x130 [ 284.267608][T28486] vfs_write+0x69d/0x770 [ 284.271886][T28486] __x64_sys_pwrite64+0xf5/0x150 [ 284.276823][T28486] do_syscall_64+0x4a/0x90 [ 284.281238][T28486] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 284.287179][T28486] RIP: 0033:0x419777 [ 284.291068][T28486] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 284.310770][T28486] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 284.319168][T28486] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 284.327128][T28486] RDX: 0000000000000003 RSI: 0000000020012100 RDI: 0000000000000004 [ 284.335086][T28486] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff 20:04:58 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) 20:04:58 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 284.343041][T28486] R10: 0000000000009000 R11: 0000000000000293 R12: 0000000000000004 [ 284.351015][T28486] R13: 0000000000000004 R14: 0000000020000260 R15: 0000000000000004 20:04:58 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0) 20:04:58 executing program 5: mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000000, 0x10010, 0xffffffffffffffff, 0xe204c000) syz_mount_image$vfat(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000280)='./file0\x00', &(0x7f0000000540)='./file0\x00', 0x0, 0x609009, 0x0) mount$9p_unix(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x820e0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x585002, 0xc) [ 284.392081][T28486] loop4: detected capacity change from 0 to 4101 [ 284.410214][T28486] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 284.456686][T28481] loop3: detected capacity change from 0 to 4101 [ 284.478536][T28516] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none. [ 284.488939][T28486] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 284.499354][T28486] ext4_test_bit(bit=16, block=18) = 0 20:04:58 executing program 4 (fault-call:0 fault-nth:12): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:58 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0) [ 284.504726][T28486] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 284.510479][T28521] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none. [ 284.530161][T28481] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 284.558415][T28481] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 284.569240][T28481] ext4_test_bit(bit=16, block=18) = 0 [ 284.574610][T28481] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 284.613659][T28534] FAULT_INJECTION: forcing a failure. [ 284.613659][T28534] name failslab, interval 1, probability 0, space 0, times 0 [ 284.627057][T28534] CPU: 1 PID: 28534 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 284.635946][T28534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.650707][T28534] Call Trace: [ 284.657989][T28534] dump_stack+0x137/0x19d [ 284.666318][T28534] should_fail+0x23c/0x250 [ 284.674944][T28534] ? xas_create+0x3fb/0xb30 [ 284.681267][T28534] __should_failslab+0x81/0x90 [ 284.689431][T28534] should_failslab+0x5/0x20 [ 284.695420][T28534] kmem_cache_alloc+0x46/0x2f0 [ 284.702311][T28534] xas_create+0x3fb/0xb30 [ 284.711033][T28534] xas_create_range+0x146/0x360 [ 284.718261][T28534] shmem_add_to_page_cache+0x3ad/0x650 [ 284.727782][T28534] shmem_getpage_gfp+0xbdc/0x1410 [ 284.738296][T28534] shmem_write_begin+0x7e/0x100 [ 284.750732][T28534] generic_perform_write+0x196/0x3a0 [ 284.760773][T28534] ? file_update_time+0x1bd/0x3e0 [ 284.771848][T28534] __generic_file_write_iter+0x161/0x300 [ 284.783667][T28534] ? generic_write_checks+0x250/0x290 [ 284.793649][T28534] generic_file_write_iter+0x75/0x130 [ 284.805871][T28534] vfs_write+0x69d/0x770 [ 284.813757][T28534] __x64_sys_pwrite64+0xf5/0x150 [ 284.825093][T28534] do_syscall_64+0x4a/0x90 [ 284.833295][T28534] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 284.845761][T28534] RIP: 0033:0x419777 [ 284.853680][T28534] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 284.889542][T28534] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 284.905933][T28534] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 284.920130][T28534] RDX: 0000000000000003 RSI: 0000000020012100 RDI: 0000000000000004 [ 284.933675][T28534] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 284.947976][T28534] R10: 0000000000009000 R11: 0000000000000293 R12: 0000000000000004 20:04:59 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0) r1 = gettid() getrlimit(0xa, &(0x7f0000000180)) ptrace$setopts(0x4206, r1, 0x0, 0x5) ptrace$setopts(0x4206, r1, 0x10000, 0x10) tkill(r1, 0x36) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) prlimit64(r1, 0x2, &(0x7f0000000040)={0x7, 0x56}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) sched_setattr(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0x7, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r0]) tkill(0x0, 0x3f) open(&(0x7f0000000100)='./file0\x00', 0x4000, 0xc0) chdir(&(0x7f0000000000)='./file1\x00') r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863", 0x103) sendfile(r2, r3, 0x0, 0x1c500) 20:04:59 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0) 20:04:59 executing program 3 (fault-call:0 fault-nth:12): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:59 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup(r0, &(0x7f0000000200)='syz1\x00', 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000180), 0x12) r3 = socket$inet6(0xa, 0x5, 0x7) shutdown(r3, 0x0) [ 284.959594][T28534] R13: 0000000000000004 R14: 0000000020000260 R15: 0000000000000004 [ 284.980584][T28534] loop4: detected capacity change from 0 to 4101 [ 285.012256][T28534] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 285.038576][T28554] FAULT_INJECTION: forcing a failure. [ 285.038576][T28554] name failslab, interval 1, probability 0, space 0, times 0 [ 285.051887][T28554] CPU: 1 PID: 28554 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 285.055373][T28534] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 285.060652][T28554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.060666][T28554] Call Trace: [ 285.060673][T28554] dump_stack+0x137/0x19d [ 285.071351][T28534] ext4_test_bit(bit=16, block=18) = 1 [ 285.081645][T28554] should_fail+0x23c/0x250 [ 285.081673][T28554] ? xas_create+0x3fb/0xb30 [ 285.085011][T28534] is_bad_inode(inode)=0 [ 285.089278][T28554] __should_failslab+0x81/0x90 [ 285.094628][T28534] NEXT_ORPHAN(inode)=29447707 [ 285.099022][T28554] should_failslab+0x5/0x20 [ 285.103532][T28534] max_ino=32 [ 285.103539][T28534] i_nlink=144 [ 285.107659][T28554] kmem_cache_alloc+0x46/0x2f0 [ 285.107682][T28554] xas_create+0x3fb/0xb30 [ 285.130574][T28534] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 285.133098][T28554] xas_create_range+0x146/0x360 [ 285.152807][T28554] shmem_add_to_page_cache+0x3ad/0x650 [ 285.158310][T28554] shmem_getpage_gfp+0xbdc/0x1410 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:04:59 executing program 4 (fault-call:0 fault-nth:13): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 285.163436][T28554] shmem_write_begin+0x7e/0x100 [ 285.168293][T28554] generic_perform_write+0x196/0x3a0 [ 285.173600][T28554] ? file_update_time+0x1bd/0x3e0 [ 285.178620][T28554] __generic_file_write_iter+0x161/0x300 [ 285.184272][T28554] ? generic_write_checks+0x250/0x290 [ 285.189739][T28554] generic_file_write_iter+0x75/0x130 [ 285.195257][T28554] vfs_write+0x69d/0x770 [ 285.199525][T28554] __x64_sys_pwrite64+0xf5/0x150 [ 285.204454][T28554] do_syscall_64+0x4a/0x90 20:04:59 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x21, 0xd9f, 0x0) fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000140)=@v3, 0x18, 0x0) close(r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) [ 285.208915][T28554] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 285.214862][T28554] RIP: 0033:0x419777 [ 285.218902][T28554] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 285.238705][T28554] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 285.247373][T28554] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 285.255533][T28554] RDX: 0000000000000003 RSI: 0000000020012100 RDI: 0000000000000004 20:04:59 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:04:59 executing program 0: r0 = socket$inet6(0xa, 0x400000000001, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007ffc) r2 = dup(r0) bind$inet6(r0, &(0x7f0000000600)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x23) setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f00000001c0), 0x4) r3 = open(&(0x7f00000003c0)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8000fffffffe) connect$unix(r2, &(0x7f0000000000)=@abs, 0x6e) 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 285.263621][T28554] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 285.271728][T28554] R10: 0000000000009000 R11: 0000000000000293 R12: 0000000000000004 [ 285.279786][T28554] R13: 0000000000000004 R14: 0000000020000260 R15: 0000000000000004 [ 285.340603][T28579] FAULT_INJECTION: forcing a failure. [ 285.340603][T28579] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 285.353814][T28579] CPU: 1 PID: 28579 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 285.362572][T28579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.372639][T28579] Call Trace: [ 285.375918][T28579] dump_stack+0x137/0x19d [ 285.380259][T28579] should_fail+0x23c/0x250 [ 285.384710][T28579] should_fail_usercopy+0x16/0x20 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x0, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 285.389750][T28579] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 285.396037][T28579] ? shmem_write_begin+0x7e/0x100 [ 285.401064][T28579] generic_perform_write+0x1e4/0x3a0 [ 285.406405][T28579] ? file_update_time+0x1bd/0x3e0 [ 285.411433][T28579] __generic_file_write_iter+0x161/0x300 [ 285.417076][T28579] ? generic_write_checks+0x250/0x290 [ 285.422470][T28579] generic_file_write_iter+0x75/0x130 [ 285.428024][T28579] vfs_write+0x69d/0x770 [ 285.432375][T28579] __x64_sys_pwrite64+0xf5/0x150 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x0, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 285.437378][T28579] do_syscall_64+0x4a/0x90 [ 285.441938][T28579] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 285.448217][T28579] RIP: 0033:0x419777 [ 285.452305][T28579] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 285.472727][T28579] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 285.481665][T28579] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 20:04:59 executing program 0: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x208200) r1 = open(&(0x7f0000000400)='./bus\x00', 0x0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x6ac60, 0x98) openat(r2, &(0x7f0000000100)='./bus\x00', 0x0, 0x169) close(0xffffffffffffffff) r3 = open(&(0x7f0000000400)='./bus\x00', 0x1145042, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0xffffdffa) r4 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x440000, 0x0) pidfd_getfd(r4, r3, 0x0) lseek(r1, 0x0, 0x3) creat(&(0x7f0000000000)='./bus\x00', 0x0) [ 285.490042][T28579] RDX: 0000000000000003 RSI: 0000000020012100 RDI: 0000000000000004 [ 285.498218][T28579] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 285.507008][T28579] R10: 0000000000009000 R11: 0000000000000293 R12: 0000000000000004 [ 285.515237][T28579] R13: 0000000000000004 R14: 0000000020000260 R15: 0000000000000004 [ 285.532551][T28554] loop3: detected capacity change from 0 to 4101 [ 285.570053][T28554] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 285.580159][T28579] loop4: detected capacity change from 0 to 4101 [ 285.593498][T28554] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 285.604797][T28554] ext4_test_bit(bit=16, block=18) = 1 [ 285.610339][T28554] is_bad_inode(inode)=0 [ 285.614498][T28554] NEXT_ORPHAN(inode)=29447707 20:04:59 executing program 3 (fault-call:0 fault-nth:13): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:59 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:04:59 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x4000, &(0x7f0000000040)=0x3, 0x7) [ 285.619195][T28554] max_ino=32 [ 285.622428][T28554] i_nlink=144 [ 285.625914][T28554] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 285.628943][T28579] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:04:59 executing program 4 (fault-call:0 fault-nth:14): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:04:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x0, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:04:59 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 285.670610][T28579] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 285.681738][T28579] ext4_test_bit(bit=16, block=18) = 1 [ 285.687624][T28579] is_bad_inode(inode)=0 [ 285.691912][T28579] NEXT_ORPHAN(inode)=29447707 [ 285.696685][T28579] max_ino=32 [ 285.699871][T28579] i_nlink=144 [ 285.703595][T28579] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:04:59 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) symlinkat(&(0x7f00000000c0)='/', r0, &(0x7f0000d06ff8)='./file0\x00') r1 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[], 0x191) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r3 = creat(&(0x7f0000000100)='./file0/bus\x00', 0xbc9dc8fbd81cb5b7) fcntl$lock(r3, 0x7, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000001540)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f0000002940)={r4, "4ef562ba8ef0c1d1d2623a139aba932e"}) ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0xc4089434, &(0x7f00000002c0)={r4, 0x1, 0x1, [0x10000, 0x5, 0x0, 0x800], [0x200, 0x400, 0x9, 0x7, 0x0, 0xfffffffffffffffd, 0x8d1, 0x5, 0x3, 0x7fffffff, 0x8985, 0xec, 0x400, 0x2, 0xfffffffffffffffa, 0xfffffffffffffff9, 0x80000001000000, 0x1, 0x2, 0x5, 0x3, 0x3, 0x7f, 0x4, 0x3, 0x2, 0x0, 0xfc1b, 0x1ff, 0xfa7a, 0x8, 0x8001, 0x9, 0x401, 0x87, 0xe00000000000, 0x330, 0x5, 0x7, 0x8, 0x14, 0x3b, 0xff, 0x401, 0x7, 0x5, 0xf3, 0x9, 0x1, 0x6, 0x948, 0x20, 0x9, 0x7, 0x8001, 0x7, 0xb51, 0x7ff, 0x611f4744, 0xffffffffffffffe0, 0x6, 0xb39, 0xffff, 0x6, 0x0, 0x800, 0xcb4, 0x0, 0x1000, 0x70, 0x3, 0x8, 0x81, 0x80000000, 0x5, 0x4, 0x9, 0x101, 0x9, 0x100, 0x1, 0x8, 0x6, 0x7, 0xb2b6, 0xeb, 0x0, 0x5, 0x8, 0x953e, 0xffffffffffffff59, 0x9, 0x200, 0x9fd0, 0x2, 0x9, 0x4000, 0x6, 0x0, 0x7, 0x1f, 0x400, 0x200, 0x400, 0x7fff, 0x4, 0x4f4a, 0x3, 0x8000, 0xc333, 0x7, 0xcdc, 0x5, 0x6, 0x8, 0x7fff, 0x0, 0x10001, 0x2, 0x5, 0xa00]}) close(r1) openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x311000, 0x0) renameat(r5, &(0x7f0000000140)='./file1\x00', r1, &(0x7f0000000180)='./file0\x00') [ 285.821694][T28626] FAULT_INJECTION: forcing a failure. [ 285.821694][T28626] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 285.834975][T28626] CPU: 1 PID: 28626 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 285.835645][T28629] FAULT_INJECTION: forcing a failure. [ 285.835645][T28629] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 285.844323][T28626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.844337][T28626] Call Trace: [ 285.844344][T28626] dump_stack+0x137/0x19d [ 285.874956][T28626] should_fail+0x23c/0x250 [ 285.879465][T28626] __alloc_pages+0x102/0x320 [ 285.885287][T28626] alloc_pages_vma+0x391/0x660 [ 285.890247][T28626] shmem_getpage_gfp+0x980/0x1410 [ 285.895270][T28626] shmem_write_begin+0x7e/0x100 [ 285.900121][T28626] generic_perform_write+0x196/0x3a0 [ 285.905434][T28626] ? file_update_time+0x1bd/0x3e0 [ 285.910518][T28626] __generic_file_write_iter+0x161/0x300 [ 285.916146][T28626] ? generic_write_checks+0x250/0x290 [ 285.921502][T28626] generic_file_write_iter+0x75/0x130 [ 285.926858][T28626] vfs_write+0x69d/0x770 [ 285.931173][T28626] __x64_sys_pwrite64+0xf5/0x150 [ 285.936091][T28626] do_syscall_64+0x4a/0x90 [ 285.940490][T28626] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 285.946368][T28626] RIP: 0033:0x419777 [ 285.950243][T28626] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 285.970082][T28626] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 285.978531][T28626] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 285.986492][T28626] RDX: 000000000000001d RSI: 0000000020012e00 RDI: 0000000000000004 [ 285.994533][T28626] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 286.002510][T28626] R10: 0000000000011080 R11: 0000000000000293 R12: 0000000000000004 [ 286.010472][T28626] R13: 0000000000000004 R14: 0000000020000278 R15: 0000000000000005 20:05:00 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 286.018520][T28629] CPU: 0 PID: 28629 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 286.027305][T28629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.037798][T28629] Call Trace: [ 286.041077][T28629] dump_stack+0x137/0x19d [ 286.045456][T28629] should_fail+0x23c/0x250 [ 286.049876][T28629] should_fail_usercopy+0x16/0x20 [ 286.054911][T28629] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 286.061000][T28629] ? shmem_write_begin+0x7e/0x100 [ 286.066038][T28629] generic_perform_write+0x1e4/0x3a0 20:05:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x38, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}]}, 0x38}}, 0x0) [ 286.071342][T28629] ? file_update_time+0x1bd/0x3e0 [ 286.076397][T28629] __generic_file_write_iter+0x161/0x300 [ 286.082099][T28629] ? generic_write_checks+0x250/0x290 [ 286.087574][T28629] generic_file_write_iter+0x75/0x130 [ 286.092968][T28629] vfs_write+0x69d/0x770 [ 286.097267][T28629] __x64_sys_pwrite64+0xf5/0x150 [ 286.102286][T28629] do_syscall_64+0x4a/0x90 [ 286.106713][T28629] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 286.112620][T28629] RIP: 0033:0x419777 [ 286.113545][T28626] loop4: detected capacity change from 0 to 4101 [ 286.116516][T28629] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 286.116533][T28629] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 286.150839][T28629] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 286.158834][T28629] RDX: 0000000000000003 RSI: 0000000020012100 RDI: 0000000000000004 20:05:00 executing program 1: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x38, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}]}, 0x38}}, 0x0) [ 286.166896][T28629] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 286.174908][T28629] R10: 0000000000009000 R11: 0000000000000293 R12: 0000000000000004 [ 286.182922][T28629] R13: 0000000000000004 R14: 0000000020000260 R15: 0000000000000004 20:05:00 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$nvram(0xffffffffffffff9c, &(0x7f0000000280), 0x189000, 0x0) r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000200)='./bus\x00', 0x1612c2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/timer_list\x00', 0x0, 0x0) write(r0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x4000000000010046) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r3, 0x800) r4 = clone3(&(0x7f0000000540)={0x200, &(0x7f0000000080), &(0x7f00000002c0), &(0x7f0000000300), {0x31}, &(0x7f0000000340)=""/145, 0x91, &(0x7f0000000400)=""/200, &(0x7f0000000500)=[0xffffffffffffffff, 0x0], 0x2, {r3}}, 0x58) r5 = openat$nvram(0xffffffffffffff9c, &(0x7f00000005c0), 0x210080, 0x0) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x1f, 0x9, 0xf, 0x0, 0x0, 0x6, 0xac306, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x81, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x10080, 0x8, 0x9, 0x9, 0x20, 0x0, 0x5bc5, 0x0, 0x4, 0x0, 0x7fffffff}, r4, 0xd, r5, 0x3) lseek(r3, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x8c3713, 0x0) [ 286.232779][T28629] loop3: detected capacity change from 0 to 4101 [ 286.260892][T28626] EXT4-fs error (device loop4): ext4_fill_super:4954: inode #2: comm syz-executor.4: iget: root inode unallocated [ 286.270593][T28629] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 286.272957][T28626] EXT4-fs (loop4): get root inode failed [ 286.287661][T28626] EXT4-fs (loop4): mount failed [ 286.288975][T28629] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 286.302925][T28629] ext4_test_bit(bit=16, block=18) = 1 [ 286.308517][T28629] is_bad_inode(inode)=0 [ 286.312670][T28629] NEXT_ORPHAN(inode)=29447707 [ 286.317390][T28629] max_ino=32 [ 286.320578][T28629] i_nlink=144 20:05:00 executing program 3 (fault-call:0 fault-nth:14): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:00 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x4000, &(0x7f0000000040)=0x3, 0x7) 20:05:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x38, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}]}, 0x38}}, 0x0) [ 286.338347][T28629] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:00 executing program 4 (fault-call:0 fault-nth:15): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:00 executing program 1: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x58, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x58}}, 0x0) [ 286.458296][T28676] FAULT_INJECTION: forcing a failure. [ 286.458296][T28676] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.471808][T28676] CPU: 0 PID: 28676 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 286.480576][T28676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.491318][T28676] Call Trace: [ 286.494858][T28676] dump_stack+0x137/0x19d [ 286.499409][T28676] should_fail+0x23c/0x250 [ 286.503867][T28676] __alloc_pages+0x102/0x320 20:05:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x58, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x58}}, 0x0) [ 286.508644][T28676] alloc_pages_vma+0x391/0x660 [ 286.513529][T28676] shmem_getpage_gfp+0x980/0x1410 [ 286.519747][T28676] shmem_write_begin+0x7e/0x100 [ 286.524949][T28676] generic_perform_write+0x196/0x3a0 [ 286.530759][T28676] ? file_update_time+0x1bd/0x3e0 [ 286.533472][T28678] FAULT_INJECTION: forcing a failure. [ 286.533472][T28678] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 286.536668][T28676] __generic_file_write_iter+0x161/0x300 [ 286.557717][T28676] ? generic_write_checks+0x250/0x290 [ 286.563953][T28676] generic_file_write_iter+0x75/0x130 [ 286.570056][T28676] vfs_write+0x69d/0x770 [ 286.575626][T28676] __x64_sys_pwrite64+0xf5/0x150 [ 286.581362][T28676] do_syscall_64+0x4a/0x90 [ 286.586400][T28676] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 286.592974][T28676] RIP: 0033:0x419777 [ 286.597237][T28676] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 286.618164][T28676] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 286.627419][T28676] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 286.636003][T28676] RDX: 000000000000001d RSI: 0000000020012e00 RDI: 0000000000000004 [ 286.645087][T28676] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 286.653763][T28676] R10: 0000000000011080 R11: 0000000000000293 R12: 0000000000000004 [ 286.662995][T28676] R13: 0000000000000004 R14: 0000000020000278 R15: 0000000000000005 [ 286.672241][T28678] CPU: 1 PID: 28678 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 286.682730][T28678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.693691][T28678] Call Trace: [ 286.697784][T28678] dump_stack+0x137/0x19d [ 286.702594][T28678] should_fail+0x23c/0x250 20:05:00 executing program 1: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:00 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 286.707971][T28678] should_fail_usercopy+0x16/0x20 [ 286.713314][T28678] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 286.720170][T28678] ? shmem_write_begin+0x7e/0x100 [ 286.726390][T28678] generic_perform_write+0x1e4/0x3a0 [ 286.732389][T28678] ? file_update_time+0x1bd/0x3e0 [ 286.738681][T28678] __generic_file_write_iter+0x161/0x300 [ 286.745391][T28678] ? generic_write_checks+0x250/0x290 [ 286.751781][T28678] generic_file_write_iter+0x75/0x130 [ 286.757559][T28678] vfs_write+0x69d/0x770 [ 286.762091][T28676] loop3: detected capacity change from 0 to 4101 [ 286.763051][T28678] __x64_sys_pwrite64+0xf5/0x150 [ 286.763070][T28678] do_syscall_64+0x4a/0x90 [ 286.763091][T28678] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 286.785077][T28678] RIP: 0033:0x419777 [ 286.788969][T28678] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b 20:05:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x58, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x58}}, 0x0) 20:05:00 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 286.808596][T28678] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 286.817013][T28678] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 286.824987][T28678] RDX: 000000000000001d RSI: 0000000020012e00 RDI: 0000000000000004 [ 286.832956][T28678] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 286.841011][T28678] R10: 0000000000011080 R11: 0000000000000293 R12: 0000000000000004 [ 286.848984][T28678] R13: 0000000000000004 R14: 0000000020000278 R15: 0000000000000005 20:05:01 executing program 5: prctl$PR_SET_FPEXC(0xc, 0x80000) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1003e, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, r0, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) [ 286.855726][T28676] EXT4-fs error (device loop3): ext4_fill_super:4954: inode #2: comm syz-executor.3: iget: root inode unallocated [ 286.869229][T28676] EXT4-fs (loop3): get root inode failed [ 286.874890][T28676] EXT4-fs (loop3): mount failed [ 286.910144][T28678] loop4: detected capacity change from 0 to 4101 [ 286.937636][T28678] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 286.950035][T28678] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 20:05:01 executing program 3 (fault-call:0 fault-nth:15): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:01 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x4000, &(0x7f0000000040)=0x3, 0x7) 20:05:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x58, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x58}}, 0x0) [ 286.960521][T28678] ext4_test_bit(bit=16, block=18) = 1 [ 286.965911][T28678] is_bad_inode(inode)=0 [ 286.970196][T28678] NEXT_ORPHAN(inode)=29447707 [ 286.974887][T28678] max_ino=32 [ 286.978182][T28678] i_nlink=144 [ 286.982094][T28678] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:01 executing program 4 (fault-call:0 fault-nth:16): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:01 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket(0x10, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000080)=0x50) sendmmsg$inet(r0, &(0x7f0000000400)=[{{&(0x7f0000000000)={0x2, 0x4e27, @empty}, 0x10, 0x0}}, {{&(0x7f0000000040)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@ip_retopts={{0x18, 0x0, 0x7, {[@noop, @timestamp={0x44, 0x4, 0x90, 0x0, 0xf}]}}}], 0x18}}], 0x2, 0x0) 20:05:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x58, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x58}}, 0x0) 20:05:01 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 287.069684][T28731] FAULT_INJECTION: forcing a failure. [ 287.069684][T28731] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.082814][T28731] CPU: 0 PID: 28731 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 287.091752][T28731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.101845][T28731] Call Trace: [ 287.105155][T28731] dump_stack+0x137/0x19d [ 287.109508][T28731] should_fail+0x23c/0x250 [ 287.113919][T28731] should_fail_usercopy+0x16/0x20 [ 287.118957][T28731] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 287.125055][T28731] ? shmem_write_begin+0x7e/0x100 [ 287.130169][T28731] generic_perform_write+0x1e4/0x3a0 [ 287.135494][T28731] ? file_update_time+0x1bd/0x3e0 [ 287.140519][T28731] __generic_file_write_iter+0x161/0x300 [ 287.146280][T28731] ? generic_write_checks+0x250/0x290 [ 287.151651][T28731] generic_file_write_iter+0x75/0x130 [ 287.157108][T28731] vfs_write+0x69d/0x770 [ 287.161349][T28731] __x64_sys_pwrite64+0xf5/0x150 20:05:01 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x58, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x58}}, 0x0) [ 287.166292][T28731] do_syscall_64+0x4a/0x90 [ 287.170707][T28731] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 287.176846][T28731] RIP: 0033:0x419777 [ 287.181088][T28731] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 287.200772][T28731] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 287.209268][T28731] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 20:05:01 executing program 5: unshare(0x64020000) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001700)="5500000018007f5f00fe01b2a4a28093020600feff000001080b00000a0007003500281e14000000090005407fdeafcb634803535631a1a314ba790695cc8941f1e1fe2e0f6ffcd62a77fce42180ef0050ecc427fa", 0x55}], 0x1}, 0x0) r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) write(r1, &(0x7f0000000100)="642514745c30d08e7b0ea86740459410b75b528dadf50586596890683fb1cef1e70ba85d380e7330a4abac825b7c34c7e069f056def4353766be47d606d9d8e0f1dfb79342671a", 0x47) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e80001dd0000040d000a00ea1100000005000000", 0x29}], 0x1) 20:05:01 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 287.217537][T28731] RDX: 000000000000001d RSI: 0000000020012e00 RDI: 0000000000000004 [ 287.225509][T28731] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 287.233482][T28731] R10: 0000000000011080 R11: 0000000000000293 R12: 0000000000000004 [ 287.241464][T28731] R13: 0000000000000004 R14: 0000000020000278 R15: 0000000000000005 [ 287.305577][T28755] netlink: 'syz-executor.5': attribute type 7 has an invalid length. [ 287.310560][T28757] FAULT_INJECTION: forcing a failure. [ 287.310560][T28757] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.313701][T28755] netlink: 'syz-executor.5': attribute type 5 has an invalid length. [ 287.313712][T28755] netlink: 33 bytes leftover after parsing attributes in process `syz-executor.5'. [ 287.326748][T28757] CPU: 1 PID: 28757 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 287.326768][T28757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.344550][T28755] netlink: 'syz-executor.5': attribute type 10 has an invalid length. [ 287.352813][T28757] Call Trace: [ 287.352822][T28757] dump_stack+0x137/0x19d [ 287.352846][T28757] should_fail+0x23c/0x250 [ 287.381437][T28731] loop3: detected capacity change from 0 to 4101 [ 287.383022][T28757] should_fail_usercopy+0x16/0x20 [ 287.394488][T28757] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 287.400542][T28757] ? shmem_write_begin+0x7e/0x100 [ 287.405603][T28757] generic_perform_write+0x1e4/0x3a0 [ 287.411000][T28757] ? file_update_time+0x1bd/0x3e0 [ 287.416022][T28757] __generic_file_write_iter+0x161/0x300 [ 287.421682][T28757] ? generic_write_checks+0x250/0x290 [ 287.427065][T28757] generic_file_write_iter+0x75/0x130 [ 287.432446][T28757] vfs_write+0x69d/0x770 [ 287.435108][T28731] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 287.436690][T28757] __x64_sys_pwrite64+0xf5/0x150 [ 287.436712][T28757] do_syscall_64+0x4a/0x90 [ 287.446863][T28770] netlink: 'syz-executor.5': attribute type 10 has an invalid length. [ 287.450826][T28757] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 287.450853][T28757] RIP: 0033:0x419777 [ 287.459345][T28731] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 287.463392][T28757] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 287.469313][T28731] ext4_test_bit(bit=16, block=18) = 1 [ 287.473146][T28757] RSP: 002b:00007fed145d2f20 EFLAGS: 00000293 [ 287.483500][T28731] is_bad_inode(inode)=0 [ 287.503129][T28757] ORIG_RAX: 0000000000000012 [ 287.503138][T28757] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 287.503148][T28757] RDX: 000000000000029d RSI: 0000000020000b40 RDI: 0000000000000004 [ 287.503158][T28757] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 287.503168][T28757] R10: 000000000001157e R11: 0000000000000293 R12: 0000000000000004 20:05:01 executing program 3 (fault-call:0 fault-nth:16): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:01 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x4000, &(0x7f0000000040)=0x3, 0x7) 20:05:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x4c}}, 0x0) [ 287.503177][T28757] R13: 0000000000000004 R14: 0000000020000290 R15: 0000000000000006 [ 287.506443][T28757] loop4: detected capacity change from 0 to 4101 [ 287.508580][T28731] NEXT_ORPHAN(inode)=29447707 [ 287.508587][T28731] max_ino=32 [ 287.508592][T28731] i_nlink=144 [ 287.518329][T28731] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 287.526283][T28757] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 287.606598][T28757] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 287.620473][T28757] ext4_test_bit(bit=16, block=18) = 1 [ 287.627958][T28757] is_bad_inode(inode)=0 [ 287.634802][T28757] NEXT_ORPHAN(inode)=29447707 [ 287.641769][T28757] max_ino=32 [ 287.647497][T28757] i_nlink=144 20:05:01 executing program 4 (fault-call:0 fault-nth:17): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:01 executing program 5: mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8, 0x50, 0xffffffffffffffff, 0x87c90000) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x58, 0x2, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_TUPLE_ORIG={0x44, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}]}, 0x58}}, 0x0) sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_LBT_MODE={0x5, 0x13, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x40008091}, 0x810) 20:05:01 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x4c}}, 0x0) [ 287.655703][T28757] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 287.762869][T28805] netlink: 'syz-executor.5': attribute type 3 has an invalid length. [ 287.773033][T28804] FAULT_INJECTION: forcing a failure. [ 287.773033][T28804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.775337][T28806] FAULT_INJECTION: forcing a failure. [ 287.775337][T28806] name failslab, interval 1, probability 0, space 0, times 0 [ 287.794235][T28804] CPU: 1 PID: 28804 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 287.825011][T28804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.840656][T28804] Call Trace: [ 287.845959][T28804] dump_stack+0x137/0x19d [ 287.854227][T28804] should_fail+0x23c/0x250 [ 287.861999][T28804] should_fail_usercopy+0x16/0x20 [ 287.869714][T28804] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 287.879531][T28804] ? shmem_write_begin+0x7e/0x100 [ 287.888453][T28804] generic_perform_write+0x1e4/0x3a0 [ 287.898697][T28804] ? file_update_time+0x1bd/0x3e0 [ 287.907306][T28804] __generic_file_write_iter+0x161/0x300 [ 287.915654][T28804] ? generic_write_checks+0x250/0x290 [ 287.924608][T28804] generic_file_write_iter+0x75/0x130 [ 287.933316][T28804] vfs_write+0x69d/0x770 [ 287.940560][T28804] __x64_sys_pwrite64+0xf5/0x150 [ 287.947204][T28804] do_syscall_64+0x4a/0x90 [ 287.952997][T28804] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 287.960426][T28804] RIP: 0033:0x419777 [ 287.965021][T28804] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 287.990153][T28804] RSP: 002b:00007f0b5e2cff20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 288.000914][T28804] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 288.010443][T28804] RDX: 000000000000001d RSI: 0000000020012e00 RDI: 0000000000000004 [ 288.018518][T28804] RBP: 0000000000000007 R08: 0000000000000000 R09: ffffffffffffffff [ 288.026476][T28804] R10: 0000000000011080 R11: 0000000000000293 R12: 0000000000000004 [ 288.034549][T28804] R13: 0000000000000004 R14: 0000000020000278 R15: 0000000000000005 [ 288.042527][T28806] CPU: 0 PID: 28806 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 288.051304][T28806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.061357][T28806] Call Trace: [ 288.064736][T28806] dump_stack+0x137/0x19d [ 288.069075][T28806] should_fail+0x23c/0x250 [ 288.073491][T28806] ? getname_flags+0x84/0x3d0 [ 288.078161][T28806] __should_failslab+0x81/0x90 [ 288.083006][T28806] should_failslab+0x5/0x20 [ 288.087518][T28806] kmem_cache_alloc+0x46/0x2f0 [ 288.092277][T28806] getname_flags+0x84/0x3d0 [ 288.096847][T28806] ? vfs_write+0x50c/0x770 [ 288.101293][T28806] getname+0x15/0x20 [ 288.102470][T28804] loop3: detected capacity change from 0 to 4101 20:05:02 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:02 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x4c}}, 0x0) [ 288.105256][T28806] do_sys_openat2+0x5b/0x250 [ 288.105281][T28806] __x64_sys_openat+0xef/0x110 [ 288.121172][T28806] do_syscall_64+0x4a/0x90 [ 288.125572][T28806] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 288.131464][T28806] RIP: 0033:0x4196c4 [ 288.135346][T28806] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 288.143931][T28804] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:02 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 288.154941][T28806] RSP: 002b:00007fed145d2ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 288.154962][T28806] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 288.180518][T28806] RDX: 0000000000000002 RSI: 00007fed145d3000 RDI: 00000000ffffff9c [ 288.188479][T28806] RBP: 00007fed145d3000 R08: 0000000000000000 R09: ffffffffffffffff [ 288.196447][T28806] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 288.199913][T28804] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 20:05:02 executing program 5: r0 = socket(0x11, 0x800000003, 0x0) sendmsg(r0, &(0x7f0000000340)={&(0x7f0000000180)=@qipcrtr={0x2a, 0x2}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000580)="6ec097be2e682bfa918dcec9b9dd7902000000009c000000000000000000d4f66fc479d2a736fca104f1", 0x2a}], 0x1}, 0x0) r1 = dup(r0) sendmmsg(r1, &(0x7f0000002cc0)=[{{&(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff, @host}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000200)="45c9cc893e68b552354f20858d5e479d905f8dfd94a532b8b3a17734795fcb4048d0829997fa35f27e588f89112856465515b36fe41defee2c3607c1f865a57950d795567fde569d2d192849ca8935805e12c79418a80f48ebbe7aeaf14f1a7e181c6be3d8c4d662c9017237542196ab7f2f9a509c02af97accb7afcb29cbfcb2abd345649c0576b050f05b2c8fce8a42019980350a28f9fa0fe9688877ddcf5ff2702e3c83bd5533b57ba2e08f39ea296c4", 0xb2}, {&(0x7f0000000380)="aec487e5efab2f6d26258972534f13760ba99df8fa69011c7c3e6d9648cf1afd7765ed1fc48fe3efeabca4fe3f1a2bb13cd1a8095518168f68113b8e8f5e4c4d7c4bd4ce2d599821298e7308cd9d7ee9056562ab2fa06eb7b46aebb24ca3d45ec293e9840f4dafb29db1c7bde39518ff3918fcb0e3e31b8d1091aa4a0a6bd5181678c699e7b19d46746b31b5db43025effe962b9694e6274ad690bdc0fb8cea620b89e01532e9da5fb59c4fc6cbb2ed55e3c20ff47100897e755a0d880add3238a92c7", 0xc3}, {&(0x7f0000000480)="cf706295c6502bdb1dac1937767715bbd1daa7d1f732e8040b5d2399385de4c699f53017ba208233acc0cb5402fc9c2d3e1a6ee708abcb60f66590e6d91cd905399a90269013065599b951576fb7dea0df2ade905581d2f76e37ff8b7e7d0ebbf3348e3e8eb5e3c42771a2fac837703c68e6699a61a15b0b5988d2e449499a41c3cda58dbe5a76b9f855ccd628544be44807251830ffe8f9c49ad757bd61689f2a56bfc6bd13f13ecd", 0xa9}], 0x3, &(0x7f00000005c0)=[{0x48, 0x112, 0x8000, "96636ed7ae23d9bea3b9d9372e56e54203a32931e3ecac763af2b438c5efdc82504b157fb486c7d098fc2c5fafd4a999f7365c72ee"}, {0x1010, 0xff, 0x2, "6a4fd40816efc1777b8a6762279d705b1a44cd597c1020da5ebbf8c7a9ebdc039ac03a9b0763ac7fd7b4377f2122cec73f84eab3c0c751852d90222bb175cde7174c54cf1340c177861f8e34edff2516ae39ba3cf3afda8e115a5b313ca6c0ae57f29c68e8033a32da537ceaaaba12b628402e8e6b918e82c184f01d325ea84ee614c901429bc6cdf9c4e6c25e9a88a43ed4955e2520a103c949b66b4724820a757da71954bc18007b526e2dae8a834ffc6fcf43754fb8ca69bba6942c5d06e30b3b45bd5c95283aa840717ba8696ac0aee6d23416e0043bf04e0bcb15c5beb431907feffeff1146459764812840928c5a6b56b1772be32735874d661812fc787df7b9ca45f7fe3ad18a58adb456cdb9a26a89ec04c7d3a593099af90d71a7dc30335b461f16f8d177a42f64f85ec61f06f9c023fec1ccfbe24b61a18bfe318796e5a4a251c11a7f22d38c7cefade28815ecab90f01387d17f1d06e3d5c67fd2ead2c34d033d84845e81bdf0f78cd19ccb030cd3de6019f604b4fb4ee1dca216c18564c8c6c876541bb7b408d752e1dcfaa6e01e033f37f40c1333cdcb0965e99aa4647b3742f9a73c64daddfc5b2ad7a42eceff880b9ab8e0a630fe82305d7bbd336f5bc2f25e73be9e49e423e241cb0a7dde3f85940664a28fa90cdc4ac4761a37b9b67e607b45febef398896f3b78ad865d5618534bf68e4cbd7cb228298c50f443ad6fd99383518c4713242b043a45d4662f2ef0bc4ec1908ec3d95ad8034f06d8609b28a091484de3d1276356eadfd45d8c2a0bc26e0c6a596829e73b486f520e3fd784889d94de78c15060a7ca7ecd4217903ee4f33a1ec0246613374cd8eaf4c180b28b035ce7802e8045219a17b82b405d2417e23f574966dbd4906c5c069e14378bdff1aa3b341c70b0a4e19aac39248f174ea4e53ee2667ea539f8284e76f35fc4b6bd149a4820ccf020142355e0572b11d00b0198951683bd0981ca4097b703c33e750c5c90dab994e685bbecc1daec507420f7aebb7c43cb3027e0d37e21db4c61ff29895207a665ee034aaf95ded71f64448fb52a3abd0b7ab0f555a0b1123053c648fd796b06367725fb2038b8fd27a3fd3ef82173712b0e0f768b92c3c4562a658f320b372d441b87ea213aef419f6391df5318f897e517877a5fc35c8c3c51080670eb81a8bc7496b3c503856abbacbe25e14590d34cd824c23897880e8e78b57e93cc757a34ccdab762d7f98953571e0df7e08d9f282252cd72ff4a5656f58f876fbb41c5a1f397651c2a9cd50386c23d0bddbf1aa1373ac73e4e8ae6a997717771bbd113602d4fe5d3df6607e69636db1a7d1de74cc20ae6e6a2e495b0962f8cbe888da35559d584d61475171cb9422a08aa72b75baaa80b20b488a262a490d7acb793ce24a82bcec0f2816012406d125c561d100b4f89a7af2bcc20d0c6a1a969932695e7e21edfc35429bdace9336c79fbfb9c63b135596a7cfaaa5c9b629c88dc4556b2f6198d54ca1757cabbcdf4383ee881f2ba36bea3d7b850bce4624fd2eca167d35dc50ed8b5dbafd732e054c3ec9da9d248c48bf673735efe3efe4b6cf56abcd7861ef92967c578cbdd39460c57a5d053371be090c2722129e49f6cf1c907f0f61302262afe295619c402f9e0d7e42901ea62e9735c02215ea11aa0b5cc2d20c16cb6070956dfc9ca9dd190389522e44bad0639da955f1992eaf21d5b48fe6308e6dac212260008ac93d586d625646134c2b6db23ea4b01f70d647e5e241a235b3d4554454444a0f1068acfb9123538081dd17945b4514617d054085b7d230e302072de870657def1dbc8393e8017e39f69ad5f767b57ecfc22f590fd54b49082e96d221a45684b1e7c921158041f1187dad6ed0b75a664b9c9e4564740e54d6ff505e55482aed8b4017317790da9ace284521aaf8ac70c029d7bddce2ff3d421f744e5c3af719a02fb7df66ce06695cbe7fca98bec2b1ba3306c6c514385e9ebda213c1a7f031185bbc4f384e960ed087d8e61ea868a66a821cb72e46180a19d979e28edf9c6becd1dc6fbe646a079f8e62eee9f91646e427f1b655cad1056b025646910d41eb270b1f8eafde8e826865bb44cc15c7d56fd3c1a454217ea0654cb28d305bfc04f88b94b6f5b1e3fbc5b960484a3cf2aee37627efb8a8b2696665703a458acbb38dd4dab6f85796470d13b0758806b9b0774216886c2cc246d3c74ed8373ec9374a63e4cfe3a6f0b103a2af58dd6a3e7cbefaf543fc8ebd344b9b2a896df8dd6b8a427dc40ad6550f09df99db41120a27f9e55abddaba0a3918f0063166fd84774f53609f4d9cacb56855750ae62be59ce35649805d2b236188be4745174a344f5d67125a5ab3ac577a42299c513d3d0c0f6e70b97e02551334bcd8c6617c636629988768f5e820b52e96222959c6058c4fdcc6832f05002770017e05855640a2f4c7cc527bc027d638ecb05f52b83f64897101de9b305d9de3a8881df4bebb3961bff35fa1c2740ebf1b7b59c2f07e11ef0a25a003c893e0128119e0eda8299f58b09f2b691ad7071446d91dd3ab7c54e23d06b06b883dc6d56abfd197f8073489a4aa83fab272d582ff34f106ebeed8a820abdaa235593664e807e3ad11a43d9d17a7f0e52fe24db628a2bee4a31d4ed89f92f37bdd07381110fd724bb68ff945b668ee95dc28442fa3d60da92c7c54396ebc606488e5a4d40f2796bf3ca09784bc876f00af2c3bdf262d180c71a07fdbfbac76ce59088356da907ed47c2ab84c26aff85a489d233b79ee83bf0ded239ff146545be51562d492d47e6440dfa5bc07ac2d51357e5ce5ffdc16c448180ad5fb8e8176b42eb693eb00820752f947b045c03a2d313f3e15cc8ea6c66d6525bb8e6721a5c9cc8dd838fe0a295f5c6af3bb69e4047dc0337e757ff3da03ff1db74a66f4f64a1032096a9d6a2b2596a36001bba68efa1aa63c80bf8bf75fcd77184b58fea56962d822458c655d02e0e7544cd7a18c96212eefc5305220afc087b3b4f76099a79948a33652f849a0669b13a3469b4b0224044bd18675890576f74b6c4ed51b5822fc0b6e8c0d3c6253b6b82e2e90176539e9578367f4f0fdb95f9279f083edbdd377c709bf8b10e9dd3ac249bfb75d13681252e0a5e190eea424ada6d47aa25481b62341bb557133853c86f09093f0f8aa8dc849adcaaa49ddb30c0588095874a7071b2d44f350f8876561e855d945231b9908cd7751bf345ef8b630ff3e3c724463fafe82e01329c38ebe32f76d09d67efb13fa5247c02eebac37ba4e98f914a54034ec8af55a1aa6e3d573ace2c51e20592ec9c9e0226a8a202461e056d6ec87fe4eb4aea43ab2893f271baafac1197821e3ad9f4f55db14dfe189fceb7a107633bff9a61dfa4a3f193852e0608b70aead9f8c5436a3c60558c81a53b22388d8f97efba31e7d904a00abe5e039978e3da5fb406f92f92b4b0be763f8d0c5709baed16f771516a53b46773a6ae5a3c00b999079c8a43e2e28a5da653d3b94545b89234052f19810d7e9db16857a56da98a159f94f5471ed87ceab3361052cd6ad8e9cefd06d074ae1527f836488a874b0863d38455165017863611e6f14324da66273993c4bcde9fcab2f56294986d9a57fedd97231fe005d5380049743422f49539df878c688afd4a7b3d3d7afde67718b4010f34f4d62157cef540523a6e3d4c4342f4bc1331bb23a65e4ac0d88062aadbacd5b6501afd844cd9e3d40b49d97505ae1a7c8aeb236189b5b7df1593a53e4b93ffd8021e957e663af47e6aa9ba2b8182ce68f5c3a79656a83b0e2bc3e2f058a3e77aa7e3b07525bf4e485a30a666ffb77a5cca5ea02af48bf158566f69f8b7401b197b4d73cef0b6eab048d4d18aedfe3620254a4b94c4920f0884db868975ab9c5ec071f18234629eb90d279d6a41fe6068bc6d5a44fecd9d3886a66cff501f4e4d15ac0aa73dc601752468bec778fecc3663b324c4aad10c5bc379a5ff943297acd2a620eaa41f3d0dbae088fc8c1993ef375733cd4541098984becbd019d3bc313006662e0ad3bed2014756e9ca885045437d4d78765353d4a46b27cdd81ab810b059214686b6522d88fcc7a159c4dbd7e9ed53e8687b4fb47173388bb5abd2977f78a6e6dc2d9f46715fe8a88d13435579ac8dd3d6a10820d04caf4c171e20d08e9d65a9dd75ada87df342c7dca28d2b25d076a2e7df6ffa59f1b2c4a0d9ab70b97cac9f439359a8fa5dd3a5f752a1fabe1f3f06531fbdf26752beaa83b341a05d85a0d8156acd3140116b1e792fdc8337c411fc4092663832f002fc1e48f88ffb701d18ba3e5aa98f9060591548909fb76860711be3755bb2242157cf14891018463d816afea5c6a1083138349a62b12ee025be9b0d76e37b646b9e9b200eda0e10d31e807c525c56ee97b49e17da8ca6df1b8d27401c485a4d4fb9bc4fdd67965b0383895c4596f87fd14f076cdf75ef5023d33ce94bea9b2354c57ff1e8fab7eec38be9b1f084d76508716b3c373b227dc221241aa79c2ce8779caa9d47372b9b045cc916f3428e0d98f28f0cda340249c10c0827368529e09d1e73b259de452254c37bcbb37b433366b773bb55355bdddd3554fa736e3c9f9c1e38f72aa419549ea541479d279b227d402d511b3764041cf6805179f9f42302c3c161aa8367e73937bb8fdbc068d85702b399a4c2ee9b9b12a3ac96b118f988189931610ced2b3751280594bd2f83af0f560534ae5a64da02137a0629a12792a6e3d0f822231f625a213ac7840b18cfad9dfb89cb476954d2eb1db5d902c3eee7d4ed64f038b086585428b640b11915c7b88985411abb1fae5596b808109e7f65819f18b21b103ac7f379f705cb241fe0df12e01f51ebbb08cdf33b7543a2352245276e684288abcdf4e3eda9e383d14225fae38bb579137baf1cea98aeb6db710d481d8b8d239048c25a55bf82f081f7e24e8942cb980bbc3fcb7f25ee7bbf1b634653d5ae01c4b963f340e5ce24482a327b4ca450a727744749686d744b6f955f4e22aad5caaef96b2dfaf6ed37eadf664f8ccf53de8a21162b8934b21b9df7db5f095e3e9a3bdea6fd54910feb9e806a3b2b202b2d318b70e5f7fc10ee2e32c298a69233fb3cf06de1ac473b0d450bd6c0542fe6351ba3ed8772f9740e14eef5958b843b65810f1046c74469631c0430648d1c589922a13cc9846865d371e4db41999e88583c8aacfa5d591141d7b300e351479241cfd5d46a5d726a36c2bb01ededef2f25093b851f4f9164da57d4391fb315475d16d30e102b47f6323d8e92036179e7b9fd9dd7f5b3e3187f05e2ddecbd0ddbb0f6cc320d45f0e2d6b601e8ca4941308e24f46e2f4f578af7ec2a589a8175527123e9d30b8f6dcd45c1f2c77ab3783f5503f08b3b8cf67a0c3dffa23a8224f496d6b620a1b323d68a555e91bf2dd2f1a8a106ecc9a6cc6818d310b33194643c1bcf8fd8196c9030ab0ad77894df4574c9d373d30d0c931e8e2f5b84decf0a9650f1bd41e6daa16a3dd1076c8043bb17206cd732c847dbd1cc10c8879a577920d77725bba7f7e03ef27bb63592717a4790ea4aa7d187b4eb14e2c7e910f0f402625b5004b324ff80a3e8ba84f8057466f59cf00f9bee688a3ae460b68bb9355884f7f5593af8515553c22bc29d0fecc6ceb66afbc451dd610bf9f51717447c35066753348ffdc38297e58681f69fd91d1578ea462913111402b79514c9ea9b2ceb97f1e7a9a592f9c0193151c702c3"}, {0xf8, 0x114, 0x3f, "edab0668f253d0b30d75d33aac567e4a47c0c5104884de981175613614588238ad1b01f96bfd64e0d16cef9548273436560606436600d5328319fe3ab579d63d52c53830ed9b3e1abc3b7b81de8e238ea9a689a4d444495deb3bddc7d8551d3756f94f9799a1418202bcfdf9f66ec3eb2790f996135bb51d23103806ccdd73e6f261b29ca8791b5b309ecd97a31a47a56090a223ef3f52c931b1fa5f0cc6aebe7ad828eba982998a77829563769f28d9f5420ff49ada94073b217f61b57257f28f4fba6885e86ff3347f2cb6b0d2f0d537b1b6ccd57190144e91e90e05594ae569d23d311aec"}], 0x1150}}, {{&(0x7f00000002c0)=@hci={0x1f, 0x4, 0x3}, 0x80, &(0x7f0000002a80)=[{&(0x7f0000001740)="10363b096c5095535105dc4a2113d14c28f808aba52e2e1aea4f25ed21f0f0a8a8c059ecbab1385b3704cda1c13f5010a55766430ccb5a6a03f65c32888ff1d21021c37a8d34518dd0d87b59b48ae9a83e1386cc80766b9db7053e7885f18cc9554931f68e1c8dc5c92ccb7d3babfb69ff9f5fb4522eb3aef784cb413f3aa82d4ca9886612c97e771cbbf535b1e3eb8e378fa069b1d7b4eb7ad2a726667becee683d32ec25d276cb83309b3974e1fd94b00c52659dddce1b3fbe933f0c1659cb52bf5d662f8667b0744dbb30cc11ff50af3201be5431288d8400ca01f8703317c5bb3418cb9299dae527a6b92f30c295c7729069b1ed13cede6f47a327b7dcfae8420b26b72c3774443c36119eb72c81570888905c2f7b57f060f2a318d87ecd107ad569b79f2445322fcb5af389432538a684db839f37b951d6ddeab63929973ab9687a45c4606e33ed91891e2081d87bb5b3bc3ba766a354d39c7957f2a2b66af286786c095d5948bd6e30cb55a4993f2983de4c0c67d4868e3d13011a430cdf60d5740dd46760caf97e373ea41b79993b3fd18d47ffd57d23fe5c3686166ea735ca56e2881407b1b30294c2a495a92ae4be107a496120720cd4707dbd3fe8d08dd42bbaba1524148f562de14d985c8850b953d4f3728e406de3cf8b822e2360e738cd9bc8171bee379d727b14cb63b59253d7321337f96a884b96f982faf346c2d19d3060ac8ea7065af126c041547c7da682c5e0062cb65431d0eb33bf67a2d76a3e02b4210ba6abc8788b88ccb24d3d31853ca7745bf7e8fca1cc849d91b621b48935cd85a18c8e08f8d7a1867d3ad636b052037ee46fec0752bf463e910fb6bf200dd0fab7a8311ebd8d293ecbae739e2ba69a2348a86dab8f20bcfe4d5998153d8f84679ed8532ffe52522be96345a3e23f673f6a57262b06c730762b9a5cb5cc05dfd4d0adf97cb2e6202f54812e024bcd4e25cc0cef2b88864e6eeaf25bda4c2c070f2a4c3d8a101b78273e883042275a6d690ca9e0d19668897be50510b6cc1c536a8f4a36a395b3771065b20151eaa450b391ed965e04ed670234a1e77e79aaa9debb2905c1bf77f616aa0099276e7afe7beb4d3a4667077f8c9414d9e4d5092c907b7a7285fde2eb846f9aa395be6f2a41a60c70acc1e8bf9f916e8155fd18d5815a829da12bd28e1a6504478b6677489c6310d33230afb49c6fc046fdeedd8977c320a6fda60aecc7959997461c4f8928eb189bd436960bf64f4584dd56cacae0567774c89e1964e136f3de7498ddc73eb875b53ee6387be965a2ccc0e9a6a0d57257e8af49274808f1e14e19f0736c8229a44973d3a588d6994707a66e542ba76e8a7b1ff7de2ae7ad13763a265893db95b98a518c2a5f85069f5da44ffbc1ce33052717103a8303142145e144131b28e8b24893d91ccae5b89b7d573373b9576445f02b20a982112d185ff8f9c20cc950c8fe763f7cb7dfe738d5c4e12890238f7aa36727b4a0dc14e4cd2db9c87bbbd1e95d42107f110ee457d3713186864630deaae328d5b4235524c158881050cfece2ce339aaecc826127d5e4bbc723d743696bc458f0f00919ec66c8c3cee3b62e185277e9d9c9536a6d04d548d07195cf96e11360bf63be438c770919fe3e25d73e73159423b6f59857a867a9666269ca477eae1688bef9243cd97d12ec2584455f5e3b6f8f65d918a8a06f27c16e242b5bc20700fde453850ce6324d09787350dc350a40b3dc77414628b3caabbf32b4e9e988a3de5548e84c433fe3b73b2b2559302ede40b0af9d71d711e723e7ebd5e22ffb7af94b1e66e79ec92482988564537178b16f176d0388f3ac2500d237168e520f91b7a4f667177afc1e4f919ccc704b39d0b02f85e2259b99490c330b05088cf2f6889076c1e6a8be16813a1833c73caed08fd8e9c43da33a0331ef0bf9f2a48dab91c57682fa4f445fba420e247eafd2cbd87d851df3d13cd2ef5e5e30a19d4f5ad45d39ee0e02c345731218a24042a2fb1f5ff42cc4e27421ee8099a875e09ee7223e1cf9e0e20edff203c57a9d79ae5dca242db96a39c75a9b64e8a4ec5d05455c57fb73b0efbcbfb1ea593cc62ff99d0cf3339909e93dfd17e9cfeac4a4d323a494126b1fbbc19092e978a86927cfc01fc8bbebb50c2de6838dad830e097a552749a290ec8bc88554a610901f5503a103d0e5666e8d0d1e5029070fdf736857dc57c48179c31904b9dc67f0a0e0de39f03daa95c4bbcaf8df1dc5a1f3885b7453b344a62707e0ac65351cbd4e9b660ec06d48123e3ddc31cfd99f5d24f25d5853a0060223369cfd0ffa40d4f868e30a6370acae57be306cefddd289c8e6d6876bb49269ea208a044eab30478de4aecf6be24290c27f334acbba43f64c236a78b043b419ee1d6b8472be6d7b77a97b4db4a49f43cfc59ed502ca462fe562d29f4ed33d1a2033fc963e529301f76446de0fb0c1687785388d3146baef1dda90b800ca36c01012033b3c3dc10e5dda38f7da9a2d6913876427f3fbb3bf26173d577f19ecf8c4321f190b08d30de249790abb00614b315cb389f378d26c52265500855755f24ca1da1697c379e444eab31b3353990baa2d8dc4c4ec9050d92984bd8f3825f7d8049f81330b421fd221669c240251b57e39ef0494510bfeec4a16605adfd42fb007625eca553ef3ce9ca3cc6fc0a48ef5cf5b9dcf4711ce2607f99bae59d8c32853dd80fe8caa42d502b687b6f196b7058469973859b038d480da3660e2a328388096b585e3ed0a32fbf4fa519907f2bc28219c747db85f2004550c122a2699921324581811eec4deb82dab1cd3f030eb5c05ecf59d82359e46be1a3c489ecf6b3bcaaba049e8fa32c0d5b018f5f7fba38534f1bcd5e637eefcc25a35f6940d4c2166572ab8755139d475087cacd357318c8dba7ef4adbf6ae78ed562b674113aed1b64744cb5999c4bc362f3b9f05edc899ef20066ad3e88180e57b046beb8c66bbe1fad3c94fa78a9e9a3864b24db0406ea230fe18f50284c778ee5c7923e4146be43aba5e12a53efeb1930404542bdbe25b287d1641e6737f47f2434421d520ed414793638b1ae0541ead859ee9d7ff34bbc9dc42d9dca3076093bfb98bebfe631cfcc5417fed33a8f9ba3a8f4e26614b2668f244112fd8f53479b579b2b2858263197b452b0c8040fb87dbed97e58c3801436eb9ab6abb53f995fae3ddb507661549725e510194c1629fd7fd8604f9f859665e43f351e9d3986f3cc0ee5180e09a6b029515de0694976fed43a63d2eaf7692171e85bb30b73c3dbb9c7f38b2e23cb0c12f5a423b1c69d85241fec97727b4cab2e3bd3732c04c42c29790171dfc5db2fc2740b19c10fe9f1ddafd2402b93b11b61fbba12b60169bd7343e80d231ff52be2ee719aa257338f4612c39af4d0b2bc7d113350a8ef7070853392e398d4bd7601b6a9081a5327d3bd3fec4bdfd39801098711da33c2d123fe50c7a11f747fc8e0e300bf31cc9b0c8db116f7aeeac520d8520448ea9ae97b77d8a5eac8727cbbcd1810afa05cc3083fe691fb84f6f578a88278b8c19fbe11558202d135437fa1e02e70b9613df68bf666435fba0d99ad485eb990f482760ba1a710e1e6540a7953ee723112978b20fbbfcb0e3aaa7e246888726236765ba1256ecd77f743107a1036c613e1b69097cceab34f901a18688f4794ebe1cc03e524f38b27621e1c9694286e9349dd1cba24241d86a5d181b015f96307db1b45df85ebfcf4a782be6a91b3348f87be7d1590ca75759bdd9eead9a159592878b9ea03584cb1b65844fe7216ad7f140be32a60e30f1c828ad52323403ec11772036d9276065709ff81d49503ffbbc4d6491d47d954cd8b42846058300c4d36c0b2629fcbf25cb5f2956a0203a5f43403ca2ac1ba9663107bfa4e1feb7f47a32081f74a5d38a0cf996f2cb059317ef9ac771800f301f51df2e143cf7df9a02f6b78f123b42529918adaeec44632f41f90261fff830d25934ce42fba65eb02845933e3bb26e724346b42327618507671eef31a7aa3c690f80c79fb15c6e17c537a163fd4a83b29b1e4b23e4e9f60e0010ac982bd85432aacf88400d6c9460bcdcfd1e9c80a3d2b904c81aa0272dacc51521a191ae9bde6eb10a32f52ec6640024b9a36dd8355a39866eab0df7dc50a1fc5fedd09efefbf2d0303723a4589da84d9380ca46154efe15dba97982f59ffd10064e11d64b631ebba1ae3d05016b5bc2d93bc6130e778ed816e664ec9caaea4694ff8756366e62c67ae137c36534ee4a573505d539d2e38cdf1fc04c8f49a9acaf43e3736a81873689a79b3c2346440cbcf7669c794206a9cbac127cf3d2b6dca7806a23aabd41456aab240c88f1c8e090b9ef8a56ed6970f07b147cb148c5f476273ca4d216c1a29e3ebb5efd0121530ff499c7c75fbd478ad592a857f43b949050ca51708f6364a92fa9d0730556378156b29ce66297fb772d8ee48fa59a359efcca9941877d60e71ea3374d51042adf34088e761b429fc8ab366190047f693e2672190d3e6beb1cf7af87368a6d623ab22d1951752dd4999979ba8d9d3b7a1935c31c1e8fac1630ecf90fb37341b16e0eacc19585eb3a925ab9605df9d7439432387d6a582568c6b4708a823f3275e535251c2151c3f7166212a29b56859c7cfd4346d701fb90ef0153c438a0c0c9e3887b53d8eb217f53c2f7db37df83b89e81650be951f63eefd13f1331c74eb202c17d2959761c6aac1acb5e6bdc31f5933cc588e087e52925e279dc612b8ade03facd103edf10589569345e76dcabe8d48ff3c9d7293edb5bb7cd72326afaf323b29c1cb40998010385741cffb4fe58a9815ef37f4f97663e62d3dda4b7fb2d63cabf291b84de21840e80384ea47fe36c76ee34e7859c1a3f89f7a489554c20dd2b60f5cb984cb71f01d1959546ab19fa569a715bfc44a61496f61e2b4a6a2888b5c666fec7847430d11426ac888873630fad38900446e57d97798fc45e2e90e7020a7dd7a3ee9403d4bc5cdb243b8253c5d424081422043e4a166b4043a4191d47336895d527d73a5894495425b0c717f56ec6c6e796c32d80d7f93693a25cf464946373683a1d2544bddbce2c1de3a19a27b387cc4c975bd3de20935a16893aa9120f6bd414c448e62f09261ad82a21f76e37a1b60599f020955794cae958e03b1c7d0bedd30a876e34c154e94792738de646da054ef2bc37920d1eb8a59f02890ba5d0e8c097d152ef85267abc7144a06f813fdd277c604f5d8d4960077fe7f63eb59494cd16efc2225fa8b4f9ec71a78ce1753f0cf5d6c8d2549aeb8e3c70bcf370d3f3f7bbd3938b85c3b57ff925434f07fe7c386b82d4185177b0b357a76b8e1343e2a41f80b3f9099443c75cb7591b07ac338efb9bb35bf2d74886663480df25a925e8cb9db7f493f87bbdbd4ee06341e841eb58b4336847bca5e72ed5b4b7045ca222391de6e125e31dd7368f3cd20ecba8c0f0c195df300af091f328d6a649055bb353096e76798728f683867defe9015764f3d59caa67a9f6d4bbb29d4b3712c335695cf7fbdd37187387ea4536f5df022cb2dbb6816688939b4a63f0b73fbce67feb1d87960dd950ae48dbd811fc3dc601e68a4b3f40b0a158b06c11b09e504025bcd5949dc459e558dbffebb015dec37028debd4454baa3a82d9f1db440fb1d30108b4ad5c219993427bddfa072c07b5a262ea771304dbee2d3c3e47c5a8cccadcc6a130c5705f7941fde95a06598e", 0x1000}, {&(0x7f00000000c0)="98868826ee0649478284ee6afe8eaae0d6d58e149826280bcdef23b21eddc0d6293c62fde62a44663155762196cb61c39c85a14c045194a2e7", 0x39}, {&(0x7f0000002740)="893879fc09776b58411aebe3889aaa9a2aa4cd4c58de2aa643682e5b8fcfabe5d375ff19d1fd9b6cd3b3203cab9d685be293eaf4c69e60e8d5acdeca11154022eb98662ea34e12260d97577ec8eb8ba5e091f420789825f82a6774cd48ba43efc098dcbcefbb82957efe9e8e1edd77dc", 0x70}, {&(0x7f00000027c0)="accb954656b88db7ab7da59525465da15dd6afc228f434e39171c68bc03a1ddf797037e994df2362bbb75649e463a1fec481d47f48abf2846b0b985715b81132b890e3ca7aafa3037842375ac27a4391e0bc79045c70d677c060d4b450a65f6eca5bbe8113768cce64c0509c415acdec166dfc1e3ccc7ced33db05fd62f19a9bfa0ee2999e55e6bc989b21d45de41d848f04229d1c5739cc0b5bc963139bcb31853c9a11", 0xa4}, {&(0x7f0000002880)="e5607539156ed31a5d8881170c9e2fa9cc766982293e445f2fda991b3d2327ae880f42e0bcec7a981f2d2b4a192b4748993a15815a0a440f2a449db5ad430381ff4a4ce8d84631f09e0e7d6c98d5014a990137ac4a99abf5c873a45753f524e636056d1d6d8d535465fe77710fe5c30348e07f3116c1589df370dd948234b02cb388e5e0237ce2064a9be286a072ce93caa1c62b51184b6252d63de1b11453908041ec2b5b3376d679d76b85eed58f3ba9c5934c1d5f", 0xb6}, {&(0x7f0000000140)="ea2998bfa3b1fe96767c6232a187a9ed", 0x10}, {&(0x7f0000002940)="092b4ef866c03f045f4d155bd5a1c4ca1db8d00ff7cb2ee231051794fd867221e6748c8323fbe060c9a128c1e425bfc992fc969937b5656223f1136804ca0bc4c0ffb6defe68e564a414fd7dfa345d102ba5c457b599668c34481c05365817fb19234d6b15b964b80153b8db5bbbb3cc971d7ddbea8169ebf2e442be0c34bc090dee5dee6488e5f78302eafe3cf6eda813dc3e30a529d0e3921e0faa0f997040c3", 0xa1}, {&(0x7f0000002a00)="23e2a3d57850203d482b9cd859e591a2cd5af6c053025abfcb97bfefba90cb07ab7b747186040dd627c333087fcada4261135b0a1a11b0281f4291c0763013f11f9e1e6307", 0x45}], 0x8, &(0x7f0000002b00)=[{0x40, 0x111, 0x8e, "7163bd6733e79aecc1b3d89590073c07226dbe67235d918835e94fb1b31e1688e9c3ee132057764312"}, {0x28, 0x100, 0x7, "4a4c8d693d9c951890fb65323a2343e4b9a1a09fc425"}, {0x68, 0x10d, 0x8, "823360888cd8368c8542beb982a5fee1e99367307c4cf821b28b919e64ef26e2b700443ab09a6e0a0a04b1da3916e6703c6a60de50e9ee574ae7454accfe8daf744348cecdb9a2a5434fdac2fa65571d48"}], 0xd0}}, {{&(0x7f0000002c00)=@qipcrtr={0x2a, 0x2, 0x4001}, 0x80, &(0x7f0000002c80)=[{&(0x7f0000000540)="84a8b5ad63ebd5315466c25fc2f2e83f6a7475b504a12d2adce3db50ca98118503694c6d33bd11cb52f8644cb7b7f4abe4a42fccde8114734399c0a6a4c507", 0x3f}], 0x1}}], 0x3, 0x40040) 20:05:02 executing program 3 (fault-call:0 fault-nth:17): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:02 executing program 2 (fault-call:3 fault-nth:0): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:02 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 288.204415][T28806] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 288.222989][T28804] ext4_test_bit(bit=16, block=18) = 1 [ 288.228643][T28804] is_bad_inode(inode)=0 [ 288.232885][T28804] NEXT_ORPHAN(inode)=29447707 [ 288.237631][T28804] max_ino=32 [ 288.240990][T28804] i_nlink=144 [ 288.244652][T28804] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:02 executing program 4 (fault-call:0 fault-nth:18): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 288.378943][T28836] FAULT_INJECTION: forcing a failure. [ 288.378943][T28836] name failslab, interval 1, probability 0, space 0, times 0 [ 288.391687][T28836] CPU: 1 PID: 28836 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 288.396354][T28839] FAULT_INJECTION: forcing a failure. [ 288.396354][T28839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 288.400631][T28836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.400643][T28836] Call Trace: [ 288.400650][T28836] dump_stack+0x137/0x19d [ 288.432017][T28836] should_fail+0x23c/0x250 [ 288.436459][T28836] ? getname_flags+0x84/0x3d0 [ 288.441124][T28836] __should_failslab+0x81/0x90 [ 288.445877][T28836] should_failslab+0x5/0x20 [ 288.450370][T28836] kmem_cache_alloc+0x46/0x2f0 [ 288.455143][T28836] getname_flags+0x84/0x3d0 [ 288.459650][T28836] ? vfs_write+0x50c/0x770 [ 288.464056][T28836] getname+0x15/0x20 [ 288.467929][T28836] do_sys_openat2+0x5b/0x250 [ 288.472506][T28836] __x64_sys_openat+0xef/0x110 [ 288.477252][T28836] do_syscall_64+0x4a/0x90 [ 288.481678][T28836] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 288.487594][T28836] RIP: 0033:0x4196c4 [ 288.491468][T28836] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 288.511055][T28836] RSP: 002b:00007f0b5e2cfed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 288.519465][T28836] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 288.527418][T28836] RDX: 0000000000000002 RSI: 00007f0b5e2d0000 RDI: 00000000ffffff9c [ 288.535389][T28836] RBP: 00007f0b5e2d0000 R08: 0000000000000000 R09: ffffffffffffffff [ 288.543368][T28836] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 288.551405][T28836] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 288.559362][T28839] CPU: 0 PID: 28839 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 288.568185][T28839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.578412][T28839] Call Trace: [ 288.581674][T28839] dump_stack+0x137/0x19d [ 288.585998][T28839] should_fail+0x23c/0x250 [ 288.590493][T28839] should_fail_usercopy+0x16/0x20 [ 288.595585][T28839] _copy_from_user+0x1c/0xd0 [ 288.600167][T28839] __copy_msghdr_from_user+0x44/0x350 [ 288.605519][T28839] ? __fget_light+0x21b/0x260 [ 288.611571][T28839] __sys_sendmsg+0x135/0x270 [ 288.616233][T28839] ? kstrtouint_from_user+0x104/0x130 [ 288.623634][T28839] ? do_filp_open+0x17a/0x1f0 [ 288.629288][T28839] ? fsnotify_perm+0x59/0x2e0 [ 288.634241][T28839] ? __fsnotify_parent+0x32f/0x430 [ 288.639859][T28839] ? get_pid_task+0x8b/0xc0 [ 288.645424][T28839] ? vfs_write+0x50c/0x770 [ 288.650422][T28839] ? __fget_light+0x21b/0x260 [ 288.655606][T28839] ? __cond_resched+0x11/0x40 [ 288.662315][T28839] ? fput+0x2d/0x130 [ 288.666956][T28839] ? ksys_write+0x157/0x180 [ 288.672170][T28839] __x64_sys_sendmsg+0x42/0x50 [ 288.678004][T28839] do_syscall_64+0x4a/0x90 [ 288.683130][T28839] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 288.689743][T28839] RIP: 0033:0x4665d9 [ 288.694119][T28839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 288.715234][T28839] RSP: 002b:00007ff909a96188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 288.724104][T28839] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 288.733099][T28839] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000005 [ 288.741598][T28839] RBP: 00007ff909a961d0 R08: 0000000000000000 R09: 0000000000000000 [ 288.749565][T28839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 288.757541][T28839] R13: 00007ffda26158af R14: 00007ff909a96300 R15: 0000000000022000 [ 288.766496][T28838] FAULT_INJECTION: forcing a failure. [ 288.766496][T28838] name fail_usercopy, interval 1, probability 0, space 0, times 0 20:05:02 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:02 executing program 3 (fault-call:0 fault-nth:18): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 288.779716][T28838] CPU: 1 PID: 28838 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 288.788690][T28838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.798831][T28838] Call Trace: [ 288.802113][T28838] dump_stack+0x137/0x19d [ 288.806453][T28838] should_fail+0x23c/0x250 [ 288.811312][T28838] should_fail_usercopy+0x16/0x20 [ 288.816438][T28838] strncpy_from_user+0x21/0x250 [ 288.821319][T28838] getname_flags+0xb8/0x3d0 [ 288.825821][T28838] ? vfs_write+0x50c/0x770 20:05:02 executing program 2 (fault-call:3 fault-nth:1): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 288.830239][T28838] getname+0x15/0x20 [ 288.834702][T28838] do_sys_openat2+0x5b/0x250 [ 288.839389][T28838] __x64_sys_openat+0xef/0x110 [ 288.844164][T28838] do_syscall_64+0x4a/0x90 [ 288.848625][T28838] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 288.851053][T28848] FAULT_INJECTION: forcing a failure. [ 288.851053][T28848] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 288.854535][T28838] RIP: 0033:0x4196c4 [ 288.854551][T28838] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 288.854565][T28838] RSP: 002b:00007fed145d2ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 288.899708][T28838] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 288.907660][T28838] RDX: 0000000000000002 RSI: 00007fed145d3000 RDI: 00000000ffffff9c [ 288.915615][T28838] RBP: 00007fed145d3000 R08: 0000000000000000 R09: ffffffffffffffff [ 288.923740][T28838] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 288.931689][T28838] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 288.939644][T28848] CPU: 0 PID: 28848 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 288.948424][T28848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.958471][T28848] Call Trace: [ 288.961742][T28848] dump_stack+0x137/0x19d [ 288.966081][T28848] should_fail+0x23c/0x250 [ 288.970528][T28848] should_fail_usercopy+0x16/0x20 [ 288.975558][T28848] strncpy_from_user+0x21/0x250 [ 288.980418][T28848] getname_flags+0xb8/0x3d0 [ 288.984916][T28848] ? vfs_write+0x50c/0x770 [ 288.989413][T28848] getname+0x15/0x20 [ 288.993311][T28848] do_sys_openat2+0x5b/0x250 [ 288.996396][T28853] FAULT_INJECTION: forcing a failure. [ 288.996396][T28853] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 288.997919][T28848] __x64_sys_openat+0xef/0x110 [ 288.997945][T28848] do_syscall_64+0x4a/0x90 [ 289.020074][T28848] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 289.025988][T28848] RIP: 0033:0x4196c4 [ 289.029867][T28848] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 289.049545][T28848] RSP: 002b:00007f0b5e2cfed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 289.057992][T28848] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 289.066032][T28848] RDX: 0000000000000002 RSI: 00007f0b5e2d0000 RDI: 00000000ffffff9c [ 289.073993][T28848] RBP: 00007f0b5e2d0000 R08: 0000000000000000 R09: ffffffffffffffff 20:05:03 executing program 4 (fault-call:0 fault-nth:19): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:03 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 289.082111][T28848] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 289.090343][T28848] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 289.098298][T28853] CPU: 1 PID: 28853 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 289.107112][T28853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.117177][T28853] Call Trace: [ 289.120447][T28853] dump_stack+0x137/0x19d [ 289.124842][T28853] should_fail+0x23c/0x250 20:05:03 executing program 3 (fault-call:0 fault-nth:19): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 289.129270][T28853] should_fail_usercopy+0x16/0x20 [ 289.134315][T28853] _copy_from_user+0x1c/0xd0 [ 289.138922][T28853] iovec_from_user+0xc4/0x2d0 [ 289.140219][T28861] FAULT_INJECTION: forcing a failure. [ 289.140219][T28861] name failslab, interval 1, probability 0, space 0, times 0 [ 289.143600][T28853] ? should_fail+0xd6/0x250 [ 289.143623][T28853] __import_iovec+0x49/0x270 [ 289.165875][T28853] ? __copy_msghdr_from_user+0x232/0x350 [ 289.171509][T28853] import_iovec+0x69/0x80 [ 289.175918][T28853] __sys_sendmsg+0x1ab/0x270 [ 289.180515][T28853] ? do_filp_open+0x17a/0x1f0 [ 289.185175][T28853] ? fsnotify_perm+0x59/0x2e0 [ 289.189892][T28853] ? __fsnotify_parent+0x32f/0x430 [ 289.194990][T28853] ? get_pid_task+0x8b/0xc0 [ 289.199474][T28853] ? vfs_write+0x50c/0x770 [ 289.203878][T28853] ? __fget_light+0x21b/0x260 [ 289.208609][T28853] ? __cond_resched+0x11/0x40 [ 289.213269][T28853] ? fput+0x2d/0x130 [ 289.217213][T28853] ? ksys_write+0x157/0x180 [ 289.221693][T28853] __x64_sys_sendmsg+0x42/0x50 [ 289.226436][T28853] do_syscall_64+0x4a/0x90 [ 289.230835][T28853] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 289.236722][T28853] RIP: 0033:0x4665d9 [ 289.240787][T28853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 289.260444][T28853] RSP: 002b:00007ff909a96188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 289.268997][T28853] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 289.276955][T28853] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000005 [ 289.285095][T28853] RBP: 00007ff909a961d0 R08: 0000000000000000 R09: 0000000000000000 [ 289.293310][T28853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 289.301327][T28853] R13: 00007ffda26158af R14: 00007ff909a96300 R15: 0000000000022000 [ 289.309315][T28861] CPU: 0 PID: 28861 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 289.318149][T28861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.321802][T28858] FAULT_INJECTION: forcing a failure. [ 289.321802][T28858] name failslab, interval 1, probability 0, space 0, times 0 [ 289.328286][T28861] Call Trace: [ 289.344145][T28861] dump_stack+0x137/0x19d [ 289.348465][T28861] should_fail+0x23c/0x250 [ 289.352866][T28861] ? __alloc_file+0x2e/0x1a0 [ 289.357444][T28861] __should_failslab+0x81/0x90 [ 289.362255][T28861] should_failslab+0x5/0x20 [ 289.366741][T28861] kmem_cache_alloc+0x46/0x2f0 [ 289.371488][T28861] __alloc_file+0x2e/0x1a0 [ 289.375897][T28861] alloc_empty_file+0xcd/0x1c0 [ 289.380641][T28861] path_openat+0x6a/0x20b0 [ 289.385202][T28861] ? iov_iter_advance+0x291/0xe10 [ 289.390386][T28861] ? shmem_write_end+0x37d/0x3d0 [ 289.395338][T28861] ? balance_dirty_pages_ratelimited+0xb1/0x280 [ 289.401564][T28861] ? generic_perform_write+0x332/0x3a0 [ 289.407004][T28861] do_filp_open+0xd9/0x1f0 [ 289.411402][T28861] ? __virt_addr_valid+0x15a/0x1a0 [ 289.416508][T28861] ? __check_object_size+0x253/0x310 [ 289.421774][T28861] ? _find_next_bit+0x16a/0x190 [ 289.426605][T28861] ? alloc_fd+0x388/0x3e0 [ 289.430919][T28861] do_sys_openat2+0xa3/0x250 [ 289.435784][T28861] __x64_sys_openat+0xef/0x110 [ 289.440715][T28861] do_syscall_64+0x4a/0x90 [ 289.445163][T28861] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 289.451146][T28861] RIP: 0033:0x4196c4 [ 289.455018][T28861] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 289.474820][T28861] RSP: 002b:00007f0b5e2cfed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 289.483217][T28861] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 289.491257][T28861] RDX: 0000000000000002 RSI: 00007f0b5e2d0000 RDI: 00000000ffffff9c [ 289.499225][T28861] RBP: 00007f0b5e2d0000 R08: 0000000000000000 R09: ffffffffffffffff [ 289.507195][T28861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 289.515671][T28861] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 289.525174][T28858] CPU: 1 PID: 28858 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 289.534979][T28858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.546652][T28858] Call Trace: [ 289.550537][T28858] dump_stack+0x137/0x19d [ 289.556094][T28858] should_fail+0x23c/0x250 [ 289.561508][T28858] ? __alloc_file+0x2e/0x1a0 [ 289.566775][T28858] __should_failslab+0x81/0x90 [ 289.571720][T28858] should_failslab+0x5/0x20 [ 289.577310][T28858] kmem_cache_alloc+0x46/0x2f0 [ 289.583172][T28858] __alloc_file+0x2e/0x1a0 [ 289.588924][T28858] alloc_empty_file+0xcd/0x1c0 [ 289.594879][T28858] path_openat+0x6a/0x20b0 [ 289.601889][T28858] ? iov_iter_advance+0x291/0xe10 [ 289.608793][T28858] ? shmem_write_end+0x37d/0x3d0 [ 289.615048][T28858] ? balance_dirty_pages_ratelimited+0xb1/0x280 [ 289.622458][T28858] ? generic_perform_write+0x332/0x3a0 [ 289.629136][T28858] do_filp_open+0xd9/0x1f0 [ 289.634744][T28858] ? __virt_addr_valid+0x15a/0x1a0 [ 289.642458][T28858] ? __check_object_size+0x253/0x310 [ 289.651537][T28858] ? _find_next_bit+0x16a/0x190 [ 289.659923][T28858] ? alloc_fd+0x388/0x3e0 [ 289.666240][T28858] do_sys_openat2+0xa3/0x250 [ 289.675706][T28858] __x64_sys_openat+0xef/0x110 [ 289.682732][T28858] do_syscall_64+0x4a/0x90 [ 289.691596][T28858] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 289.700601][T28858] RIP: 0033:0x4196c4 [ 289.707532][T28858] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 289.741029][T28858] RSP: 002b:00007fed145d2ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 289.757024][T28858] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 289.767759][T28858] RDX: 0000000000000002 RSI: 00007fed145d3000 RDI: 00000000ffffff9c 20:05:03 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffd, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYRESDEC=r0]) 20:05:03 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:03 executing program 3 (fault-call:0 fault-nth:20): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:03 executing program 4 (fault-call:0 fault-nth:20): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 289.779534][T28858] RBP: 00007fed145d3000 R08: 0000000000000000 R09: ffffffffffffffff [ 289.790247][T28858] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 289.802068][T28858] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 289.884320][T28874] FAULT_INJECTION: forcing a failure. [ 289.884320][T28874] name failslab, interval 1, probability 0, space 0, times 0 [ 289.904375][T28874] CPU: 1 PID: 28874 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 289.906049][T28879] FAULT_INJECTION: forcing a failure. [ 289.906049][T28879] name failslab, interval 1, probability 0, space 0, times 0 [ 289.917876][T28874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.917890][T28874] Call Trace: [ 289.917898][T28874] dump_stack+0x137/0x19d [ 289.917924][T28874] should_fail+0x23c/0x250 [ 289.917940][T28874] ? security_file_alloc+0x30/0x190 [ 289.917957][T28874] __should_failslab+0x81/0x90 [ 289.917986][T28874] should_failslab+0x5/0x20 [ 289.918008][T28874] kmem_cache_alloc+0x46/0x2f0 [ 289.982768][T28874] security_file_alloc+0x30/0x190 [ 289.989195][T28874] __alloc_file+0x83/0x1a0 [ 289.995805][T28874] alloc_empty_file+0xcd/0x1c0 [ 290.002435][T28874] path_openat+0x6a/0x20b0 [ 290.008459][T28874] ? iov_iter_advance+0x291/0xe10 [ 290.014013][T28874] ? shmem_write_end+0x37d/0x3d0 [ 290.019032][T28874] ? balance_dirty_pages_ratelimited+0xb1/0x280 [ 290.025300][T28874] ? generic_perform_write+0x332/0x3a0 [ 290.030746][T28874] do_filp_open+0xd9/0x1f0 [ 290.035148][T28874] ? __virt_addr_valid+0x15a/0x1a0 [ 290.040245][T28874] ? __check_object_size+0x253/0x310 [ 290.046557][T28874] ? _find_next_bit+0x16a/0x190 [ 290.051428][T28874] ? alloc_fd+0x388/0x3e0 [ 290.055742][T28874] do_sys_openat2+0xa3/0x250 [ 290.060651][T28874] __x64_sys_openat+0xef/0x110 [ 290.065400][T28874] do_syscall_64+0x4a/0x90 [ 290.069802][T28874] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 290.075749][T28874] RIP: 0033:0x4196c4 [ 290.079628][T28874] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 290.099372][T28874] RSP: 002b:00007f0b5e2cfed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 290.107873][T28874] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 290.115923][T28874] RDX: 0000000000000002 RSI: 00007f0b5e2d0000 RDI: 00000000ffffff9c [ 290.124052][T28874] RBP: 00007f0b5e2d0000 R08: 0000000000000000 R09: ffffffffffffffff [ 290.132005][T28874] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 290.139958][T28874] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 290.147915][T28879] CPU: 0 PID: 28879 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 290.156679][T28879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.166737][T28879] Call Trace: [ 290.170129][T28879] dump_stack+0x137/0x19d [ 290.174468][T28879] should_fail+0x23c/0x250 [ 290.178883][T28879] ? security_file_alloc+0x30/0x190 20:05:04 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) syz_open_pts(r0, 0x80540) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000000)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$PIO_FONTX(r2, 0x4b6c, &(0x7f0000000540)={0x2, 0x5, &(0x7f0000000140)="e88c08a8e5ea41f2c35e6f1a901f3c254817a43a42c612a8139b9f643f7caf17f8bd1a74c7d1e2cc9985a8e8e313e0a9c9bc9bc2a062cc097a56fd5325f81bde899c54c6ee57eeae4a2eedfa2b6453e947b70999da2c5e81d306033c01ca7fd88c805ca60106ffd05b556d27182150c60702dd10da45dac514845ced1d1c7f23ea96ae446893405e8fba5c2aff4ad2276e517a223a4197c52861f803804efb620d541f7f1fcbc4374c6d80e23b39c1d577b0f2e165868b9736b049a46f562777a7343b62fe761c798656c5169a5ef96494a5a7ab675060bad1f360572af062a139b89ad9d7547e9bebcc1d7531b1215d8eed663e36f2fb5e7fa50993502fdad8b520ed5b4cbc8a7fbba7a00cc64e9aa0e9d17c982223f79d2692b98e53888caa0d805ce5dfeabbdda61f2ae18023a30c3e4e3a4cbfc3546039e677ba0c78edee6aabd3073ec161120fb90e3e3be6259276d262fbadb3c11851f11cc77177064cc2d150f71472a183357541c4ca045c8c3f23b6b1d76244a24ffd7c9642523411827a6809e7621ce25b398d8699367c4fbdb42ed346adc1d7c6593b817ca553cd89dd53c1d8993cd00790f0da8fce8b5cc6b136051b3abbdbc006dca7e079217b1aee7d547353cb37e663f606f2d9ae9e04a2dac12fcb16566773b7c1782ec9fbb69af2b4131e7af5e7afa293dca826ca05e7bb050e4d4879b4c5c9d1c22f601653a2dd4f5a1fbe996b3b564071478e7e92716126fea35768792d045eeee1d9af38f2c3c496bf0a3619151e3a7673b9e26656439f50474c2e60146a9018379ab637b0fb51be21d58e3bfc2e6a67c12ca43c3709228296de53e9cc5a5470810d0e1e7e7a48e6eea58577c00cace7ad9d4f63660c92be271bb51ed5d98141791c554959987d83ba2ede27f7e65faa22fcfece1e3c086cb36c9639588cb37fb41405ec117a1d2a345c0b05b35367e5cf8f9b8492762ded361b0fd70bcdf1a40fa617dd2358370c1a0a16302d2df5c8303f297df8fe57994d19dfbc4351142272fc9935b2e642557029a610c49eb60b4b55374d31bd2cf6abe4a356e0b323e2d70b331e2566dad1d38594e735a8050a8305d8c7458442d5e5b6f44ab4e0c69698be36b2cdd35f9c1b1ddebe3e439fbde8456e55df9e2b15f67adb297a6c482bd915f39b002f1af4cee237fa7d8a9b423a9428a39def3143b97f5534448f7f99429ae1c42a9255df0c169afa8ad821a30b21f6df9b179d6cdd8ccc18304e60357358aad0c04ceb7c7904c1d449b659a4e4855aa484a65741d71a68c59fb1f2d8971166a9a1257bcacdc67c4f4897c79aa4478ad84e0d28d0ec4daefd227bc5dfec1c516dd48a8ba08fb9508518d097f6019be63b93d5309a51bd5914adc46f47fc41c2a4e501e5bab53075194acaeb4b9fc2ba4d63862df01648efff4c451a5c5e18de"}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0, 0x0) open_tree(r2, &(0x7f0000000080)='./file0\x00', 0x800) r5 = syz_open_dev$vcsa(&(0x7f0000000100), 0x81, 0x24000) ioctl$PIO_UNIMAP(r5, 0x4b6a, &(0x7f00000000c0)={0x0, 0x0}) 20:05:04 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:04 executing program 5: clone(0x200b64065fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f0000000000)='oom_adj\x00') ppoll(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe9c) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') write$tcp_mem(r0, &(0x7f0000000040)={0x0, 0x20, 0x0, 0x20, 0x0, 0xa}, 0x48) ptrace$cont(0x7, 0xffffffffffffffff, 0x3, 0x7de) 20:05:04 executing program 3 (fault-call:0 fault-nth:21): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 290.184090][T28879] __should_failslab+0x81/0x90 [ 290.188853][T28879] should_failslab+0x5/0x20 [ 290.193352][T28879] kmem_cache_alloc+0x46/0x2f0 [ 290.198200][T28879] security_file_alloc+0x30/0x190 [ 290.203306][T28879] __alloc_file+0x83/0x1a0 [ 290.207723][T28879] alloc_empty_file+0xcd/0x1c0 [ 290.212546][T28879] path_openat+0x6a/0x20b0 [ 290.216957][T28879] ? iov_iter_advance+0x291/0xe10 [ 290.222072][T28879] ? shmem_write_end+0x37d/0x3d0 [ 290.227133][T28879] ? balance_dirty_pages_ratelimited+0xb1/0x280 20:05:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 290.233463][T28879] ? generic_perform_write+0x332/0x3a0 [ 290.238963][T28879] do_filp_open+0xd9/0x1f0 [ 290.243387][T28879] ? __virt_addr_valid+0x15a/0x1a0 [ 290.248539][T28879] ? __check_object_size+0x253/0x310 [ 290.255739][T28879] ? _find_next_bit+0x16a/0x190 [ 290.260616][T28879] ? alloc_fd+0x388/0x3e0 [ 290.264950][T28879] do_sys_openat2+0xa3/0x250 [ 290.269554][T28879] __x64_sys_openat+0xef/0x110 [ 290.274315][T28879] do_syscall_64+0x4a/0x90 [ 290.278770][T28879] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 290.284721][T28879] RIP: 0033:0x4196c4 [ 290.288666][T28879] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 290.308378][T28879] RSP: 002b:00007fed145d2ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 290.316778][T28879] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 290.324732][T28879] RDX: 0000000000000002 RSI: 00007fed145d3000 RDI: 00000000ffffff9c 20:05:04 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x2, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 290.332699][T28879] RBP: 00007fed145d3000 R08: 0000000000000000 R09: ffffffffffffffff [ 290.340665][T28879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 290.348629][T28879] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 290.370990][T28896] FAULT_INJECTION: forcing a failure. [ 290.370990][T28896] name failslab, interval 1, probability 0, space 0, times 0 [ 290.383817][T28896] CPU: 1 PID: 28896 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 290.392577][T28896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.404159][T28896] Call Trace: [ 290.407434][T28896] dump_stack+0x137/0x19d [ 290.411837][T28896] should_fail+0x23c/0x250 [ 290.416244][T28896] ? loop_set_status_from_info+0x3a0/0x3a0 [ 290.422035][T28896] __should_failslab+0x81/0x90 [ 290.426789][T28896] ? __kthread_create_on_node+0x7a/0x290 [ 290.432589][T28896] should_failslab+0x5/0x20 [ 290.440202][T28896] kmem_cache_alloc_trace+0x49/0x310 [ 290.446867][T28896] ? loop_set_status_from_info+0x3a0/0x3a0 [ 290.454253][T28896] __kthread_create_on_node+0x7a/0x290 [ 290.462436][T28896] ? __cond_resched+0x11/0x40 [ 290.467789][T28896] ? __blkdev_get+0x8c/0x6c0 [ 290.473199][T28896] ? loop_set_status_from_info+0x3a0/0x3a0 [ 290.479656][T28896] kthread_create_on_node+0x72/0xa0 [ 290.486097][T28896] loop_configure+0x597/0xcb0 [ 290.491859][T28896] ? mntput+0x45/0x70 [ 290.496741][T28896] lo_ioctl+0x555/0x11f0 [ 290.502188][T28896] ? path_openat+0x19ab/0x20b0 [ 290.509017][T28896] ? putname+0xa5/0xc0 [ 290.514179][T28896] ? ___cache_free+0x3c/0x300 [ 290.520720][T28896] ? blkdev_common_ioctl+0x9c3/0x1040 [ 290.528113][T28896] ? selinux_file_ioctl+0x8e0/0x970 [ 290.533895][T28896] ? lo_release+0x120/0x120 [ 290.540446][T28896] blkdev_ioctl+0x1d0/0x3c0 [ 290.548012][T28896] block_ioctl+0x6d/0x80 [ 290.552633][T28896] ? blkdev_iopoll+0x70/0x70 [ 290.559366][T28896] __se_sys_ioctl+0xcb/0x140 [ 290.564787][T28896] __x64_sys_ioctl+0x3f/0x50 [ 290.570512][T28896] do_syscall_64+0x4a/0x90 [ 290.576892][T28896] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 290.584329][T28896] RIP: 0033:0x466397 [ 290.589124][T28896] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 290.613587][T28896] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 290.622970][T28896] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 290.635122][T28896] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 290.646950][T28896] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 290.663018][T28896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 20:05:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x3, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:04 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 290.677309][T28896] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:04 executing program 3 (fault-call:0 fault-nth:22): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:04 executing program 4 (fault-call:0 fault-nth:21): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:04 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 290.799810][T28919] FAULT_INJECTION: forcing a failure. [ 290.799810][T28919] name failslab, interval 1, probability 0, space 0, times 0 [ 290.816327][T28922] FAULT_INJECTION: forcing a failure. [ 290.816327][T28922] name failslab, interval 1, probability 0, space 0, times 0 [ 290.821357][T28919] CPU: 0 PID: 28919 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 290.856620][T28919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.869562][T28919] Call Trace: [ 290.873300][T28919] dump_stack+0x137/0x19d [ 290.879033][T28919] should_fail+0x23c/0x250 [ 290.883538][T28919] ? __kernfs_new_node+0x6a/0x330 [ 290.888729][T28919] __should_failslab+0x81/0x90 [ 290.893483][T28919] should_failslab+0x5/0x20 [ 290.898241][T28919] kmem_cache_alloc+0x46/0x2f0 [ 290.902997][T28919] ? kvm_sched_clock_read+0xd/0x20 [ 290.908213][T28919] __kernfs_new_node+0x6a/0x330 [ 290.913059][T28919] ? select_task_rq_fair+0x186/0xc00 [ 290.918335][T28919] ? rb_insert_color+0x2fa/0x310 [ 290.923267][T28919] kernfs_create_dir_ns+0x5e/0x140 [ 290.928409][T28919] internal_create_group+0x138/0x850 [ 290.933776][T28919] ? check_preempt_wakeup+0x1bb/0x360 [ 290.939162][T28919] sysfs_create_group+0x1b/0x20 [ 290.944011][T28919] loop_configure+0xa21/0xcb0 [ 290.948742][T28919] lo_ioctl+0x555/0x11f0 [ 290.953025][T28919] ? path_openat+0x19ab/0x20b0 [ 290.957783][T28919] ? putname+0xa5/0xc0 [ 290.961962][T28919] ? ___cache_free+0x3c/0x300 [ 290.966631][T28919] ? blkdev_common_ioctl+0x9c3/0x1040 [ 290.971986][T28919] ? selinux_file_ioctl+0x8e0/0x970 [ 290.977194][T28919] ? lo_release+0x120/0x120 [ 290.981759][T28919] blkdev_ioctl+0x1d0/0x3c0 [ 290.986280][T28919] block_ioctl+0x6d/0x80 [ 290.990573][T28919] ? blkdev_iopoll+0x70/0x70 [ 290.995192][T28919] __se_sys_ioctl+0xcb/0x140 [ 291.000184][T28919] __x64_sys_ioctl+0x3f/0x50 [ 291.004827][T28919] do_syscall_64+0x4a/0x90 [ 291.009389][T28919] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 291.015382][T28919] RIP: 0033:0x466397 [ 291.019269][T28919] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 291.039123][T28919] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 291.047518][T28919] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 291.055488][T28919] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 291.063446][T28919] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 291.071418][T28919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 291.079397][T28919] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 291.087559][T28922] CPU: 1 PID: 28922 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 291.087601][T28919] loop3: detected capacity change from 0 to 4101 [ 291.096323][T28922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.096334][T28922] Call Trace: [ 291.096340][T28922] dump_stack+0x137/0x19d [ 291.120395][T28922] should_fail+0x23c/0x250 [ 291.125101][T28922] ? loop_set_status_from_info+0x3a0/0x3a0 [ 291.130910][T28922] __should_failslab+0x81/0x90 [ 291.135738][T28922] ? __kthread_create_on_node+0x7a/0x290 [ 291.141391][T28922] should_failslab+0x5/0x20 [ 291.146015][T28922] kmem_cache_alloc_trace+0x49/0x310 20:05:05 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x4, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:05 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 291.151335][T28922] ? loop_set_status_from_info+0x3a0/0x3a0 [ 291.157235][T28922] __kthread_create_on_node+0x7a/0x290 [ 291.162837][T28922] ? __cond_resched+0x11/0x40 [ 291.167512][T28922] ? __blkdev_get+0x8c/0x6c0 [ 291.172132][T28922] ? loop_set_status_from_info+0x3a0/0x3a0 [ 291.177929][T28922] kthread_create_on_node+0x72/0xa0 [ 291.183298][T28922] loop_configure+0x597/0xcb0 [ 291.187968][T28922] ? mntput+0x45/0x70 [ 291.191937][T28922] lo_ioctl+0x555/0x11f0 [ 291.196273][T28922] ? path_openat+0x19ab/0x20b0 [ 291.201026][T28922] ? putname+0xa5/0xc0 [ 291.205083][T28922] ? ___cache_free+0x3c/0x300 [ 291.209751][T28922] ? blkdev_common_ioctl+0x9c3/0x1040 [ 291.215144][T28922] ? selinux_file_ioctl+0x8e0/0x970 [ 291.220329][T28922] ? lo_release+0x120/0x120 [ 291.224817][T28922] blkdev_ioctl+0x1d0/0x3c0 [ 291.229319][T28922] block_ioctl+0x6d/0x80 [ 291.233571][T28922] ? blkdev_iopoll+0x70/0x70 [ 291.238184][T28922] __se_sys_ioctl+0xcb/0x140 [ 291.242844][T28922] __x64_sys_ioctl+0x3f/0x50 [ 291.247465][T28922] do_syscall_64+0x4a/0x90 [ 291.251870][T28922] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 291.257747][T28922] RIP: 0033:0x466397 [ 291.261691][T28922] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 291.281347][T28922] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 291.289739][T28922] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 20:05:05 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:05 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:05 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x5, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 291.297703][T28922] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 291.305659][T28922] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 291.313622][T28922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 291.321583][T28922] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 291.338080][T28919] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:05 executing program 3 (fault-call:0 fault-nth:23): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:05 executing program 4 (fault-call:0 fault-nth:22): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 291.358769][T28919] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 291.369205][T28919] ext4_test_bit(bit=16, block=18) = 1 [ 291.374561][T28919] is_bad_inode(inode)=0 [ 291.378718][T28919] NEXT_ORPHAN(inode)=29447707 [ 291.383379][T28919] max_ino=32 [ 291.386581][T28919] i_nlink=144 [ 291.390432][T28919] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:05 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x6, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:05 executing program 0: set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:05 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:05 executing program 0: set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 291.457075][T28953] FAULT_INJECTION: forcing a failure. [ 291.457075][T28953] name failslab, interval 1, probability 0, space 0, times 0 [ 291.469919][T28953] CPU: 0 PID: 28953 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 291.478689][T28953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.488776][T28953] Call Trace: [ 291.492382][T28953] dump_stack+0x137/0x19d [ 291.497988][T28953] should_fail+0x23c/0x250 20:05:05 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x7, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:05 executing program 0: set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:05 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x9, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 291.504739][T28953] ? __kernfs_new_node+0x6a/0x330 [ 291.511356][T28953] __should_failslab+0x81/0x90 [ 291.518660][T28953] should_failslab+0x5/0x20 [ 291.523693][T28953] kmem_cache_alloc+0x46/0x2f0 [ 291.529280][T28953] ? kvm_sched_clock_read+0xd/0x20 [ 291.536552][T28953] __kernfs_new_node+0x6a/0x330 [ 291.542136][T28953] ? select_task_rq_fair+0x186/0xc00 [ 291.548858][T28953] ? rb_insert_color+0x7e/0x310 [ 291.555235][T28953] kernfs_create_dir_ns+0x5e/0x140 [ 291.563318][T28953] internal_create_group+0x138/0x850 [ 291.571211][T28953] ? check_preempt_wakeup+0x1bb/0x360 [ 291.578725][T28953] sysfs_create_group+0x1b/0x20 [ 291.585199][T28953] loop_configure+0xa21/0xcb0 [ 291.591814][T28953] lo_ioctl+0x555/0x11f0 [ 291.600581][T28953] ? path_openat+0x19ab/0x20b0 20:05:05 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:05 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x22, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:05 executing program 5: r0 = syz_io_uring_setup(0x6fdd, &(0x7f0000002700)={0x0, 0x0, 0x0, 0xfffffffc}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000001440)=0x0, &(0x7f00000027c0)=0x0) r3 = eventfd2(0x0, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0, 0x0) r5 = open(&(0x7f0000000040)='./file0\x00', 0x10000, 0x1) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000001500)=@IORING_OP_FSYNC={0x3, 0x5, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x248d) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x0) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r9, &(0x7f0000000500), 0x37d, 0x0, 0x0) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r10, &(0x7f0000000500), 0x37d, 0x0, 0x0) r11 = dup2(r3, 0xffffffffffffffff) io_submit(0x0, 0x7, &(0x7f00000014c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x8, r4, &(0x7f0000000000)="29260655078fe16704cc7cb6e3928ba53b147646367741b7a7566c21a6f3d9", 0x1f, 0x2, 0x0, 0x2, r5}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x3239, r3, &(0x7f0000000140)="d82079b7720b56efbe39c682fb388c27ea91ce3e675840861d238061310e559700e743be9a9a53b4f30ee96b6ce79128356b66e14b02cb0ed712b18e736ba7ec28ac3e85ce19996228267bb82169320d19f0c99f84fe76f8713e8ef0a85f8142dd7e287ef8a61a1db5cd0769229a95eecec41179ab27e763ac32f3dfb457c3ef099a6c2bc2e4aaf8d00850c6c52434b2d423da22de3c3ecaf41fa0670cfd1815379dbbabcc9c670e3675374178", 0xad, 0x7f, 0x0, 0x3, r3}, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x8, 0xe1f, r3, &(0x7f0000000200)="532566e722be7f05e81eefcae1e950cbd4a7a3cd82730ca4f9cd793fdf6923cfaeba5067c85c4397bd43a4bb284e498d0ffb615047d318e62fd9440e6a6fbb0c663c85ef5938eb5ba318f013b51618ea7bd73acbea14292db1bd7fa05d9f03a65c6c0a8bec70d046be47557aee63a8dfca9d564541b2f50faa404a5ee140d1689e1662e804e4702382d5bbda6b774353c75e52f1ca12c059109d8cab3ccbd718f29d2db4f9f46cd5cdb3e49f09a3b623be3ea21a514fda2371dde1542b32decc74e69465273ffc23243ab66823d28be3a2c91f96c189dd2a6df0057cc45b3991b919c8509c56ccccd4f443ecd1adcfb00b08f1976d00d43b44e6635aafc77b029a5f9a59cfc410926dd29eb3d0f0d1dde61caea3a2cd1dd02f42703ce69ebaabcfac38d4a1644bbc268f0d9969066f79d63d9cb76c95d8fa7b50ce49f63cc48fc4873c19f89d3f3a8c23b270bf76261f95455d48f05e19149cfac9d89acd10608b73dc325c1ca4a7f93c9f4817275f1f2b39f4be203326dd0b746842a9afa6fe1648a62cc4ef8b158861b255b5d1fe0b2e20119a752bcf02f1c13d131bf19466d4288f60476213a79dcf3827fef0bee6015e0915462229d73baffee76a177ac8d44cb20ec23d778762f6abfaed8d5a04482d07fe983459ededc3beb4de1c43c97293717e1804665b52ebe8ac97e2100698233b63e68a2491dd4ea06bd4355a01a3ebbd495b5d0a6fa770a94704a79884526125be8d8299346d8fb0dbf19ae4f07d4e29abbcb804ba8cdb0e0da4f5d530e21125b95121c11b697ed31b13c6a54de347accd7c589d6ad733c2c2bbdcb34bfe86f8b83d77e8e9136c34d105d75d7945fc2d7f066f6401338bc4abc2eb99e4072f405ea568c19d75737b7fb13bf70eda7ba1bd1a64cae420af309190f33db6f97899edffddd5baefcc701dc570de6548b3106ad36087721ae2d4f32a34db103d0ef47a757090c4641d6f95c602971a520be9f5861769e81f9029ed4a13f745662b92f3c1b84c22c8ac558d3abff5f81aaa150ce20957dbc2a89e2a2b216f0b27c4843c90d85e77f9df9725776efb03a3c6d83557525ff244c2eda90e8a58194046050e9936807b4c88c4d47ae3740d6ae7c74dfd8aa6bd6e24f7d4ad7c7e87b99de4eb3599e272ab9257d368dd868f49aa62c2101eed950fad6ba5c8e276b056d5df1ace5193e2503a8e728a37de4eab98e0c87c4e0a55bbb11f04c1d6b54496f39fcf4c24409443a4c8ab4a7d9668903f03e1c3f125e82d820ce58521b5cd4c76330d52f35e4534eff826ce5482013e3691928b3f1762dea13d3094eb9073aba5fb00c9ed75246ce4ba6fc03a9467831a41509719188900046687bd2621c25347ca0a28acf4745d88d3d29df1120d8d0c5756e34ccdd5847a020a5f39ca24192b458b38b10b499c00bcba1bc0884433b625cb9fa380fb46310696163654fd61acdc1f58802a9ba142aa58c189532d66f254c84c11bde372f883b261d5e7bc3a72e55f81577793812dd8d6f0f145f01a2b1bfdef9cf5345e943eefb579e41fb2850d484c34afcbe3af183fda23e31a9b131f3a77d8c03a53fa82921a22bb31afd0576d4b158277e56c8d119fa6c63292c09e5c8751dfcc6f52b16da020ad787ab6f95402840c8f67019d20ab2b6e9814f844b065f05d3679f6b1b40382a0818837eece0973282ace12734207f264d56fd824026f2deea8af31907c5a591e9b97c379e7b958b78dfd7c8317c3b434fc3ef504e46ef39015238d1a63c5daa70c8627f95733b806bca2f498c77b3d9f13d8299618ecbf24262b71f3e6eef7d0c65228319a3c2f68e518b6c7cd98ad51a7094ba26236c1694a2cca30f46bb8ceb958f8e616809933858fc785be7157cd0267507ec869d9323a3c1f5704f85ffc6db59f67acd64d13ee13f6bab65db17d88e68bbb659aac27f48dd15827ca333d2460a121b870f8530cc317cefc758e2f2519761d54f7f1d3f09cdc403a8d1d2e80cf77abd4f56ac38b5ec7251a4b27aff723dc780973f01a1b3cd2a6660222dbc46df4121301f8d3ae7007693bebe2d04b1a68ff6b1c13c9e4dbee173519bd36fac80fa87126afc2324d78dcdafaf1c1afdb9aa43cd9df41e5100a61083978828073720257d8cd38c5041cb4e8b848dce64217ba85974a1be45edf252db20bb14ab8d32a5f0561e4910ae6e1b320835f54e09479c8b454b969e97e3e85f3ba70a5efd356cb0f2b35c6d2ff9dcde67ec55cc6b04fc9624e6eb80091d2e5f73c7be72eacdbb67a7423cf3af8da73c580a33024da6b075056485a201a8cd0ecb2aede35c2aa13e6c547c837372919b01e61a316b56a6dc92edbc60446ca30d15d4b6998fed69fac6f85541d75b3302cd30e49abeb749a70ea9e221f9db6db942f47627c3124c53e23bbfecb5512818ae63c77d78c2e8aebc23326a9f399845ea713801b71d64a819e8bae5069ffb6dcdfefc8ba676b30c2057c3184fee57cfaa76a3c65d4efa7c1e66ea8e6ae2a0d34a8119679b72267483603b1bcb5d0b76a58ca641d31e6c3f8c075eaf7d2222d1f17e12123dcd69a8df40a94c29a633c0c3f1ef617597c33206be2b6e66c96013928b6ae9af4b8c5bf9f405854ec6363a78e8a4c84c0088282690a11ad99594d23974f5311c4c5c7769e9b4e412ddfc86b9546f6595575a836b93b6110e7e7257e3d5ab82ad824e1d44f0f7393672c94d17fd8ba9cfdcbea06fdb46a8d8a043b889f5fb2b916c63f79dfa9c2747579ab902941c3e912984ae884d9b218d953148c11b72ded3896bf71651749cf237cddb5c70b9d19f9459f823fcef63e77f00f128dcd2df639c6ce3c548f288b91a38dd40a60bf40663b619a8690dbf8aa1930a4a99e8e18dedd6297db02ab7b8d142d2f106d7f8b8cca245f1be574b925f1bc993aa4e4cd1c9d03d7c2a451d80e073bea5512a931cb4efc4a5027570c9f755d2dceeefa91bc9655126150f2c14775d07abca929209c4b9192f865447408d51bab8374cd643e459fcd9e4e69f0d2c60b59d4e207273b24cb295a2fa63522e0004bcbe9278bd21d29fdf02224e04e6cdadfeee2498b81a3330d0916e2733034131397db9e6bebc62d3875b5b5fc6070fc7704878d5f95cc40b49caee3ba4ee93f2c3459659e5419e9a131def9cca4aa3fc63bf0ecf0984b7c84b92d4e81f83d2dfc166a215283670fcd5d05d33c08a8c26c5ef7652bcdd9723dc1a9ad9d3fc1d061e2540babb401ac4c39a8b078ae85ad60eb0c1bbf3ca41b8653d9cd008e0f9f146b87450cb916b6e692428e6752a94f63adbac056a3671ea26370f5bad8c4e41bd91ecd119cfb1002c681ac56f21c7004970a54ce8164573b810a36a0eb55a9788b5322e1430394c795aa21fa45bf3f7475e891fe4a023e604288453b13ffe6233af505e4fed5b2c033eef241985eed3f6ac2018107053e94dfa708917750a603969c7c3d444663d34d626acfd694dca19de35f5e736d48974386624e55ad9393c6589951245c43df4febef119a1754d4732ab3bb13fc50a2dd93efe0b3ca287d20f41ac5157a20cc932dc1b6ae8d0facd4d0061f1e6d6e0c82c8935e41443162cb10b17cf20c5251e7841e2317eb52f9a2a63d1e43ffe93025ebc08acbc212be1818f95356fb15809d9ca8f17c6bc4661f08a13e515999f6b58981065761bcdd31dab1f91c71a473318bfc865e6599ee7b995e334dfe969793a179567023c01aa3252233ace3fc333d2c85c4b51884b9e60bdeaeac6763afad096346ec01597a185ab5ae9b4eda0004936153434ee93c35e426d132fa1f02e78bfb91b6f58cbb2e6453be175d18a0e5d268500648ca62acc0bd1889d5d85b3892d773a4f14060156a489da4133be7e5ac77341561076775ce80d476f0859d0ff52012f19a631fbe9ab685d83cfa41c401743e4d8ea916606a809c6948872ae376a0f2ebc1a0a787733bf1e54ca6e3c237c5f4ce3dbc35e9596f464833c1ee00cb3f6c0c56178653084491382ca01b0e1eb865340b894eaf0508929fd380cfaeec1ea12ea968dbd1415b24a66027f6fc88c58aaf19ce1ad596067ed38faf661cdf293b482ec67c4386441334f94acf3f441a28dc1d84ab26bee55fd7c7694f0c0b2d13d3552cf0412b1797c5624df6f23b71b5f03c650735d8b05916baf03d71f94d39182769c35a02f5c3cd42fde68393e2edad26fa24c68233d4226e999aaa1c7353a5afc156b5cfa1001c1d9d6e05598d1c32e366b648a768929fe2737d6f2ae78a34fb84415d7ab27eaa29b0b98c0137b871dfdacee2c01bbd8b17d1d9e8cc93eb8ef39240b3dca7c4e2cc1cd58c4d457686c7623d8be6d2af5f2ee3e96a24861aa161d0828d82ab94a38c1211daf0dcd984602b8ab106c3588e88cf7eaefeff6c2f5d89aa42caca1d0cbfa014fc6fa2cc2e3e553dacd8607a92146da9bf90e706cee07b992b8612f88b25e096ea3a0240269a28682280a587121e2a6fbb00cee6eaefdc9cc31f123c5bed4807ecb5fca97f98bb4cf9e26a68f15e59027f7341c817ad1996e1e6d2cccaba2d22c96d80ac9eb216e55cb93642c163d99188fde952116d409d4ae9b5dfb81ea1d7c730e0296c2a69a761937e4d687fcd4a7868a0791e8c5e7f10fe5504e079e27811d17e2ad81d38b925834ce479ca2b97458793edaefd9a0833357e321ba4b7b6ac501c993359563f0071f5319aba27556763c0e968c62778a8d38476c39a15c895e1599c7ca9c846500d57218429292107fa02ce74e880e925678c9c9488ca937f223c4cfbd974e914c266336693e9838a9d618e8dcee5ddb1e8ca46c639f82fe18584b5448a1565f39bcd5b2b4d14e06129a70e963e207c706711ddb4b33a388e746503f1743d8ba1ccb1b10fdbbcf7f40a562b53e8738d8d550711c91855558b45fdf0e2e5c8ee2de865a65c79204a01f2a9c8da652e596ca1cc6b3c0c3319d5a225c6709519665c2f498da7226eaee2f444b37e991aaad2792b43b0b676bf86e91e91b584939358c1576cbfd1b754715f0a975142e092bc1b47192776b0af2a28754014a821618a660aa0a1b53f62d21fa4c249f5b00b0ea272124e38292caff480f3cdce7d701f10662459371885f37d6b8d9800ea26c1038c024a35e3b5233eb373ad4eb662aa402518b36662b260120eca408d1928c6bc8748ff836876d0cf13e855ef0c70c383972974a922635367a02616140da3e89e2f70e73e5eeed13d022c6fc1c9d18234bfa0668331e8378de095617b1e80566ceabe70afefb96697d68569a9251f65edcf992536c114e5724cccd05e7ff37540e1f1cb3c100a850333d06302cd51d91128df8a667cee19a48810b54c32dc866e6ca47aef2a5b63df9ec44c3ae5148d3de11ca10ab9f533c7b2353ecf1a757a2a8e2226edf381c1f20ba94968283d4cf35e097c010839ac147a86ae55466b4a4045c3bf438c0692b24910ecb39c119f8cefda921c83a1954f6e9f7f2b4e8e6e7515479e3baf2a5671a744abd0ba10a90de705cc76cc293db62c61704756e998287240bc6a1c0e037cac422496cc1a99bced220327d8d0da91b97cae7c67b44348fa5bc48a72b844ad031ccfdf5b5eb13fbfb49a115f65e8d30b7614efabee390fd054293017b10b73dadb6fd5643242bc9f515159327a56c82564544f86d6072f3396d31e65a39a6a289056e6c3738e439b0d3ee01d71332d12c90e847f3eb9ebeedd93c49f0a637fa77a84f3d8d4a9381f7b8037e71e65ba0bf2acbfc77269944e", 0x1000, 0x9, 0x0, 0x3, r6}, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x1, 0x3, r3, &(0x7f0000001240)="deb95ab55fda5ad1c85954f5b595c030746a455c12b437c84e040000001a3b4f5ae8cc5112b1181f4df8b1470000000000007d710000000000952ee1c7c7", 0x3e, 0x9, 0x0, 0x1, r7}, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x7, 0x0, r8, &(0x7f00000012c0)="08bbfe635d68df13cb25b84c45518953e5b51b26f158f62ad3cb34a58ae51b27219218dea523ec9def3b3b99d20e68be1f32b33d887763dedcfac644539614b4f36b14e1e55071a27d8c564f97d4999914c789df7ad4cfb72b2693f53d9aec3907aa0763067157149c1a385ac2161a90a15c6eb92b", 0x75, 0x4, 0x0, 0x1, r3}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, 0x6, r9, &(0x7f0000001380)="9fe94f37668b1c11fb17c38621068c4127b51e4908ada339bdfd21d35e90fad53ced2a642d3dde5d79c18f3e8f78464165c0cbf0b996eabdad154e02c66e124cdc9e1e644c92395b90e2cfc1d53f37261827a99d50d2", 0x56, 0xdd1, 0x0, 0x2, r10}, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0xffff, r11, &(0x7f0000001440), 0x0, 0xbd, 0x0, 0x3}]) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000100)=[r3], 0x1) [ 291.607333][T28953] ? putname+0xa5/0xc0 [ 291.613676][T28953] ? ___cache_free+0x3c/0x300 [ 291.619709][T28953] ? blkdev_common_ioctl+0x9c3/0x1040 [ 291.630794][T28953] ? selinux_file_ioctl+0x8e0/0x970 [ 291.640015][T28953] ? lo_release+0x120/0x120 [ 291.648566][T28953] blkdev_ioctl+0x1d0/0x3c0 [ 291.659408][T28953] block_ioctl+0x6d/0x80 [ 291.666218][T28953] ? blkdev_iopoll+0x70/0x70 [ 291.675460][T28953] __se_sys_ioctl+0xcb/0x140 [ 291.683036][T28953] __x64_sys_ioctl+0x3f/0x50 [ 291.691902][T28953] do_syscall_64+0x4a/0x90 [ 291.698129][T28953] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 291.705905][T28953] RIP: 0033:0x466397 [ 291.713780][T28953] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 291.749972][T28953] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 291.765279][T28953] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 291.781442][T28953] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 291.798766][T28953] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 291.813349][T28953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 291.827501][T28953] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 291.840098][T28953] loop4: detected capacity change from 0 to 4101 [ 291.855735][T28982] FAULT_INJECTION: forcing a failure. [ 291.855735][T28982] name failslab, interval 1, probability 0, space 0, times 0 [ 291.875280][T28982] CPU: 1 PID: 28982 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 291.886635][T28982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.900327][T28982] Call Trace: [ 291.903962][T28982] dump_stack+0x137/0x19d [ 291.907076][T28953] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 291.908320][T28982] should_fail+0x23c/0x250 [ 291.922153][T28982] ? radix_tree_node_alloc+0x154/0x1f0 [ 291.927686][T28982] __should_failslab+0x81/0x90 [ 291.932711][T28982] should_failslab+0x5/0x20 [ 291.937299][T28982] kmem_cache_alloc+0x46/0x2f0 [ 291.942110][T28982] ? kvm_sched_clock_read+0xd/0x20 [ 291.947199][T28982] ? sched_clock_cpu+0x11/0x180 [ 291.952090][T28982] radix_tree_node_alloc+0x154/0x1f0 [ 291.957372][T28982] idr_get_free+0x22a/0x5d0 [ 291.961900][T28982] idr_alloc_cyclic+0xe3/0x2d0 [ 291.966668][T28982] ? __radix_tree_preload+0x16f/0x190 [ 291.972187][T28982] __kernfs_new_node+0xb4/0x330 [ 291.977259][T28982] ? select_task_rq_fair+0x186/0xc00 [ 291.982616][T28982] ? rb_insert_color+0x2fa/0x310 [ 291.987632][T28982] kernfs_create_dir_ns+0x5e/0x140 [ 291.992816][T28982] internal_create_group+0x138/0x850 [ 291.998101][T28982] ? check_preempt_wakeup+0x1bb/0x360 [ 292.003491][T28982] sysfs_create_group+0x1b/0x20 [ 292.008407][T28982] loop_configure+0xa21/0xcb0 [ 292.013060][T28982] lo_ioctl+0x555/0x11f0 [ 292.017300][T28982] ? path_openat+0x19ab/0x20b0 [ 292.022054][T28982] ? putname+0xa5/0xc0 [ 292.026099][T28982] ? ___cache_free+0x3c/0x300 [ 292.030758][T28982] ? blkdev_common_ioctl+0x9c3/0x1040 [ 292.036161][T28982] ? selinux_file_ioctl+0x8e0/0x970 [ 292.041341][T28982] ? lo_release+0x120/0x120 [ 292.045818][T28982] blkdev_ioctl+0x1d0/0x3c0 [ 292.050335][T28982] block_ioctl+0x6d/0x80 [ 292.054602][T28982] ? blkdev_iopoll+0x70/0x70 [ 292.059186][T28982] __se_sys_ioctl+0xcb/0x140 [ 292.063766][T28982] __x64_sys_ioctl+0x3f/0x50 [ 292.068593][T28982] do_syscall_64+0x4a/0x90 [ 292.073004][T28982] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 292.078906][T28982] RIP: 0033:0x466397 [ 292.082964][T28982] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 292.103917][T28982] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 292.112484][T28982] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 292.120487][T28982] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 292.128433][T28982] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 292.136379][T28982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 292.144330][T28982] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 292.153676][T28953] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 292.160963][T28982] loop3: detected capacity change from 0 to 4101 [ 292.164077][T28953] ext4_test_bit(bit=16, block=18) = 1 [ 292.175787][T28953] is_bad_inode(inode)=0 [ 292.179931][T28953] NEXT_ORPHAN(inode)=29447707 [ 292.184596][T28953] max_ino=32 [ 292.187915][T28953] i_nlink=144 [ 292.189603][T28982] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 292.191341][T28953] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:06 executing program 3 (fault-call:0 fault-nth:24): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:06 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:06 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) read(0xffffffffffffffff, &(0x7f0000000340)=""/254, 0xfe) sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/exe\x00', 0x220800, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)="f0bc5d52aee3", 0x6, 0x24004044, &(0x7f00000000c0)={0xa, 0x4e23, 0x4, @local, 0x3}, 0x1c) recvfrom$inet6(0xffffffffffffffff, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000622c, 0x0) 20:05:06 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x300, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:06 executing program 4 (fault-call:0 fault-nth:23): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 292.202034][T28982] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 292.221465][T28982] ext4_test_bit(bit=16, block=18) = 1 [ 292.226870][T28982] is_bad_inode(inode)=0 [ 292.231016][T28982] NEXT_ORPHAN(inode)=29447707 [ 292.235711][T28982] max_ino=32 [ 292.238926][T28982] i_nlink=144 [ 292.242521][T28982] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:06 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:06 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x480, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:06 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x0, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 292.304391][T29017] FAULT_INJECTION: forcing a failure. [ 292.304391][T29017] name failslab, interval 1, probability 0, space 0, times 0 [ 292.317036][T29017] CPU: 1 PID: 29017 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 292.325792][T29017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.335959][T29017] Call Trace: [ 292.339236][T29017] dump_stack+0x137/0x19d [ 292.343574][T29017] should_fail+0x23c/0x250 [ 292.348042][T29017] ? __kernfs_new_node+0x6a/0x330 [ 292.353172][T29017] __should_failslab+0x81/0x90 [ 292.358146][T29017] should_failslab+0x5/0x20 [ 292.362703][T29017] kmem_cache_alloc+0x46/0x2f0 [ 292.367492][T29017] ? __cond_resched+0x11/0x40 [ 292.372303][T29017] __kernfs_new_node+0x6a/0x330 [ 292.377164][T29017] ? idr_alloc_cyclic+0x249/0x2d0 [ 292.382208][T29017] ? rb_insert_color+0x7e/0x310 [ 292.387154][T29017] kernfs_new_node+0x5b/0xd0 [ 292.391818][T29017] __kernfs_create_file+0x45/0x1a0 [ 292.396968][T29017] sysfs_add_file_mode_ns+0x1c1/0x250 [ 292.402486][T29017] internal_create_group+0x2e4/0x850 [ 292.407936][T29017] sysfs_create_group+0x1b/0x20 [ 292.412848][T29017] loop_configure+0xa21/0xcb0 [ 292.417529][T29017] lo_ioctl+0x555/0x11f0 [ 292.421794][T29017] ? path_openat+0x19ab/0x20b0 [ 292.426578][T29017] ? putname+0xa5/0xc0 [ 292.430638][T29017] ? ___cache_free+0x3c/0x300 [ 292.435310][T29017] ? blkdev_common_ioctl+0x9c3/0x1040 [ 292.440668][T29017] ? selinux_file_ioctl+0x8e0/0x970 [ 292.445893][T29017] ? lo_release+0x120/0x120 [ 292.450401][T29017] blkdev_ioctl+0x1d0/0x3c0 [ 292.454978][T29017] block_ioctl+0x6d/0x80 [ 292.459227][T29017] ? blkdev_iopoll+0x70/0x70 [ 292.463874][T29017] __se_sys_ioctl+0xcb/0x140 [ 292.468464][T29017] __x64_sys_ioctl+0x3f/0x50 [ 292.473060][T29017] do_syscall_64+0x4a/0x90 [ 292.477476][T29017] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 292.483415][T29017] RIP: 0033:0x466397 [ 292.487292][T29017] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 292.506901][T29017] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 292.515331][T29017] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 292.523336][T29017] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 292.531429][T29017] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 292.540074][T29017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 292.548107][T29017] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 292.564550][T29017] loop4: detected capacity change from 0 to 4101 [ 292.573945][T29013] FAULT_INJECTION: forcing a failure. [ 292.573945][T29013] name failslab, interval 1, probability 0, space 0, times 0 [ 292.587277][T29013] CPU: 0 PID: 29013 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 20:05:06 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 292.596040][T29013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.607104][T29013] Call Trace: [ 292.610821][T29013] dump_stack+0x137/0x19d [ 292.615162][T29013] should_fail+0x23c/0x250 [ 292.619676][T29013] ? __kernfs_new_node+0x6a/0x330 [ 292.625227][T29013] __should_failslab+0x81/0x90 [ 292.630187][T29013] should_failslab+0x5/0x20 [ 292.635104][T29013] kmem_cache_alloc+0x46/0x2f0 [ 292.640179][T29013] __kernfs_new_node+0x6a/0x330 [ 292.645387][T29013] ? __cond_resched+0x11/0x40 [ 292.650072][T29013] ? mutex_lock+0x9/0x30 20:05:06 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x500, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 292.654359][T29013] kernfs_new_node+0x5b/0xd0 [ 292.659136][T29013] __kernfs_create_file+0x45/0x1a0 [ 292.664588][T29013] sysfs_add_file_mode_ns+0x1c1/0x250 [ 292.670322][T29013] internal_create_group+0x2e4/0x850 [ 292.675810][T29013] sysfs_create_group+0x1b/0x20 [ 292.681154][T29013] loop_configure+0xa21/0xcb0 [ 292.685820][T29013] lo_ioctl+0x555/0x11f0 [ 292.690319][T29013] ? path_openat+0x19ab/0x20b0 [ 292.695397][T29013] ? putname+0xa5/0xc0 [ 292.699773][T29013] ? ___cache_free+0x3c/0x300 [ 292.704711][T29013] ? blkdev_common_ioctl+0x9c3/0x1040 [ 292.710355][T29013] ? selinux_file_ioctl+0x8e0/0x970 [ 292.716262][T29013] ? lo_release+0x120/0x120 [ 292.721156][T29013] blkdev_ioctl+0x1d0/0x3c0 [ 292.725830][T29013] block_ioctl+0x6d/0x80 [ 292.730411][T29013] ? blkdev_iopoll+0x70/0x70 [ 292.735030][T29013] __se_sys_ioctl+0xcb/0x140 [ 292.740224][T29013] __x64_sys_ioctl+0x3f/0x50 [ 292.744993][T29013] do_syscall_64+0x4a/0x90 [ 292.749525][T29013] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 292.755786][T29013] RIP: 0033:0x466397 [ 292.759714][T29013] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 292.779497][T29013] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 292.787894][T29013] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 292.795929][T29013] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 292.804943][T29013] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 292.813243][T29013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 292.821200][T29013] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 292.829621][T29013] loop3: detected capacity change from 0 to 4101 [ 292.864857][T29017] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 292.874301][T29013] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 292.897134][T29017] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 292.905039][T29013] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 292.907560][T29017] ext4_test_bit(bit=16, block=18) = 1 [ 292.917979][T29013] ext4_test_bit(bit=16, block=18) = 1 [ 292.923516][T29017] is_bad_inode(inode)=0 [ 292.929005][T29013] is_bad_inode(inode)=0 [ 292.933127][T29017] NEXT_ORPHAN(inode)=29447707 [ 292.937283][T29013] NEXT_ORPHAN(inode)=29447707 [ 292.937291][T29013] max_ino=32 [ 292.941935][T29017] max_ino=32 [ 292.941942][T29017] i_nlink=144 20:05:07 executing program 3 (fault-call:0 fault-nth:25): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:07 executing program 4 (fault-call:0 fault-nth:24): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 292.942052][T29017] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 292.946638][T29013] i_nlink=144 [ 292.953430][T29013] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 293.092261][T29055] FAULT_INJECTION: forcing a failure. [ 293.092261][T29055] name failslab, interval 1, probability 0, space 0, times 0 [ 293.104980][T29055] CPU: 1 PID: 29055 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 293.113766][T29055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.123908][T29055] Call Trace: [ 293.127209][T29055] dump_stack+0x137/0x19d [ 293.131597][T29055] should_fail+0x23c/0x250 [ 293.136043][T29055] ? __kernfs_new_node+0x6a/0x330 20:05:07 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000001940)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000bf000000000000bf252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="686939aa433564652c00"]) 20:05:07 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x0, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:07 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x600, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:07 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 293.141142][T29055] __should_failslab+0x81/0x90 [ 293.145905][T29055] should_failslab+0x5/0x20 [ 293.150583][T29055] kmem_cache_alloc+0x46/0x2f0 [ 293.155420][T29055] __kernfs_new_node+0x6a/0x330 [ 293.160266][T29055] ? __cond_resched+0x11/0x40 [ 293.164943][T29055] ? mutex_lock+0x9/0x30 [ 293.169208][T29055] kernfs_new_node+0x5b/0xd0 [ 293.173814][T29055] __kernfs_create_file+0x45/0x1a0 [ 293.178930][T29055] sysfs_add_file_mode_ns+0x1c1/0x250 [ 293.184289][T29055] internal_create_group+0x2e4/0x850 20:05:07 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001b00)=[{&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f00000016c0)=""/114, 0x72}, {&(0x7f0000001740)=""/253, 0xfd}, {&(0x7f0000001840)=""/153, 0x99}, {&(0x7f0000001900)=""/246, 0xf6}, {&(0x7f0000000640)=""/2, 0x2}, {&(0x7f0000001a00)}, {&(0x7f0000001a40)=""/130, 0x82}], 0x8, 0x0, 0x1) connect$netlink(0xffffffffffffffff, &(0x7f0000004e80)=@unspec, 0xc) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) r2 = gettid() tkill(r2, 0x36) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000040)={{{@in=@initdev, @in=@loopback}}, {{@in=@loopback}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f0000000140)=0xe8) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0, 0x0) clone3(&(0x7f00000004c0)={0x1000100, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000200), {0x1c}, &(0x7f0000000240)=""/91, 0x5b, &(0x7f0000000400)=""/138, &(0x7f00000002c0)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x5}, 0x58) fcntl$getown(0xffffffffffffffff, 0x9) fstat(r0, &(0x7f0000004e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$netlink(r1, &(0x7f0000000680)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbff, 0x800}, 0xc, &(0x7f0000000600)=[{&(0x7f0000000540)=ANY=[@ANYBLOB="940000001700000025bd7000fddbdf258ef978afe426fc77e6abb2a61540b26bc26f29d720d7fc82c49a60631ad79d5bbf124c631d8071350ee54c26c4e9ec8496e9c80d192ffac18c8c980acd14abfb9035b4782017c03a0dbf2cfcd29706ace0b2ff3ce69b6572cfc3f7ac9aef887640b7f90fb8d41fae08022929a6a355814a531b93ddbd201bc308006b00", @ANYRES32=r5, @ANYBLOB="db0000"], 0x94}], 0x1, &(0x7f0000000300)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r6}}}], 0x40, 0x4021}, 0x1) sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000004ec0)={&(0x7f0000000380)={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x200, 0x0, [0x4], [0x8, 0x0, 0x2, 0xfffffffc]}, 0x0, 0x7}}, 0x4c}, 0x1, 0x0, 0x0, 0x40080d0}, 0x0) [ 293.189618][T29055] sysfs_create_group+0x1b/0x20 [ 293.194542][T29055] loop_configure+0xa21/0xcb0 [ 293.199203][T29055] lo_ioctl+0x555/0x11f0 [ 293.203451][T29055] ? path_openat+0x19ab/0x20b0 [ 293.208250][T29055] ? putname+0xa5/0xc0 [ 293.212315][T29055] ? ___cache_free+0x3c/0x300 [ 293.216996][T29055] ? blkdev_common_ioctl+0x9c3/0x1040 [ 293.222397][T29055] ? selinux_file_ioctl+0x8e0/0x970 [ 293.227617][T29055] ? lo_release+0x120/0x120 [ 293.232199][T29055] blkdev_ioctl+0x1d0/0x3c0 [ 293.236718][T29055] block_ioctl+0x6d/0x80 [ 293.241152][T29055] ? blkdev_iopoll+0x70/0x70 [ 293.245769][T29055] __se_sys_ioctl+0xcb/0x140 [ 293.250356][T29055] __x64_sys_ioctl+0x3f/0x50 [ 293.254951][T29055] do_syscall_64+0x4a/0x90 [ 293.259417][T29055] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 293.265314][T29055] RIP: 0033:0x466397 [ 293.269194][T29055] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:05:07 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x700, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:07 executing program 5: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf6, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x0, 0x40, 0xf00}) [ 293.288867][T29055] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 293.297301][T29055] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 293.305277][T29055] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 293.313259][T29055] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 293.321281][T29055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 293.329244][T29055] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 293.346031][T29055] loop3: detected capacity change from 0 to 4101 [ 293.357377][T29061] FAULT_INJECTION: forcing a failure. [ 293.357377][T29061] name failslab, interval 1, probability 0, space 0, times 0 [ 293.370111][T29061] CPU: 0 PID: 29061 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 293.378879][T29061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.388924][T29061] Call Trace: [ 293.392190][T29061] dump_stack+0x137/0x19d [ 293.396595][T29061] should_fail+0x23c/0x250 [ 293.401082][T29061] ? __kernfs_new_node+0x6a/0x330 [ 293.406090][T29061] __should_failslab+0x81/0x90 [ 293.410885][T29061] should_failslab+0x5/0x20 [ 293.415373][T29061] kmem_cache_alloc+0x46/0x2f0 [ 293.420123][T29061] ? __cond_resched+0x11/0x40 [ 293.424780][T29061] __kernfs_new_node+0x6a/0x330 [ 293.429678][T29061] ? idr_alloc_cyclic+0x249/0x2d0 [ 293.434818][T29061] ? rb_insert_color+0x7e/0x310 [ 293.439750][T29061] kernfs_new_node+0x5b/0xd0 [ 293.444418][T29061] __kernfs_create_file+0x45/0x1a0 [ 293.449544][T29061] sysfs_add_file_mode_ns+0x1c1/0x250 [ 293.454906][T29061] internal_create_group+0x2e4/0x850 [ 293.460186][T29061] sysfs_create_group+0x1b/0x20 [ 293.465120][T29061] loop_configure+0xa21/0xcb0 [ 293.469795][T29061] lo_ioctl+0x555/0x11f0 [ 293.474086][T29061] ? path_openat+0x19ab/0x20b0 [ 293.478915][T29061] ? putname+0xa5/0xc0 [ 293.482978][T29061] ? ___cache_free+0x3c/0x300 [ 293.487646][T29061] ? blkdev_common_ioctl+0x9c3/0x1040 [ 293.493006][T29061] ? selinux_file_ioctl+0x8e0/0x970 [ 293.498240][T29061] ? lo_release+0x120/0x120 [ 293.502762][T29061] blkdev_ioctl+0x1d0/0x3c0 [ 293.507248][T29061] block_ioctl+0x6d/0x80 [ 293.511517][T29061] ? blkdev_iopoll+0x70/0x70 [ 293.516204][T29061] __se_sys_ioctl+0xcb/0x140 [ 293.520844][T29061] __x64_sys_ioctl+0x3f/0x50 [ 293.525429][T29061] do_syscall_64+0x4a/0x90 [ 293.529875][T29061] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 293.535787][T29061] RIP: 0033:0x466397 [ 293.539838][T29061] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 293.559443][T29061] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 293.567851][T29061] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 293.575876][T29061] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 293.583828][T29061] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff 20:05:07 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) [ 293.591781][T29061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 293.599738][T29061] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 293.614058][T29061] loop4: detected capacity change from 0 to 4101 [ 293.630327][T29061] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 293.644168][T29055] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 293.660175][T29055] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 293.675265][T29055] ext4_test_bit(bit=16, block=18) = 1 [ 293.683632][T29055] is_bad_inode(inode)=0 [ 293.684820][T29061] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 293.689542][T29055] NEXT_ORPHAN(inode)=29447707 [ 293.689550][T29055] max_ino=32 [ 293.689555][T29055] i_nlink=144 [ 293.706120][T29061] ext4_test_bit(bit=16, block=18) = 1 [ 293.727842][T29055] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:07 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x0, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:07 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETVAL(r2, 0x2, 0x10, &(0x7f0000000100)=0x5) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:07 executing program 3 (fault-call:0 fault-nth:26): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 293.731052][T29061] is_bad_inode(inode)=0 [ 293.750832][T29061] NEXT_ORPHAN(inode)=29447707 [ 293.759349][T29061] max_ino=32 [ 293.762916][T29061] i_nlink=144 [ 293.808097][T29061] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 293.836409][T29101] FAULT_INJECTION: forcing a failure. [ 293.836409][T29101] name failslab, interval 1, probability 0, space 0, times 0 [ 293.849166][T29101] CPU: 1 PID: 29101 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 20:05:07 executing program 4 (fault-call:0 fault-nth:25): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:07 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:07 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x900, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 293.858016][T29101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.868154][T29101] Call Trace: [ 293.871434][T29101] dump_stack+0x137/0x19d [ 293.875780][T29101] should_fail+0x23c/0x250 [ 293.880575][T29101] ? __kernfs_new_node+0x6a/0x330 [ 293.886393][T29101] __should_failslab+0x81/0x90 [ 293.891535][T29101] should_failslab+0x5/0x20 [ 293.896125][T29101] kmem_cache_alloc+0x46/0x2f0 [ 293.900907][T29101] __kernfs_new_node+0x6a/0x330 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x2200, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 293.905773][T29101] ? __cond_resched+0x11/0x40 [ 293.910543][T29101] ? mutex_lock+0x9/0x30 [ 293.914795][T29101] kernfs_new_node+0x5b/0xd0 [ 293.919463][T29101] __kernfs_create_file+0x45/0x1a0 [ 293.924655][T29101] sysfs_add_file_mode_ns+0x1c1/0x250 [ 293.930059][T29101] internal_create_group+0x2e4/0x850 [ 293.935467][T29101] sysfs_create_group+0x1b/0x20 [ 293.940410][T29101] loop_configure+0xa21/0xcb0 [ 293.945074][T29101] lo_ioctl+0x555/0x11f0 [ 293.949298][T29101] ? path_openat+0x19ab/0x20b0 [ 293.954089][T29101] ? sysvec_apic_timer_interrupt+0x3e/0x80 [ 293.959880][T29101] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 293.966017][T29101] ? blkdev_common_ioctl+0x9c3/0x1040 [ 293.971454][T29101] ? lo_release+0x120/0x120 [ 293.976008][T29101] blkdev_ioctl+0x1d0/0x3c0 [ 293.980513][T29101] block_ioctl+0x6d/0x80 [ 293.984736][T29101] ? blkdev_iopoll+0x70/0x70 [ 293.989321][T29101] __se_sys_ioctl+0xcb/0x140 [ 293.993897][T29101] __x64_sys_ioctl+0x3f/0x50 [ 293.998685][T29101] do_syscall_64+0x4a/0x90 [ 294.003187][T29101] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 294.009146][T29101] RIP: 0033:0x466397 [ 294.013025][T29101] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 294.032787][T29101] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.041664][T29101] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 294.049794][T29101] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 20:05:08 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 294.057767][T29101] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 294.065718][T29101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 294.073755][T29101] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 294.088425][T29101] loop3: detected capacity change from 0 to 4101 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x8004, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:08 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@private0, @in6=@dev}}, {{@in=@empty}, 0x0, @in6=@private0}}, &(0x7f0000000140)=0xe8) 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x30000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 294.113695][T29101] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 294.132121][T29101] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 294.142524][T29101] ext4_test_bit(bit=16, block=18) = 1 [ 294.147915][T29101] is_bad_inode(inode)=0 [ 294.152055][T29101] NEXT_ORPHAN(inode)=29447707 [ 294.156733][T29101] max_ino=32 [ 294.159915][T29101] i_nlink=144 20:05:08 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000140)) [ 294.179036][T29101] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:08 executing program 3 (fault-call:0 fault-nth:27): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 294.223917][T29133] FAULT_INJECTION: forcing a failure. [ 294.223917][T29133] name failslab, interval 1, probability 0, space 0, times 0 [ 294.236803][T29133] CPU: 0 PID: 29133 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 294.245562][T29133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.255629][T29133] Call Trace: [ 294.258949][T29133] dump_stack+0x137/0x19d [ 294.263523][T29133] should_fail+0x23c/0x250 [ 294.267937][T29133] ? __kernfs_new_node+0x6a/0x330 [ 294.273007][T29133] __should_failslab+0x81/0x90 [ 294.277783][T29133] should_failslab+0x5/0x20 [ 294.282406][T29133] kmem_cache_alloc+0x46/0x2f0 [ 294.287398][T29133] __kernfs_new_node+0x6a/0x330 [ 294.292302][T29133] ? __cond_resched+0x11/0x40 [ 294.296961][T29133] ? mutex_lock+0x9/0x30 [ 294.301288][T29133] kernfs_new_node+0x5b/0xd0 [ 294.305917][T29133] __kernfs_create_file+0x45/0x1a0 [ 294.311082][T29133] sysfs_add_file_mode_ns+0x1c1/0x250 [ 294.316506][T29133] internal_create_group+0x2e4/0x850 [ 294.321823][T29133] sysfs_create_group+0x1b/0x20 [ 294.326786][T29133] loop_configure+0xa21/0xcb0 [ 294.331457][T29133] lo_ioctl+0x555/0x11f0 [ 294.335689][T29133] ? path_openat+0x19ab/0x20b0 [ 294.340432][T29133] ? putname+0xa5/0xc0 [ 294.344483][T29133] ? ___cache_free+0x3c/0x300 [ 294.349155][T29133] ? blkdev_common_ioctl+0x9c3/0x1040 [ 294.354507][T29133] ? selinux_file_ioctl+0x8e0/0x970 [ 294.359969][T29133] ? lo_release+0x120/0x120 [ 294.364483][T29133] blkdev_ioctl+0x1d0/0x3c0 [ 294.369246][T29133] block_ioctl+0x6d/0x80 [ 294.373537][T29133] ? blkdev_iopoll+0x70/0x70 [ 294.378288][T29133] __se_sys_ioctl+0xcb/0x140 [ 294.382867][T29133] __x64_sys_ioctl+0x3f/0x50 [ 294.387455][T29133] do_syscall_64+0x4a/0x90 [ 294.391897][T29133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 294.398280][T29133] RIP: 0033:0x466397 [ 294.402158][T29133] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 294.421931][T29133] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.430325][T29133] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 294.438365][T29133] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 294.446329][T29133] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 294.454290][T29133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 294.462295][T29133] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 294.476961][T29133] loop4: detected capacity change from 0 to 4101 [ 294.492080][T29133] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 294.506130][T29133] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 294.516498][T29133] ext4_test_bit(bit=16, block=18) = 1 [ 294.521897][T29133] is_bad_inode(inode)=0 [ 294.527804][T29133] NEXT_ORPHAN(inode)=29447707 [ 294.532472][T29133] max_ino=32 [ 294.535693][T29133] i_nlink=144 [ 294.539105][T29133] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 294.539716][T29151] FAULT_INJECTION: forcing a failure. [ 294.539716][T29151] name failslab, interval 1, probability 0, space 0, times 0 [ 294.564441][T29151] CPU: 1 PID: 29151 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 294.573208][T29151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.583274][T29151] Call Trace: [ 294.586793][T29151] dump_stack+0x137/0x19d [ 294.591154][T29151] should_fail+0x23c/0x250 [ 294.595622][T29151] ? __kernfs_new_node+0x6a/0x330 [ 294.602141][T29151] __should_failslab+0x81/0x90 [ 294.607747][T29151] should_failslab+0x5/0x20 [ 294.613310][T29151] kmem_cache_alloc+0x46/0x2f0 [ 294.618522][T29151] __kernfs_new_node+0x6a/0x330 20:05:08 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETVAL(r2, 0x2, 0x10, &(0x7f0000000100)=0x5) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:08 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x34000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:08 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:08 executing program 4 (fault-call:0 fault-nth:26): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 294.624280][T29151] ? __cond_resched+0x11/0x40 [ 294.630096][T29151] ? mutex_lock+0x9/0x30 [ 294.635378][T29151] kernfs_new_node+0x5b/0xd0 [ 294.641965][T29151] __kernfs_create_file+0x45/0x1a0 [ 294.648962][T29151] sysfs_add_file_mode_ns+0x1c1/0x250 [ 294.655701][T29151] internal_create_group+0x2e4/0x850 [ 294.663624][T29151] sysfs_create_group+0x1b/0x20 [ 294.669306][T29151] loop_configure+0xa21/0xcb0 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x400300, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x1000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 294.674482][T29151] lo_ioctl+0x555/0x11f0 [ 294.680260][T29151] ? path_openat+0x19ab/0x20b0 [ 294.685683][T29151] ? putname+0xa5/0xc0 [ 294.690373][T29151] ? ___cache_free+0x3c/0x300 [ 294.696739][T29151] ? blkdev_common_ioctl+0x9c3/0x1040 [ 294.703428][T29151] ? selinux_file_ioctl+0x8e0/0x970 [ 294.709732][T29151] ? lo_release+0x120/0x120 [ 294.714569][T29151] blkdev_ioctl+0x1d0/0x3c0 [ 294.720048][T29151] block_ioctl+0x6d/0x80 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x2000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 294.730600][T29151] ? blkdev_iopoll+0x70/0x70 [ 294.735474][T29151] __se_sys_ioctl+0xcb/0x140 [ 294.740938][T29151] __x64_sys_ioctl+0x3f/0x50 [ 294.746044][T29151] do_syscall_64+0x4a/0x90 [ 294.750612][T29151] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 294.756604][T29151] RIP: 0033:0x466397 [ 294.760500][T29151] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x3000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x4000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 294.780180][T29151] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.788585][T29151] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 294.796628][T29151] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 294.804629][T29151] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 294.812689][T29151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 294.820680][T29151] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:08 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 294.836756][T29151] loop3: detected capacity change from 0 to 4101 [ 294.845520][T29151] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 294.858395][T29151] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 294.868768][T29151] ext4_test_bit(bit=16, block=18) = 1 [ 294.874131][T29151] is_bad_inode(inode)=0 [ 294.878287][T29151] NEXT_ORPHAN(inode)=29447707 [ 294.882946][T29151] max_ino=32 [ 294.886153][T29151] i_nlink=144 [ 294.901994][T29151] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 294.920579][T29203] FAULT_INJECTION: forcing a failure. [ 294.920579][T29203] name failslab, interval 1, probability 0, space 0, times 0 20:05:09 executing program 3 (fault-call:0 fault-nth:28): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 294.933275][T29203] CPU: 1 PID: 29203 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 294.942043][T29203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.952102][T29203] Call Trace: [ 294.955398][T29203] dump_stack+0x137/0x19d [ 294.959788][T29203] should_fail+0x23c/0x250 [ 294.964215][T29203] ? __kernfs_new_node+0x6a/0x330 [ 294.969275][T29203] __should_failslab+0x81/0x90 [ 294.974022][T29203] should_failslab+0x5/0x20 [ 294.978515][T29203] kmem_cache_alloc+0x46/0x2f0 [ 294.983376][T29203] __kernfs_new_node+0x6a/0x330 [ 294.988215][T29203] ? __cond_resched+0x11/0x40 [ 294.992884][T29203] ? mutex_lock+0x9/0x30 [ 294.997105][T29203] kernfs_new_node+0x5b/0xd0 [ 295.001874][T29203] __kernfs_create_file+0x45/0x1a0 [ 295.007005][T29203] sysfs_add_file_mode_ns+0x1c1/0x250 [ 295.012385][T29203] internal_create_group+0x2e4/0x850 [ 295.017664][T29203] sysfs_create_group+0x1b/0x20 [ 295.022615][T29203] loop_configure+0xa21/0xcb0 [ 295.027295][T29203] lo_ioctl+0x555/0x11f0 [ 295.031516][T29203] ? path_openat+0x19ab/0x20b0 [ 295.036276][T29203] ? putname+0xa5/0xc0 [ 295.040341][T29203] ? ___cache_free+0x3c/0x300 [ 295.045014][T29203] ? blkdev_common_ioctl+0x9c3/0x1040 [ 295.050380][T29203] ? selinux_file_ioctl+0x8e0/0x970 [ 295.055602][T29203] ? lo_release+0x120/0x120 [ 295.060092][T29203] blkdev_ioctl+0x1d0/0x3c0 [ 295.064764][T29203] block_ioctl+0x6d/0x80 [ 295.069034][T29203] ? blkdev_iopoll+0x70/0x70 [ 295.073719][T29203] __se_sys_ioctl+0xcb/0x140 [ 295.078372][T29203] __x64_sys_ioctl+0x3f/0x50 [ 295.082946][T29203] do_syscall_64+0x4a/0x90 [ 295.087464][T29203] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 295.093593][T29203] RIP: 0033:0x466397 [ 295.097472][T29203] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 295.117158][T29203] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.125747][T29203] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 295.133710][T29203] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 295.141657][T29203] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 295.149686][T29203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 295.157644][T29203] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 295.165979][T29203] loop4: detected capacity change from 0 to 4101 [ 295.195724][T29203] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 295.205913][T29203] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 295.216341][T29203] ext4_test_bit(bit=16, block=18) = 1 [ 295.221747][T29203] is_bad_inode(inode)=0 [ 295.226187][T29203] NEXT_ORPHAN(inode)=29447707 [ 295.230937][T29203] max_ino=32 [ 295.234129][T29203] i_nlink=144 [ 295.238266][T29203] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 295.246089][T29215] FAULT_INJECTION: forcing a failure. [ 295.246089][T29215] name failslab, interval 1, probability 0, space 0, times 0 [ 295.261610][T29215] CPU: 1 PID: 29215 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 295.270536][T29215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.280661][T29215] Call Trace: [ 295.283938][T29215] dump_stack+0x137/0x19d [ 295.288309][T29215] should_fail+0x23c/0x250 [ 295.292779][T29215] ? __kernfs_new_node+0x6a/0x330 [ 295.297838][T29215] __should_failslab+0x81/0x90 [ 295.302655][T29215] should_failslab+0x5/0x20 [ 295.307231][T29215] kmem_cache_alloc+0x46/0x2f0 [ 295.312051][T29215] __kernfs_new_node+0x6a/0x330 [ 295.316886][T29215] ? __cond_resched+0x11/0x40 [ 295.321546][T29215] ? mutex_lock+0x9/0x30 [ 295.325775][T29215] kernfs_new_node+0x5b/0xd0 [ 295.330342][T29215] __kernfs_create_file+0x45/0x1a0 [ 295.335568][T29215] sysfs_add_file_mode_ns+0x1c1/0x250 [ 295.340970][T29215] internal_create_group+0x2e4/0x850 [ 295.346257][T29215] sysfs_create_group+0x1b/0x20 [ 295.351101][T29215] loop_configure+0xa21/0xcb0 [ 295.355845][T29215] lo_ioctl+0x555/0x11f0 [ 295.360163][T29215] ? path_openat+0x19ab/0x20b0 [ 295.365067][T29215] ? putname+0xa5/0xc0 [ 295.369301][T29215] ? ___cache_free+0x3c/0x300 [ 295.373971][T29215] ? blkdev_common_ioctl+0x9c3/0x1040 [ 295.379374][T29215] ? selinux_file_ioctl+0x8e0/0x970 [ 295.384549][T29215] ? lo_release+0x120/0x120 [ 295.389029][T29215] blkdev_ioctl+0x1d0/0x3c0 [ 295.393656][T29215] block_ioctl+0x6d/0x80 [ 295.397882][T29215] ? blkdev_iopoll+0x70/0x70 [ 295.402449][T29215] __se_sys_ioctl+0xcb/0x140 [ 295.407017][T29215] __x64_sys_ioctl+0x3f/0x50 [ 295.411585][T29215] do_syscall_64+0x4a/0x90 [ 295.416043][T29215] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 295.421934][T29215] RIP: 0033:0x466397 [ 295.425977][T29215] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:05:09 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETVAL(r2, 0x2, 0x10, &(0x7f0000000100)=0x5) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:09 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:09 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x5000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETVAL(r2, 0x2, 0x10, &(0x7f0000000100)=0x5) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:09 executing program 4 (fault-call:0 fault-nth:27): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:09 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x6000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 295.445642][T29215] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.454045][T29215] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 295.462212][T29215] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 295.470191][T29215] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 295.478162][T29215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 295.486737][T29215] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 295.515019][T29215] loop3: detected capacity change from 0 to 4101 [ 295.547033][T29215] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:09 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x7000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 295.561116][T29215] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 295.571514][T29215] ext4_test_bit(bit=16, block=18) = 1 [ 295.576897][T29215] is_bad_inode(inode)=0 [ 295.581046][T29215] NEXT_ORPHAN(inode)=29447707 [ 295.585735][T29215] max_ino=32 [ 295.588923][T29215] i_nlink=144 [ 295.593556][T29215] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 295.593610][T29240] FAULT_INJECTION: forcing a failure. 20:05:09 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300), 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 295.593610][T29240] name failslab, interval 1, probability 0, space 0, times 0 [ 295.616702][T29240] CPU: 1 PID: 29240 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 295.625638][T29240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.635713][T29240] Call Trace: [ 295.638984][T29240] dump_stack+0x137/0x19d [ 295.643309][T29240] should_fail+0x23c/0x250 [ 295.647717][T29240] ? __kernfs_new_node+0x6a/0x330 [ 295.652752][T29240] __should_failslab+0x81/0x90 [ 295.657645][T29240] should_failslab+0x5/0x20 [ 295.662222][T29240] kmem_cache_alloc+0x46/0x2f0 [ 295.667273][T29240] __kernfs_new_node+0x6a/0x330 [ 295.672344][T29240] ? __cond_resched+0x11/0x40 [ 295.677279][T29240] ? mutex_lock+0x9/0x30 [ 295.681719][T29240] kernfs_new_node+0x5b/0xd0 [ 295.686329][T29240] __kernfs_create_file+0x45/0x1a0 [ 295.691465][T29240] sysfs_add_file_mode_ns+0x1c1/0x250 [ 295.696841][T29240] internal_create_group+0x2e4/0x850 [ 295.702123][T29240] sysfs_create_group+0x1b/0x20 [ 295.707017][T29240] loop_configure+0xa21/0xcb0 [ 295.711693][T29240] lo_ioctl+0x555/0x11f0 [ 295.715980][T29240] ? path_openat+0x19ab/0x20b0 [ 295.720726][T29240] ? putname+0xa5/0xc0 [ 295.724886][T29240] ? ___cache_free+0x3c/0x300 [ 295.729655][T29240] ? blkdev_common_ioctl+0x9c3/0x1040 [ 295.735285][T29240] ? selinux_file_ioctl+0x8e0/0x970 [ 295.740840][T29240] ? lo_release+0x120/0x120 [ 295.745581][T29240] blkdev_ioctl+0x1d0/0x3c0 [ 295.750595][T29240] block_ioctl+0x6d/0x80 [ 295.755869][T29240] ? blkdev_iopoll+0x70/0x70 [ 295.761004][T29240] __se_sys_ioctl+0xcb/0x140 [ 295.765976][T29240] __x64_sys_ioctl+0x3f/0x50 [ 295.771567][T29240] do_syscall_64+0x4a/0x90 [ 295.776542][T29240] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 295.783174][T29240] RIP: 0033:0x466397 [ 295.787949][T29240] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 295.812050][T29240] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.820473][T29240] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 295.828534][T29240] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 295.837484][T29240] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 295.845437][T29240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 295.853396][T29240] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:10 executing program 3 (fault-call:0 fault-nth:29): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 295.864525][T29240] loop4: detected capacity change from 0 to 4101 [ 295.890753][T29240] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 295.901088][T29240] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 295.911488][T29240] ext4_test_bit(bit=16, block=18) = 1 [ 295.916889][T29240] is_bad_inode(inode)=0 [ 295.921057][T29240] NEXT_ORPHAN(inode)=29447707 [ 295.925825][T29240] max_ino=32 [ 295.929013][T29240] i_nlink=144 20:05:10 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300), 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x9000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 295.934542][T29240] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 295.956920][T29259] loop3: detected capacity change from 0 to 4101 [ 295.963263][T29259] FAULT_INJECTION: forcing a failure. [ 295.963263][T29259] name failslab, interval 1, probability 0, space 0, times 0 [ 295.975866][T29259] CPU: 0 PID: 29259 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 295.984882][T29259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.994938][T29259] Call Trace: [ 295.998218][T29259] dump_stack+0x137/0x19d [ 296.002679][T29259] should_fail+0x23c/0x250 [ 296.007089][T29259] __should_failslab+0x81/0x90 [ 296.011858][T29259] ? kobject_uevent_env+0x1a7/0xc40 [ 296.017055][T29259] should_failslab+0x5/0x20 [ 296.021549][T29259] kmem_cache_alloc_trace+0x49/0x310 [ 296.026845][T29259] ? dev_uevent_filter+0x70/0x70 [ 296.031862][T29259] kobject_uevent_env+0x1a7/0xc40 [ 296.036894][T29259] kobject_uevent+0x18/0x20 [ 296.041401][T29259] loop_configure+0xb3c/0xcb0 [ 296.046075][T29259] lo_ioctl+0x555/0x11f0 [ 296.050302][T29259] ? path_openat+0x19ab/0x20b0 [ 296.055129][T29259] ? putname+0xa5/0xc0 [ 296.059176][T29259] ? ___cache_free+0x3c/0x300 [ 296.063838][T29259] ? blkdev_common_ioctl+0x9c3/0x1040 [ 296.069199][T29259] ? selinux_file_ioctl+0x8e0/0x970 [ 296.074510][T29259] ? lo_release+0x120/0x120 [ 296.079025][T29259] blkdev_ioctl+0x1d0/0x3c0 [ 296.083586][T29259] block_ioctl+0x6d/0x80 [ 296.088290][T29259] ? blkdev_iopoll+0x70/0x70 [ 296.092942][T29259] __se_sys_ioctl+0xcb/0x140 [ 296.097519][T29259] __x64_sys_ioctl+0x3f/0x50 [ 296.102101][T29259] do_syscall_64+0x4a/0x90 [ 296.106501][T29259] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 296.112382][T29259] RIP: 0033:0x466397 [ 296.116282][T29259] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 296.136388][T29259] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 296.144812][T29259] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 296.152766][T29259] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 296.160719][T29259] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 296.168671][T29259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 296.176622][T29259] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:10 executing program 4 (fault-call:0 fault-nth:28): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 296.199252][T29259] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 296.218782][T29259] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 296.229167][T29259] ext4_test_bit(bit=16, block=18) = 1 [ 296.234598][T29259] is_bad_inode(inode)=0 [ 296.238766][T29259] NEXT_ORPHAN(inode)=29447707 [ 296.243456][T29259] max_ino=32 [ 296.246707][T29259] i_nlink=144 [ 296.250592][T29259] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 296.291519][T29276] FAULT_INJECTION: forcing a failure. [ 296.291519][T29276] name failslab, interval 1, probability 0, space 0, times 0 [ 296.304206][T29276] CPU: 0 PID: 29276 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 296.313023][T29276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.323076][T29276] Call Trace: [ 296.326363][T29276] dump_stack+0x137/0x19d [ 296.330773][T29276] should_fail+0x23c/0x250 [ 296.335278][T29276] ? __kernfs_new_node+0x6a/0x330 20:05:10 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETVAL(r2, 0x2, 0x10, &(0x7f0000000100)=0x5) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x22000000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:10 executing program 3 (fault-call:0 fault-nth:30): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:10 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300), 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:10 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETVAL(r2, 0x2, 0x10, &(0x7f0000000100)=0x5) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 296.340324][T29276] __should_failslab+0x81/0x90 [ 296.345145][T29276] should_failslab+0x5/0x20 [ 296.349703][T29276] kmem_cache_alloc+0x46/0x2f0 [ 296.354471][T29276] __kernfs_new_node+0x6a/0x330 [ 296.359325][T29276] ? __cond_resched+0x11/0x40 [ 296.364001][T29276] ? mutex_lock+0x9/0x30 [ 296.368248][T29276] kernfs_new_node+0x5b/0xd0 [ 296.372843][T29276] __kernfs_create_file+0x45/0x1a0 [ 296.377957][T29276] sysfs_add_file_mode_ns+0x1c1/0x250 [ 296.383390][T29276] internal_create_group+0x2e4/0x850 [ 296.388721][T29276] sysfs_create_group+0x1b/0x20 [ 296.393562][T29276] loop_configure+0xa21/0xcb0 [ 296.398227][T29276] lo_ioctl+0x555/0x11f0 [ 296.402454][T29276] ? path_openat+0x19ab/0x20b0 [ 296.407211][T29276] ? putname+0xa5/0xc0 [ 296.411260][T29276] ? ___cache_free+0x3c/0x300 [ 296.415919][T29276] ? blkdev_common_ioctl+0x9c3/0x1040 [ 296.421291][T29276] ? selinux_file_ioctl+0x8e0/0x970 [ 296.426470][T29276] ? lo_release+0x120/0x120 [ 296.430956][T29276] blkdev_ioctl+0x1d0/0x3c0 [ 296.435457][T29276] block_ioctl+0x6d/0x80 [ 296.439779][T29276] ? blkdev_iopoll+0x70/0x70 [ 296.444376][T29276] __se_sys_ioctl+0xcb/0x140 [ 296.449099][T29276] __x64_sys_ioctl+0x3f/0x50 [ 296.453711][T29276] do_syscall_64+0x4a/0x90 [ 296.458253][T29276] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 296.464180][T29276] RIP: 0033:0x466397 [ 296.468123][T29276] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 296.487942][T29276] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 296.496428][T29276] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 296.504481][T29276] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 296.512658][T29276] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 296.520653][T29276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 296.528614][T29276] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x80040000, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 296.552709][T29276] loop4: detected capacity change from 0 to 4101 [ 296.554509][T29292] loop3: detected capacity change from 0 to 4101 [ 296.568042][T29276] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 296.583172][T29276] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 296.584406][T29292] FAULT_INJECTION: forcing a failure. [ 296.584406][T29292] name failslab, interval 1, probability 0, space 0, times 0 [ 296.593607][T29276] ext4_test_bit(bit=16, block=18) = 1 [ 296.606375][T29292] CPU: 0 PID: 29292 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 296.611750][T29276] is_bad_inode(inode)=0 [ 296.611757][T29276] NEXT_ORPHAN(inode)=29447707 [ 296.620501][T29292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.620512][T29292] Call Trace: [ 296.620518][T29292] dump_stack+0x137/0x19d [ 296.624671][T29276] max_ino=32 [ 296.624677][T29276] i_nlink=144 [ 296.629336][T29292] should_fail+0x23c/0x250 [ 296.629355][T29292] __should_failslab+0x81/0x90 [ 296.639944][T29276] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 296.643708][T29292] ? kobject_uevent_env+0x1a7/0xc40 [ 296.643734][T29292] should_failslab+0x5/0x20 [ 296.688788][T29292] kmem_cache_alloc_trace+0x49/0x310 [ 296.694989][T29292] ? dev_uevent_filter+0x70/0x70 20:05:10 executing program 4 (fault-call:0 fault-nth:29): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x8cffffff, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 296.701301][T29292] kobject_uevent_env+0x1a7/0xc40 [ 296.707057][T29292] kobject_uevent+0x18/0x20 [ 296.714613][T29292] loop_configure+0xb3c/0xcb0 [ 296.720275][T29292] lo_ioctl+0x555/0x11f0 [ 296.725446][T29292] ? path_openat+0x19ab/0x20b0 [ 296.731984][T29292] ? putname+0xa5/0xc0 [ 296.736985][T29292] ? ___cache_free+0x3c/0x300 [ 296.742557][T29292] ? blkdev_common_ioctl+0x9c3/0x1040 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x9effffff, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 296.749446][T29292] ? selinux_file_ioctl+0x8e0/0x970 [ 296.756166][T29292] ? lo_release+0x120/0x120 [ 296.761872][T29292] blkdev_ioctl+0x1d0/0x3c0 [ 296.767231][T29292] block_ioctl+0x6d/0x80 [ 296.773559][T29292] ? blkdev_iopoll+0x70/0x70 [ 296.779715][T29292] __se_sys_ioctl+0xcb/0x140 [ 296.786214][T29292] __x64_sys_ioctl+0x3f/0x50 [ 296.793644][T29292] do_syscall_64+0x4a/0x90 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xb74d69c4, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 296.800627][T29292] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 296.807818][T29292] RIP: 0033:0x466397 [ 296.813152][T29292] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:05:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xc4694db7, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 296.841756][T29292] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 296.854961][T29292] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 296.865549][T29292] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 296.875392][T29292] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 296.886999][T29292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 296.895412][T29292] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:11 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xeaffffff, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 296.923210][T29292] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 296.937790][T29292] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 296.948171][T29292] ext4_test_bit(bit=16, block=18) = 1 [ 296.953532][T29292] is_bad_inode(inode)=0 [ 296.957719][T29292] NEXT_ORPHAN(inode)=29447707 [ 296.962382][T29292] max_ino=32 [ 296.965734][T29292] i_nlink=144 [ 296.969309][T29292] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 296.993578][T29341] loop4: detected capacity change from 0 to 4101 [ 297.000207][T29341] FAULT_INJECTION: forcing a failure. [ 297.000207][T29341] name failslab, interval 1, probability 0, space 0, times 0 [ 297.013181][T29341] CPU: 0 PID: 29341 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 297.022000][T29341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.032103][T29341] Call Trace: [ 297.035722][T29341] dump_stack+0x137/0x19d [ 297.040141][T29341] should_fail+0x23c/0x250 [ 297.044626][T29341] __should_failslab+0x81/0x90 [ 297.049373][T29341] ? kobject_uevent_env+0x1a7/0xc40 [ 297.054583][T29341] should_failslab+0x5/0x20 [ 297.059085][T29341] kmem_cache_alloc_trace+0x49/0x310 [ 297.064498][T29341] ? dev_uevent_filter+0x70/0x70 [ 297.069421][T29341] kobject_uevent_env+0x1a7/0xc40 [ 297.074446][T29341] kobject_uevent+0x18/0x20 [ 297.078932][T29341] loop_configure+0xb3c/0xcb0 [ 297.083591][T29341] lo_ioctl+0x555/0x11f0 [ 297.087817][T29341] ? path_openat+0x19ab/0x20b0 [ 297.092562][T29341] ? putname+0xa5/0xc0 [ 297.096614][T29341] ? ___cache_free+0x3c/0x300 [ 297.101314][T29341] ? blkdev_common_ioctl+0x9c3/0x1040 [ 297.106686][T29341] ? selinux_file_ioctl+0x8e0/0x970 [ 297.111902][T29341] ? lo_release+0x120/0x120 [ 297.116390][T29341] blkdev_ioctl+0x1d0/0x3c0 [ 297.120877][T29341] block_ioctl+0x6d/0x80 [ 297.125124][T29341] ? blkdev_iopoll+0x70/0x70 [ 297.129768][T29341] __se_sys_ioctl+0xcb/0x140 [ 297.134487][T29341] __x64_sys_ioctl+0x3f/0x50 [ 297.139079][T29341] do_syscall_64+0x4a/0x90 [ 297.143521][T29341] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 297.149710][T29341] RIP: 0033:0x466397 [ 297.153606][T29341] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 297.173301][T29341] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 297.181828][T29341] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 297.189795][T29341] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 297.197753][T29341] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 297.205794][T29341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 297.213920][T29341] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 297.237015][T29341] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 297.247030][T29341] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 297.257465][T29341] ext4_test_bit(bit=16, block=18) = 1 [ 297.262832][T29341] is_bad_inode(inode)=0 [ 297.267081][T29341] NEXT_ORPHAN(inode)=29447707 [ 297.271745][T29341] max_ino=32 [ 297.274946][T29341] i_nlink=144 [ 297.278298][T29341] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:11 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:11 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xefffffff, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:11 executing program 3 (fault-call:0 fault-nth:31): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:11 executing program 1 (fault-call:4 fault-nth:0): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:11 executing program 4 (fault-call:0 fault-nth:30): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:11 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xf0ffffff, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 297.425485][T29364] loop3: detected capacity change from 0 to 4101 [ 297.432014][T29364] FAULT_INJECTION: forcing a failure. [ 297.432014][T29364] name failslab, interval 1, probability 0, space 0, times 0 [ 297.444970][T29364] CPU: 1 PID: 29364 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 297.453734][T29364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.463873][T29364] Call Trace: [ 297.467251][T29364] dump_stack+0x137/0x19d [ 297.467971][T29368] loop4: detected capacity change from 0 to 4101 [ 297.471583][T29364] should_fail+0x23c/0x250 [ 297.471605][T29364] ? kzalloc+0x1d/0x30 [ 297.471623][T29364] __should_failslab+0x81/0x90 [ 297.471643][T29364] should_failslab+0x5/0x20 [ 297.480706][T29368] FAULT_INJECTION: forcing a failure. [ 297.480706][T29368] name failslab, interval 1, probability 0, space 0, times 0 [ 297.482374][T29364] __kmalloc+0x66/0x340 [ 297.513154][T29364] kzalloc+0x1d/0x30 [ 297.517351][T29364] kobject_get_path+0x7c/0x110 [ 297.522706][T29364] kobject_uevent_env+0x1be/0xc40 [ 297.527884][T29364] kobject_uevent+0x18/0x20 [ 297.532788][T29364] loop_configure+0xb3c/0xcb0 [ 297.537975][T29364] lo_ioctl+0x555/0x11f0 [ 297.543671][T29364] ? path_openat+0x19ab/0x20b0 [ 297.548666][T29364] ? putname+0xa5/0xc0 [ 297.552916][T29364] ? ___cache_free+0x3c/0x300 [ 297.557837][T29364] ? blkdev_common_ioctl+0x9c3/0x1040 [ 297.563512][T29364] ? selinux_file_ioctl+0x8e0/0x970 [ 297.569310][T29364] ? lo_release+0x120/0x120 [ 297.574070][T29364] blkdev_ioctl+0x1d0/0x3c0 [ 297.578592][T29364] block_ioctl+0x6d/0x80 [ 297.582911][T29364] ? blkdev_iopoll+0x70/0x70 [ 297.587687][T29364] __se_sys_ioctl+0xcb/0x140 [ 297.592326][T29364] __x64_sys_ioctl+0x3f/0x50 [ 297.596911][T29364] do_syscall_64+0x4a/0x90 [ 297.601475][T29364] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 297.607736][T29364] RIP: 0033:0x466397 [ 297.611825][T29364] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 297.632335][T29364] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 297.640880][T29364] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 297.649029][T29364] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 297.657004][T29364] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 297.664963][T29364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 297.672928][T29364] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 297.680897][T29368] CPU: 0 PID: 29368 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 297.689849][T29368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.690013][T29375] FAULT_INJECTION: forcing a failure. [ 297.690013][T29375] name failslab, interval 1, probability 0, space 0, times 0 [ 297.699990][T29368] Call Trace: [ 297.700000][T29368] dump_stack+0x137/0x19d [ 297.700024][T29368] should_fail+0x23c/0x250 [ 297.700040][T29368] ? kzalloc+0x1d/0x30 [ 297.728715][T29368] __should_failslab+0x81/0x90 [ 297.733471][T29368] should_failslab+0x5/0x20 [ 297.737977][T29368] __kmalloc+0x66/0x340 [ 297.742194][T29368] kzalloc+0x1d/0x30 [ 297.746125][T29368] kobject_get_path+0x7c/0x110 [ 297.751136][T29368] kobject_uevent_env+0x1be/0xc40 [ 297.756324][T29368] kobject_uevent+0x18/0x20 [ 297.760813][T29368] loop_configure+0xb3c/0xcb0 [ 297.765519][T29368] lo_ioctl+0x555/0x11f0 [ 297.769742][T29368] ? path_openat+0x19ab/0x20b0 [ 297.774589][T29368] ? putname+0xa5/0xc0 [ 297.778641][T29368] ? ___cache_free+0x3c/0x300 [ 297.783370][T29368] ? blkdev_common_ioctl+0x9c3/0x1040 [ 297.788806][T29368] ? selinux_file_ioctl+0x8e0/0x970 [ 297.794043][T29368] ? lo_release+0x120/0x120 [ 297.798629][T29368] blkdev_ioctl+0x1d0/0x3c0 [ 297.803126][T29368] block_ioctl+0x6d/0x80 [ 297.807350][T29368] ? blkdev_iopoll+0x70/0x70 [ 297.812008][T29368] __se_sys_ioctl+0xcb/0x140 [ 297.816635][T29368] __x64_sys_ioctl+0x3f/0x50 [ 297.821207][T29368] do_syscall_64+0x4a/0x90 [ 297.825608][T29368] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 297.831490][T29368] RIP: 0033:0x466397 [ 297.835365][T29368] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 297.854977][T29368] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 297.863375][T29368] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 297.871355][T29368] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 297.879319][T29368] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 297.887373][T29368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 297.895337][T29368] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 297.903398][T29375] CPU: 1 PID: 29375 Comm: syz-executor.1 Not tainted 5.13.0-rc1-syzkaller #0 [ 297.912194][T29375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.922383][T29375] Call Trace: [ 297.925669][T29375] dump_stack+0x137/0x19d [ 297.929988][T29375] should_fail+0x23c/0x250 [ 297.934396][T29375] ? getname_flags+0x84/0x3d0 [ 297.939057][T29375] __should_failslab+0x81/0x90 [ 297.943807][T29375] should_failslab+0x5/0x20 [ 297.948294][T29375] kmem_cache_alloc+0x46/0x2f0 [ 297.953039][T29375] getname_flags+0x84/0x3d0 [ 297.957597][T29375] getname+0x15/0x20 [ 297.961522][T29375] do_sys_openat2+0x5b/0x250 [ 297.966105][T29375] ? __cond_resched+0x11/0x40 [ 297.970777][T29375] __x64_sys_openat+0xef/0x110 [ 297.975698][T29375] do_syscall_64+0x4a/0x90 [ 297.980205][T29375] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 297.986224][T29375] RIP: 0033:0x4665d9 [ 297.990104][T29375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 298.009836][T29375] RSP: 002b:00007efcd524b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 298.018232][T29375] RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 00000000004665d9 20:05:12 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:12 executing program 1 (fault-call:4 fault-nth:1): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 298.026227][T29375] RDX: 0000000000007a05 RSI: 0000000020000380 RDI: ffffffffffffff9c [ 298.034189][T29375] RBP: 00007efcd524b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 298.042183][T29375] R10: 0000000000001700 R11: 0000000000000246 R12: 0000000000000001 [ 298.050195][T29375] R13: 00007ffdbe59acff R14: 00007efcd524b300 R15: 0000000000022000 [ 298.093058][T29368] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 298.103705][T29364] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 298.113376][T29368] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 298.122964][T29364] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 298.124061][T29368] ext4_test_bit(bit=16, block=18) = 1 20:05:12 executing program 4 (fault-call:0 fault-nth:31): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:12 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xffffff7f, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 298.134363][T29364] ext4_test_bit(bit=16, block=18) = 1 [ 298.134375][T29364] is_bad_inode(inode)=0 [ 298.139731][T29368] is_bad_inode(inode)=0 [ 298.139738][T29368] NEXT_ORPHAN(inode)=29447707 [ 298.139743][T29368] max_ino=32 [ 298.139747][T29368] i_nlink=144 [ 298.139878][T29368] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 298.145157][T29364] NEXT_ORPHAN(inode)=29447707 [ 298.179799][T29364] max_ino=32 [ 298.182987][T29364] i_nlink=144 [ 298.201150][T29364] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 298.201426][T29387] FAULT_INJECTION: forcing a failure. [ 298.201426][T29387] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 298.224783][T29387] CPU: 0 PID: 29387 Comm: syz-executor.1 Not tainted 5.13.0-rc1-syzkaller #0 [ 298.233686][T29387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.243851][T29387] Call Trace: [ 298.247121][T29387] dump_stack+0x137/0x19d [ 298.251444][T29387] should_fail+0x23c/0x250 [ 298.255897][T29387] should_fail_usercopy+0x16/0x20 [ 298.260905][T29387] strncpy_from_user+0x21/0x250 [ 298.265814][T29387] getname_flags+0xb8/0x3d0 [ 298.270298][T29387] getname+0x15/0x20 [ 298.274171][T29387] do_sys_openat2+0x5b/0x250 [ 298.278746][T29387] ? __cond_resched+0x11/0x40 [ 298.283506][T29387] __x64_sys_openat+0xef/0x110 [ 298.288272][T29387] do_syscall_64+0x4a/0x90 [ 298.292757][T29387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 298.298670][T29387] RIP: 0033:0x4665d9 [ 298.302564][T29387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 298.322159][T29387] RSP: 002b:00007efcd526c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 298.330588][T29387] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 298.338636][T29387] RDX: 0000000000007a05 RSI: 0000000020000380 RDI: ffffffffffffff9c 20:05:12 executing program 3 (fault-call:0 fault-nth:32): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 298.346598][T29387] RBP: 00007efcd526c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 298.354598][T29387] R10: 0000000000001700 R11: 0000000000000246 R12: 0000000000000001 [ 298.362643][T29387] R13: 00007ffdbe59acff R14: 00007efcd526c300 R15: 0000000000022000 [ 298.406185][T29400] loop4: detected capacity change from 0 to 4101 [ 298.412592][T29400] FAULT_INJECTION: forcing a failure. [ 298.412592][T29400] name failslab, interval 1, probability 0, space 0, times 0 [ 298.425337][T29400] CPU: 1 PID: 29400 Comm: syz-executor.4 Not tainted 5.13.0-rc1-syzkaller #0 [ 298.434103][T29400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.444163][T29400] Call Trace: [ 298.447448][T29400] dump_stack+0x137/0x19d [ 298.451778][T29400] should_fail+0x23c/0x250 20:05:12 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r2, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:12 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xffffff8c, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:12 executing program 1 (fault-call:4 fault-nth:2): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:12 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 298.456323][T29400] ? kzalloc+0x1d/0x30 [ 298.460501][T29400] __should_failslab+0x81/0x90 [ 298.465254][T29400] should_failslab+0x5/0x20 [ 298.469744][T29400] __kmalloc+0x66/0x340 [ 298.473885][T29400] kzalloc+0x1d/0x30 [ 298.477765][T29400] kobject_get_path+0x7c/0x110 [ 298.482523][T29400] kobject_uevent_env+0x1be/0xc40 [ 298.487563][T29400] kobject_uevent+0x18/0x20 [ 298.492222][T29400] loop_configure+0xb3c/0xcb0 [ 298.496964][T29400] lo_ioctl+0x555/0x11f0 [ 298.501211][T29400] ? path_openat+0x19ab/0x20b0 [ 298.505972][T29400] ? putname+0xa5/0xc0 [ 298.510037][T29400] ? ___cache_free+0x3c/0x300 [ 298.514736][T29400] ? blkdev_common_ioctl+0x9c3/0x1040 [ 298.520110][T29400] ? selinux_file_ioctl+0x8e0/0x970 [ 298.525302][T29400] ? lo_release+0x120/0x120 [ 298.529910][T29400] blkdev_ioctl+0x1d0/0x3c0 [ 298.534936][T29400] block_ioctl+0x6d/0x80 [ 298.539196][T29400] ? blkdev_iopoll+0x70/0x70 [ 298.543865][T29400] __se_sys_ioctl+0xcb/0x140 [ 298.548459][T29400] __x64_sys_ioctl+0x3f/0x50 [ 298.553234][T29400] do_syscall_64+0x4a/0x90 [ 298.557734][T29400] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 298.563715][T29400] RIP: 0033:0x466397 [ 298.567603][T29400] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 298.587317][T29400] RSP: 002b:00007fed145d2f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 298.595860][T29400] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 298.608359][T29400] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 298.616583][T29400] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 298.624541][T29400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 298.632656][T29400] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:12 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xffffff9e, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 298.657853][T29408] loop3: detected capacity change from 0 to 4101 [ 298.673603][T29408] FAULT_INJECTION: forcing a failure. [ 298.673603][T29408] name failslab, interval 1, probability 0, space 0, times 0 [ 298.678442][T29413] FAULT_INJECTION: forcing a failure. [ 298.678442][T29413] name failslab, interval 1, probability 0, space 0, times 0 [ 298.690107][T29408] CPU: 0 PID: 29408 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 298.718679][T29408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.732313][T29408] Call Trace: [ 298.736753][T29408] dump_stack+0x137/0x19d [ 298.742397][T29408] should_fail+0x23c/0x250 [ 298.748664][T29408] __should_failslab+0x81/0x90 [ 298.756268][T29408] should_failslab+0x5/0x20 [ 298.762306][T29408] kmem_cache_alloc_node+0x58/0x2b0 [ 298.768132][T29408] ? __alloc_skb+0xed/0x420 [ 298.773739][T29408] __alloc_skb+0xed/0x420 [ 298.780061][T29408] alloc_uevent_skb+0x5b/0x120 [ 298.785601][T29408] kobject_uevent_env+0x863/0xc40 [ 298.791563][T29408] kobject_uevent+0x18/0x20 [ 298.796424][T29408] loop_configure+0xb3c/0xcb0 [ 298.802634][T29408] lo_ioctl+0x555/0x11f0 [ 298.808424][T29408] ? path_openat+0x19ab/0x20b0 [ 298.814484][T29408] ? putname+0xa5/0xc0 [ 298.820703][T29408] ? ___cache_free+0x3c/0x300 [ 298.826696][T29408] ? blkdev_common_ioctl+0x9c3/0x1040 [ 298.833645][T29408] ? selinux_file_ioctl+0x8e0/0x970 [ 298.840978][T29408] ? lo_release+0x120/0x120 [ 298.847117][T29408] blkdev_ioctl+0x1d0/0x3c0 [ 298.852602][T29408] block_ioctl+0x6d/0x80 [ 298.857902][T29408] ? blkdev_iopoll+0x70/0x70 [ 298.863591][T29408] __se_sys_ioctl+0xcb/0x140 [ 298.869947][T29408] __x64_sys_ioctl+0x3f/0x50 [ 298.876101][T29408] do_syscall_64+0x4a/0x90 [ 298.883002][T29408] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 298.890639][T29408] RIP: 0033:0x466397 [ 298.894792][T29408] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 298.914788][T29408] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 298.923357][T29408] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 298.931491][T29408] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 298.939445][T29408] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 298.947405][T29408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 20:05:13 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xffffffea, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 298.955377][T29408] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 298.963342][T29413] CPU: 1 PID: 29413 Comm: syz-executor.1 Not tainted 5.13.0-rc1-syzkaller #0 [ 298.972111][T29413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.982163][T29413] Call Trace: [ 298.985456][T29413] dump_stack+0x137/0x19d [ 298.989781][T29413] should_fail+0x23c/0x250 [ 298.994182][T29413] ? __alloc_file+0x2e/0x1a0 [ 298.998822][T29413] __should_failslab+0x81/0x90 [ 299.003616][T29413] should_failslab+0x5/0x20 [ 299.008227][T29413] kmem_cache_alloc+0x46/0x2f0 [ 299.012981][T29413] __alloc_file+0x2e/0x1a0 [ 299.017380][T29413] alloc_empty_file+0xcd/0x1c0 [ 299.022261][T29413] path_openat+0x6a/0x20b0 [ 299.026681][T29413] ? try_charge+0x36/0x9c0 [ 299.031535][T29413] ? cgroup_rstat_updated+0x60/0x1c0 [ 299.036827][T29413] ? __mod_memcg_lruvec_state+0xaa/0x190 [ 299.042463][T29413] ? kstrtoull+0x30e/0x350 [ 299.046866][T29413] do_filp_open+0xd9/0x1f0 [ 299.051271][T29413] ? __virt_addr_valid+0x15a/0x1a0 [ 299.056366][T29413] ? __check_object_size+0x253/0x310 [ 299.061636][T29413] ? _find_next_bit+0x16a/0x190 [ 299.066517][T29413] ? alloc_fd+0x388/0x3e0 [ 299.070876][T29413] do_sys_openat2+0xa3/0x250 [ 299.075568][T29413] ? __cond_resched+0x11/0x40 [ 299.080236][T29413] __x64_sys_openat+0xef/0x110 [ 299.085027][T29413] do_syscall_64+0x4a/0x90 [ 299.089441][T29413] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 299.095326][T29413] RIP: 0033:0x4665d9 [ 299.099255][T29413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 299.118854][T29413] RSP: 002b:00007efcd526c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 299.127255][T29413] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 299.135248][T29413] RDX: 0000000000007a05 RSI: 0000000020000380 RDI: ffffffffffffff9c [ 299.143215][T29413] RBP: 00007efcd526c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 299.151177][T29413] R10: 0000000000001700 R11: 0000000000000246 R12: 0000000000000001 20:05:13 executing program 1 (fault-call:4 fault-nth:3): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 299.159128][T29413] R13: 00007ffdbe59acff R14: 00007efcd526c300 R15: 0000000000022000 [ 299.182512][T29408] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 299.193146][T29408] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 299.203621][T29408] ext4_test_bit(bit=16, block=18) = 1 20:05:13 executing program 3 (fault-call:0 fault-nth:33): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 299.210083][T29408] is_bad_inode(inode)=0 [ 299.214232][T29408] NEXT_ORPHAN(inode)=29447707 [ 299.219033][T29408] max_ino=32 [ 299.222235][T29408] i_nlink=144 [ 299.225767][T29408] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 299.257166][T29400] EXT4-fs: failed to create workqueue [ 299.262712][T29400] EXT4-fs (loop4): mount failed [ 299.293855][T29440] FAULT_INJECTION: forcing a failure. [ 299.293855][T29440] name failslab, interval 1, probability 0, space 0, times 0 [ 299.306501][T29440] CPU: 0 PID: 29440 Comm: syz-executor.1 Not tainted 5.13.0-rc1-syzkaller #0 [ 299.315261][T29440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.325427][T29440] Call Trace: [ 299.328843][T29440] dump_stack+0x137/0x19d [ 299.333228][T29440] should_fail+0x23c/0x250 [ 299.337650][T29440] ? security_file_alloc+0x30/0x190 [ 299.338774][T29447] loop3: detected capacity change from 0 to 4101 [ 299.342845][T29440] __should_failslab+0x81/0x90 [ 299.342885][T29440] should_failslab+0x5/0x20 [ 299.342910][T29440] kmem_cache_alloc+0x46/0x2f0 [ 299.349342][T29447] FAULT_INJECTION: forcing a failure. [ 299.349342][T29447] name failslab, interval 1, probability 0, space 0, times 0 [ 299.353961][T29440] security_file_alloc+0x30/0x190 [ 299.381016][T29440] __alloc_file+0x83/0x1a0 [ 299.385469][T29440] alloc_empty_file+0xcd/0x1c0 [ 299.390226][T29440] path_openat+0x6a/0x20b0 [ 299.394647][T29440] ? try_charge+0x36/0x9c0 [ 299.399128][T29440] ? cgroup_rstat_updated+0x60/0x1c0 [ 299.404398][T29440] ? __mod_memcg_lruvec_state+0xaa/0x190 [ 299.410084][T29440] ? kstrtoull+0x30e/0x350 [ 299.414505][T29440] do_filp_open+0xd9/0x1f0 [ 299.418910][T29440] ? __virt_addr_valid+0x15a/0x1a0 [ 299.424004][T29440] ? __check_object_size+0x253/0x310 [ 299.429326][T29440] ? _find_next_bit+0x16a/0x190 [ 299.434187][T29440] ? alloc_fd+0x388/0x3e0 [ 299.438506][T29440] do_sys_openat2+0xa3/0x250 [ 299.443104][T29440] ? __cond_resched+0x11/0x40 [ 299.447760][T29440] __x64_sys_openat+0xef/0x110 [ 299.452510][T29440] do_syscall_64+0x4a/0x90 [ 299.456984][T29440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 299.463013][T29440] RIP: 0033:0x4665d9 [ 299.466886][T29440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 299.486473][T29440] RSP: 002b:00007efcd526c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 299.494874][T29440] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 20:05:13 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:13 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xffffffef, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:13 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r2, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 299.502823][T29440] RDX: 0000000000007a05 RSI: 0000000020000380 RDI: ffffffffffffff9c [ 299.510777][T29440] RBP: 00007efcd526c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 299.518760][T29440] R10: 0000000000001700 R11: 0000000000000246 R12: 0000000000000001 [ 299.526743][T29440] R13: 00007ffdbe59acff R14: 00007efcd526c300 R15: 0000000000022000 [ 299.534722][T29447] CPU: 1 PID: 29447 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 299.544189][T29447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.554392][T29447] Call Trace: 20:05:13 executing program 1 (fault-call:4 fault-nth:4): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 299.557764][T29447] dump_stack+0x137/0x19d [ 299.562275][T29447] should_fail+0x23c/0x250 [ 299.566696][T29447] __should_failslab+0x81/0x90 [ 299.571582][T29447] should_failslab+0x5/0x20 [ 299.576262][T29447] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 299.584079][T29447] ? __kmalloc_node_track_caller+0x30/0x40 [ 299.591524][T29447] ? kmem_cache_alloc_node+0x1da/0x2b0 [ 299.598447][T29447] __kmalloc_node_track_caller+0x30/0x40 20:05:13 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0xfffffff0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 299.604834][T29447] ? alloc_uevent_skb+0x5b/0x120 [ 299.611673][T29447] __alloc_skb+0x187/0x420 [ 299.617005][T29447] alloc_uevent_skb+0x5b/0x120 [ 299.622138][T29447] kobject_uevent_env+0x863/0xc40 [ 299.628826][T29447] kobject_uevent+0x18/0x20 [ 299.635233][T29447] loop_configure+0xb3c/0xcb0 [ 299.642610][T29447] lo_ioctl+0x555/0x11f0 [ 299.649459][T29447] ? path_openat+0x19ab/0x20b0 20:05:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x23, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 299.656981][T29447] ? putname+0xa5/0xc0 [ 299.664245][T29447] ? ___cache_free+0x3c/0x300 [ 299.671362][T29447] ? blkdev_common_ioctl+0x9c3/0x1040 [ 299.679607][T29447] ? selinux_file_ioctl+0x8e0/0x970 [ 299.686472][T29447] ? lo_release+0x120/0x120 [ 299.693531][T29447] blkdev_ioctl+0x1d0/0x3c0 [ 299.700081][T29447] block_ioctl+0x6d/0x80 [ 299.707685][T29447] ? blkdev_iopoll+0x70/0x70 [ 299.716166][T29447] __se_sys_ioctl+0xcb/0x140 [ 299.723538][T29447] __x64_sys_ioctl+0x3f/0x50 [ 299.729359][T29447] do_syscall_64+0x4a/0x90 [ 299.737447][T29447] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 299.746183][T29447] RIP: 0033:0x466397 [ 299.750165][T29447] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 299.774208][T29447] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 299.783329][T29447] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 299.791609][T29447] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 299.799759][T29447] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 299.808350][T29447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 299.816305][T29447] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 299.858037][T29447] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 299.869977][T29478] loop4: detected capacity change from 0 to 4101 [ 299.880510][T29447] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 299.887019][T29480] FAULT_INJECTION: forcing a failure. [ 299.887019][T29480] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 299.891010][T29447] ext4_test_bit(bit=16, block=18) = 1 [ 299.904013][T29480] CPU: 1 PID: 29480 Comm: syz-executor.1 Not tainted 5.13.0-rc1-syzkaller #0 [ 299.909458][T29447] is_bad_inode(inode)=0 [ 299.918184][T29480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.918197][T29480] Call Trace: [ 299.918204][T29480] dump_stack+0x137/0x19d [ 299.922348][T29447] NEXT_ORPHAN(inode)=29447707 [ 299.922356][T29447] max_ino=32 [ 299.932388][T29480] should_fail+0x23c/0x250 [ 299.932409][T29480] should_fail_usercopy+0x16/0x20 [ 299.935689][T29447] i_nlink=144 [ 299.939979][T29480] _copy_to_user+0x1c/0x90 [ 299.944847][T29447] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 299.947825][T29480] simple_read_from_buffer+0xab/0x120 [ 299.980944][T29480] proc_fail_nth_read+0xf6/0x140 [ 299.985901][T29480] ? rw_verify_area+0x136/0x250 [ 299.990738][T29480] ? proc_fault_inject_write+0x200/0x200 [ 299.996371][T29480] vfs_read+0x154/0x5d0 [ 300.000587][T29480] ? __fget_light+0x21b/0x260 [ 300.005248][T29480] ? __cond_resched+0x11/0x40 [ 300.009906][T29480] ksys_read+0xce/0x180 [ 300.014040][T29480] __x64_sys_read+0x3e/0x50 [ 300.018526][T29480] do_syscall_64+0x4a/0x90 [ 300.022967][T29480] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 300.028852][T29480] RIP: 0033:0x41935c [ 300.032750][T29480] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 20:05:14 executing program 3 (fault-call:0 fault-nth:34): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:14 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 300.052697][T29480] RSP: 002b:00007efcd526c170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 300.061098][T29480] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000041935c [ 300.069124][T29480] RDX: 000000000000000f RSI: 00007efcd526c1e0 RDI: 0000000000000005 [ 300.077082][T29480] RBP: 00007efcd526c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 300.085123][T29480] R10: 0000000000001700 R11: 0000000000000246 R12: 0000000000000001 [ 300.093081][T29480] R13: 00007ffdbe59acff R14: 00007efcd526c300 R15: 0000000000022000 [ 300.115650][T29478] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 300.130822][T29478] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 300.141318][T29478] ext4_test_bit(bit=16, block=18) = 1 [ 300.146793][T29478] is_bad_inode(inode)=0 [ 300.150960][T29478] NEXT_ORPHAN(inode)=29447707 [ 300.155641][T29478] max_ino=32 [ 300.158827][T29478] i_nlink=144 20:05:14 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:14 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0xf, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:14 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 300.173604][T29478] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 300.219282][T29497] loop3: detected capacity change from 0 to 4101 [ 300.225748][T29497] FAULT_INJECTION: forcing a failure. [ 300.225748][T29497] name failslab, interval 1, probability 0, space 0, times 0 [ 300.238398][T29497] CPU: 1 PID: 29497 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 300.247269][T29497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.257310][T29497] Call Trace: [ 300.260575][T29497] dump_stack+0x137/0x19d [ 300.264898][T29497] should_fail+0x23c/0x250 [ 300.269320][T29497] ? skb_clone+0x12c/0x1f0 [ 300.273802][T29497] __should_failslab+0x81/0x90 [ 300.278557][T29497] should_failslab+0x5/0x20 [ 300.283199][T29497] kmem_cache_alloc+0x46/0x2f0 [ 300.287987][T29497] skb_clone+0x12c/0x1f0 [ 300.292245][T29497] netlink_broadcast_filtered+0x50d/0xb90 [ 300.298119][T29497] ? skb_put+0xb9/0xf0 [ 300.302231][T29497] netlink_broadcast+0x35/0x50 [ 300.307001][T29497] kobject_uevent_env+0x8c9/0xc40 [ 300.312415][T29497] kobject_uevent+0x18/0x20 [ 300.316923][T29497] loop_configure+0xb3c/0xcb0 [ 300.321584][T29497] lo_ioctl+0x555/0x11f0 [ 300.325823][T29497] ? path_openat+0x19ab/0x20b0 [ 300.330655][T29497] ? putname+0xa5/0xc0 [ 300.334700][T29497] ? ___cache_free+0x3c/0x300 [ 300.339402][T29497] ? blkdev_common_ioctl+0x9c3/0x1040 [ 300.344936][T29497] ? selinux_file_ioctl+0x8e0/0x970 [ 300.350123][T29497] ? lo_release+0x120/0x120 [ 300.354609][T29497] blkdev_ioctl+0x1d0/0x3c0 [ 300.359163][T29497] block_ioctl+0x6d/0x80 [ 300.363449][T29497] ? blkdev_iopoll+0x70/0x70 20:05:14 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:14 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 300.368017][T29497] __se_sys_ioctl+0xcb/0x140 [ 300.372600][T29497] __x64_sys_ioctl+0x3f/0x50 [ 300.377232][T29497] do_syscall_64+0x4a/0x90 [ 300.381637][T29497] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 300.387508][T29497] RIP: 0033:0x466397 [ 300.391455][T29497] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 300.411336][T29497] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 300.419894][T29497] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 300.427983][T29497] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 300.436555][T29497] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 300.444530][T29497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 300.452485][T29497] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 20:05:14 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x10, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:14 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a08, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 300.474131][T29497] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 300.499208][T29497] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 300.509796][T29497] ext4_test_bit(bit=16, block=18) = 1 [ 300.515280][T29497] is_bad_inode(inode)=0 [ 300.519426][T29497] NEXT_ORPHAN(inode)=29447707 20:05:14 executing program 3 (fault-call:0 fault-nth:35): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:14 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x14, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 300.524175][T29497] max_ino=32 [ 300.527375][T29497] i_nlink=144 [ 300.531842][T29497] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 300.555013][T29525] loop4: detected capacity change from 0 to 4101 [ 300.564111][T29525] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 300.577625][T29525] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 300.590884][T29525] ext4_test_bit(bit=16, block=18) = 1 [ 300.597986][T29525] is_bad_inode(inode)=0 [ 300.603882][T29525] NEXT_ORPHAN(inode)=29447707 [ 300.609595][T29525] max_ino=32 [ 300.613690][T29525] i_nlink=144 [ 300.650574][T29542] loop3: detected capacity change from 0 to 4101 [ 300.659990][T29542] FAULT_INJECTION: forcing a failure. [ 300.659990][T29542] name failslab, interval 1, probability 0, space 0, times 0 [ 300.678982][T29542] CPU: 0 PID: 29542 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 20:05:14 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:14 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a0b, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:14 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0xc0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 300.692123][T29542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.695991][T29525] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 300.707071][T29542] Call Trace: [ 300.707084][T29542] dump_stack+0x137/0x19d [ 300.707121][T29542] should_fail+0x23c/0x250 [ 300.707137][T29542] ? getname_flags+0x84/0x3d0 20:05:14 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 300.707151][T29542] __should_failslab+0x81/0x90 [ 300.755300][T29542] should_failslab+0x5/0x20 [ 300.760879][T29542] kmem_cache_alloc+0x46/0x2f0 [ 300.766906][T29542] getname_flags+0x84/0x3d0 [ 300.772924][T29542] do_mkdirat+0x3b/0x200 [ 300.778792][T29542] __x64_sys_mkdir+0x32/0x40 [ 300.785636][T29542] do_syscall_64+0x4a/0x90 [ 300.790859][T29542] entry_SYSCALL_64_after_hwframe+0x44/0xae 20:05:14 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0xec0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 300.798987][T29542] RIP: 0033:0x4656e7 [ 300.804380][T29542] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 300.829193][T29542] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 300.839685][T29542] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 20:05:15 executing program 3 (fault-call:0 fault-nth:36): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 300.850114][T29542] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 300.858348][T29542] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 300.866377][T29542] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 300.874427][T29542] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 300.939278][T29570] loop3: detected capacity change from 0 to 4101 [ 300.945779][T29570] FAULT_INJECTION: forcing a failure. [ 300.945779][T29570] name failslab, interval 1, probability 0, space 0, times 0 [ 300.958449][T29570] CPU: 0 PID: 29570 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 300.967209][T29570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.977261][T29570] Call Trace: [ 300.980555][T29570] dump_stack+0x137/0x19d [ 300.984896][T29570] should_fail+0x23c/0x250 [ 300.989320][T29570] __should_failslab+0x81/0x90 [ 300.994111][T29570] ? call_usermodehelper_setup+0x81/0x160 [ 300.999818][T29570] should_failslab+0x5/0x20 [ 301.004412][T29570] kmem_cache_alloc_trace+0x49/0x310 [ 301.009757][T29570] ? add_uevent_var+0x16e/0x1c0 [ 301.014721][T29570] ? __kfree_skb+0xfe/0x150 [ 301.019231][T29570] call_usermodehelper_setup+0x81/0x160 [ 301.024757][T29570] ? add_uevent_var+0x1c0/0x1c0 [ 301.029665][T29570] kobject_uevent_env+0xb29/0xc40 [ 301.034717][T29570] kobject_uevent+0x18/0x20 [ 301.039211][T29570] loop_configure+0xb3c/0xcb0 [ 301.044657][T29570] lo_ioctl+0x555/0x11f0 [ 301.048892][T29570] ? path_openat+0x19ab/0x20b0 [ 301.053721][T29570] ? putname+0xa5/0xc0 [ 301.057770][T29570] ? ___cache_free+0x3c/0x300 [ 301.062442][T29570] ? blkdev_common_ioctl+0x9c3/0x1040 [ 301.067823][T29570] ? selinux_file_ioctl+0x8e0/0x970 [ 301.073013][T29570] ? lo_release+0x120/0x120 [ 301.077510][T29570] blkdev_ioctl+0x1d0/0x3c0 [ 301.081998][T29570] block_ioctl+0x6d/0x80 [ 301.086219][T29570] ? blkdev_iopoll+0x70/0x70 [ 301.090863][T29570] __se_sys_ioctl+0xcb/0x140 [ 301.095574][T29570] __x64_sys_ioctl+0x3f/0x50 [ 301.100243][T29570] do_syscall_64+0x4a/0x90 [ 301.104656][T29570] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 301.110726][T29570] RIP: 0033:0x466397 [ 301.114615][T29570] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 301.134667][T29570] RSP: 002b:00007f0b5e2cff48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 301.143069][T29570] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 301.151154][T29570] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 301.159111][T29570] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 301.167221][T29570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 301.175176][T29570] R13: 0000000000000004 R14: 00000000200002a8 R15: 0000000000000007 [ 301.191962][T29575] loop4: detected capacity change from 0 to 4101 [ 301.198652][T29570] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 301.213341][T29570] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 301.223762][T29570] ext4_test_bit(bit=16, block=18) = 1 [ 301.229175][T29570] is_bad_inode(inode)=0 [ 301.233322][T29570] NEXT_ORPHAN(inode)=29447707 20:05:15 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:15 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x33fe0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:15 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a25, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:15 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 301.233423][T29575] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 301.238001][T29570] max_ino=32 [ 301.238008][T29570] i_nlink=144 [ 301.238146][T29570] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 301.252679][T29575] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 301.274651][T29575] ext4_test_bit(bit=16, block=18) = 1 [ 301.280019][T29575] is_bad_inode(inode)=0 [ 301.284165][T29575] NEXT_ORPHAN(inode)=29447707 [ 301.288875][T29575] max_ino=32 20:05:15 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x200007a0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:15 executing program 3 (fault-call:0 fault-nth:37): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:15 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:15 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1702) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 301.292064][T29575] i_nlink=144 [ 301.295783][T29575] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:15 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x7ffff000, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 301.414174][T29609] loop3: detected capacity change from 0 to 4101 [ 301.421034][T29609] FAULT_INJECTION: forcing a failure. [ 301.421034][T29609] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 301.434183][T29609] CPU: 1 PID: 29609 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 301.440520][T29616] loop4: detected capacity change from 0 to 4101 [ 301.442934][T29609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.459300][T29609] Call Trace: [ 301.462579][T29609] dump_stack+0x137/0x19d [ 301.466908][T29609] should_fail+0x23c/0x250 [ 301.471332][T29609] should_fail_usercopy+0x16/0x20 [ 301.476448][T29609] strncpy_from_user+0x21/0x250 [ 301.481217][T29616] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 301.481374][T29609] getname_flags+0xb8/0x3d0 [ 301.493369][T29616] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 301.494945][T29609] do_mkdirat+0x3b/0x200 [ 301.494969][T29609] __x64_sys_mkdir+0x32/0x40 [ 301.505343][T29616] ext4_test_bit(bit=16, block=18) = 1 [ 301.509535][T29609] do_syscall_64+0x4a/0x90 [ 301.514279][T29616] is_bad_inode(inode)=0 [ 301.514286][T29616] NEXT_ORPHAN(inode)=29447707 [ 301.519653][T29609] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 301.519677][T29609] RIP: 0033:0x4656e7 [ 301.524094][T29616] max_ino=32 20:05:15 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:15 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0xfffffdef, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:15 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x5, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 301.528571][T29609] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 301.528588][T29609] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 [ 301.533678][T29616] i_nlink=144 [ 301.534169][T29616] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 301.539545][T29609] ORIG_RAX: 0000000000000053 [ 301.539554][T29609] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 301.539565][T29609] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 301.539577][T29609] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 301.615127][T29609] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 301.623209][T29609] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 301.720211][T29644] loop4: detected capacity change from 0 to 4101 [ 301.730997][T29644] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 301.741687][T29644] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 301.752457][T29644] ext4_test_bit(bit=16, block=18) = 1 [ 301.758050][T29644] is_bad_inode(inode)=0 [ 301.762628][T29644] NEXT_ORPHAN(inode)=29447707 [ 301.767366][T29644] max_ino=32 [ 301.770553][T29644] i_nlink=144 [ 301.773880][T29644] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:16 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x2, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:16 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1704) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semget$private(0x0, 0x20000000102, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:16 executing program 3 (fault-call:0 fault-nth:38): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:16 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:16 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:16 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x4, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:16 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1705) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 302.185357][T29665] loop3: detected capacity change from 0 to 4101 [ 302.197119][T29665] FAULT_INJECTION: forcing a failure. [ 302.197119][T29665] name failslab, interval 1, probability 0, space 0, times 0 [ 302.209828][T29665] CPU: 0 PID: 29665 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 302.218679][T29665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.228737][T29665] Call Trace: 20:05:16 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x6, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 302.232080][T29665] dump_stack+0x137/0x19d [ 302.236409][T29665] should_fail+0x23c/0x250 [ 302.238904][T29664] loop4: detected capacity change from 0 to 4101 [ 302.240913][T29665] ? __d_alloc+0x36/0x370 [ 302.240932][T29665] __should_failslab+0x81/0x90 [ 302.256310][T29665] should_failslab+0x5/0x20 [ 302.260811][T29665] kmem_cache_alloc+0x46/0x2f0 [ 302.265579][T29665] __d_alloc+0x36/0x370 [ 302.269807][T29665] ? putname+0xa5/0xc0 [ 302.273947][T29665] d_alloc+0x2a/0x130 [ 302.277929][T29665] __lookup_hash+0x8f/0x180 [ 302.282480][T29665] filename_create+0xdb/0x3c0 [ 302.287137][T29665] do_mkdirat+0x59/0x200 [ 302.291421][T29665] __x64_sys_mkdir+0x32/0x40 [ 302.295993][T29665] do_syscall_64+0x4a/0x90 [ 302.300405][T29665] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 302.306328][T29665] RIP: 0033:0x4656e7 [ 302.310254][T29665] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 302.329842][T29665] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 302.338234][T29665] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 302.346185][T29665] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 302.354137][T29665] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 302.362092][T29665] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 302.370054][T29665] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 302.384334][T29664] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 302.394542][T29664] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 302.404934][T29664] ext4_test_bit(bit=16, block=18) = 1 [ 302.410294][T29664] is_bad_inode(inode)=0 [ 302.414427][T29664] NEXT_ORPHAN(inode)=29447707 [ 302.419134][T29664] max_ino=32 [ 302.422403][T29664] i_nlink=144 20:05:16 executing program 3 (fault-call:0 fault-nth:39): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 302.425852][T29664] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:16 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x7, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:16 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:16 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x8, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:16 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1707) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 302.504506][T29698] loop3: detected capacity change from 0 to 4101 [ 302.512081][T29698] FAULT_INJECTION: forcing a failure. [ 302.512081][T29698] name failslab, interval 1, probability 0, space 0, times 0 [ 302.524798][T29698] CPU: 1 PID: 29698 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 302.533564][T29698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.543961][T29698] Call Trace: [ 302.547255][T29698] dump_stack+0x137/0x19d [ 302.551662][T29698] should_fail+0x23c/0x250 [ 302.556154][T29698] ? ext4_alloc_inode+0x27/0x300 [ 302.561227][T29698] __should_failslab+0x81/0x90 [ 302.566171][T29698] ? set_qf_name+0x230/0x230 [ 302.570787][T29698] should_failslab+0x5/0x20 [ 302.575649][T29698] kmem_cache_alloc+0x46/0x2f0 [ 302.582499][T29698] ? ebitmap_destroy+0x91/0xa0 [ 302.587896][T29698] ? set_qf_name+0x230/0x230 [ 302.592517][T29698] ext4_alloc_inode+0x27/0x300 [ 302.598935][T29698] ? set_qf_name+0x230/0x230 20:05:16 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0xe, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 302.604023][T29698] new_inode_pseudo+0x38/0x1c0 [ 302.609668][T29698] new_inode+0x21/0x120 [ 302.614009][T29698] __ext4_new_inode+0x126/0x2f70 [ 302.620225][T29698] ? __dquot_initialize+0x131/0x7e0 [ 302.626375][T29698] ext4_mkdir+0x28a/0x760 [ 302.630893][T29698] vfs_mkdir+0x2a4/0x370 [ 302.635666][T29698] do_mkdirat+0x11d/0x200 [ 302.640774][T29698] __x64_sys_mkdir+0x32/0x40 [ 302.645420][T29717] loop4: detected capacity change from 0 to 4101 [ 302.647018][T29698] do_syscall_64+0x4a/0x90 [ 302.647044][T29698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 302.666093][T29698] RIP: 0033:0x4656e7 [ 302.670641][T29698] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 302.694280][T29698] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 20:05:16 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x10, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 302.704150][T29698] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 302.714056][T29698] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 302.724846][T29698] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 302.733761][T29698] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 302.744672][T29698] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 302.779546][T29717] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 302.791531][T29717] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 302.805834][T29717] ext4_test_bit(bit=16, block=18) = 1 [ 302.812315][T29717] is_bad_inode(inode)=0 [ 302.816671][T29717] NEXT_ORPHAN(inode)=29447707 [ 302.822228][T29717] max_ino=32 20:05:16 executing program 3 (fault-call:0 fault-nth:40): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:16 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x170c) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 302.826051][T29717] i_nlink=144 [ 302.842017][T29717] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:17 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x500, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 302.902903][T29737] loop3: detected capacity change from 0 to 4101 [ 302.910275][T29737] FAULT_INJECTION: forcing a failure. [ 302.910275][T29737] name failslab, interval 1, probability 0, space 0, times 0 [ 302.922988][T29737] CPU: 1 PID: 29737 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 302.931794][T29737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.941855][T29737] Call Trace: [ 302.945263][T29737] dump_stack+0x137/0x19d 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 302.949870][T29737] should_fail+0x23c/0x250 [ 302.954284][T29737] ? security_inode_alloc+0x30/0x180 [ 302.959635][T29737] __should_failslab+0x81/0x90 [ 302.964459][T29737] should_failslab+0x5/0x20 [ 302.969017][T29737] kmem_cache_alloc+0x46/0x2f0 [ 302.973777][T29737] security_inode_alloc+0x30/0x180 [ 302.978901][T29737] inode_init_always+0x20b/0x420 [ 302.983884][T29737] ? set_qf_name+0x230/0x230 [ 302.988476][T29737] new_inode_pseudo+0x73/0x1c0 [ 302.993248][T29737] new_inode+0x21/0x120 [ 302.997403][T29737] __ext4_new_inode+0x126/0x2f70 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 303.002357][T29737] ? __dquot_initialize+0x131/0x7e0 [ 303.007585][T29737] ext4_mkdir+0x28a/0x760 [ 303.012002][T29737] vfs_mkdir+0x2a4/0x370 [ 303.016244][T29737] do_mkdirat+0x11d/0x200 [ 303.020763][T29737] __x64_sys_mkdir+0x32/0x40 [ 303.025362][T29737] do_syscall_64+0x4a/0x90 [ 303.029820][T29737] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 303.036312][T29737] RIP: 0033:0x4656e7 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 303.040299][T29737] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 303.060186][T29737] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 303.068730][T29737] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 303.076774][T29737] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 303.084761][T29737] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 303.092729][T29737] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 303.100730][T29737] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:17 executing program 3 (fault-call:0 fault-nth:41): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:17 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x170d) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 303.188848][T29785] loop4: detected capacity change from 0 to 4101 [ 303.205766][T29792] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 303.216248][T29794] loop3: detected capacity change from 0 to 4101 [ 303.217234][T29785] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 303.230148][T29794] FAULT_INJECTION: forcing a failure. [ 303.230148][T29794] name failslab, interval 1, probability 0, space 0, times 0 [ 303.236683][T29785] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 303.245006][T29794] CPU: 1 PID: 29794 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 303.255346][T29785] ext4_test_bit(bit=16, block=18) = 1 [ 303.264057][T29794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.264068][T29794] Call Trace: [ 303.264075][T29794] dump_stack+0x137/0x19d [ 303.269442][T29785] is_bad_inode(inode)=0 [ 303.269447][T29785] NEXT_ORPHAN(inode)=29447707 [ 303.269452][T29785] max_ino=32 [ 303.269455][T29785] i_nlink=144 [ 303.271776][T29785] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 303.279518][T29794] should_fail+0x23c/0x250 [ 303.279543][T29794] ? kcalloc+0x32/0x50 [ 303.279561][T29794] __should_failslab+0x81/0x90 [ 303.279580][T29794] should_failslab+0x5/0x20 [ 303.330929][T29794] __kmalloc+0x66/0x340 [ 303.335094][T29794] ? chksum_update+0x39/0x50 20:05:17 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x9, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x2, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 303.339683][T29794] kcalloc+0x32/0x50 [ 303.343581][T29794] ext4_find_extent+0x21c/0x7f0 [ 303.348442][T29794] ? kcsan_setup_watchpoint+0x26e/0x470 [ 303.353990][T29794] ext4_ext_map_blocks+0xd9/0x1f00 [ 303.359140][T29794] ? __down_read_common+0x16b/0x5a0 [ 303.364350][T29794] ? percpu_counter_add_batch+0x69/0xd0 [ 303.369898][T29794] ? ext4_es_lookup_extent+0x206/0x490 [ 303.370384][T29808] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 303.375358][T29794] ext4_map_blocks+0x1be/0xef0 [ 303.375380][T29794] ext4_getblk+0xb1/0x3d0 [ 303.395616][T29794] ? __ext4_new_inode+0x2aed/0x2f70 [ 303.401018][T29794] ext4_bread+0x28/0x130 [ 303.405261][T29794] ext4_append+0xd1/0x1c0 [ 303.409600][T29794] ext4_init_new_dir+0x177/0x500 [ 303.414692][T29794] ext4_mkdir+0x329/0x760 [ 303.419019][T29794] vfs_mkdir+0x2a4/0x370 [ 303.423258][T29794] do_mkdirat+0x11d/0x200 [ 303.427642][T29794] __x64_sys_mkdir+0x32/0x40 [ 303.432325][T29794] do_syscall_64+0x4a/0x90 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x3, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 303.436778][T29794] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 303.442670][T29794] RIP: 0033:0x4656e7 [ 303.446672][T29794] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 303.455414][T29813] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 303.466350][T29794] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 303.466371][T29794] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 303.466382][T29794] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 303.466392][T29794] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 303.510257][T29794] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 303.518269][T29794] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 303.553512][T29794] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 303.565853][T29794] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 303.576485][T29794] ext4_test_bit(bit=16, block=18) = 1 [ 303.581847][T29794] is_bad_inode(inode)=0 [ 303.586011][T29794] NEXT_ORPHAN(inode)=29447707 [ 303.590673][T29794] max_ino=32 [ 303.593859][T29794] i_nlink=144 20:05:17 executing program 3 (fault-call:0 fault-nth:42): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:17 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x170e) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x4, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 303.597338][T29794] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 303.653528][T29838] loop4: detected capacity change from 0 to 4101 [ 303.662260][T29838] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 303.679131][T29838] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 303.689612][T29838] ext4_test_bit(bit=16, block=18) = 1 [ 303.695004][T29838] is_bad_inode(inode)=0 [ 303.697527][T29848] loop3: detected capacity change from 0 to 4101 [ 303.699190][T29838] NEXT_ORPHAN(inode)=29447707 [ 303.699198][T29838] max_ino=32 [ 303.699202][T29838] i_nlink=144 [ 303.718725][T29838] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 303.722453][T29848] FAULT_INJECTION: forcing a failure. [ 303.722453][T29848] name failslab, interval 1, probability 0, space 0, times 0 [ 303.741856][T29848] CPU: 0 PID: 29848 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 20:05:17 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xa, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x5, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:17 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1718) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 303.750615][T29848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.760664][T29848] Call Trace: [ 303.763943][T29848] dump_stack+0x137/0x19d [ 303.768452][T29848] should_fail+0x23c/0x250 [ 303.772940][T29848] ? __es_insert_extent+0x51f/0xe70 [ 303.778184][T29848] __should_failslab+0x81/0x90 [ 303.783054][T29848] should_failslab+0x5/0x20 [ 303.787646][T29848] kmem_cache_alloc+0x46/0x2f0 [ 303.792488][T29848] ? unlock_page_memcg+0xc3/0xe0 [ 303.797490][T29848] __es_insert_extent+0x51f/0xe70 20:05:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x6, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 303.802535][T29848] ? kcalloc+0x32/0x50 [ 303.806617][T29848] ? __kmalloc+0x23d/0x340 [ 303.811050][T29848] ? kcalloc+0x32/0x50 [ 303.815302][T29848] ext4_es_insert_extent+0x1bb/0x19d0 [ 303.820673][T29848] ? ext4_ext_convert_to_initialized+0xf50/0xf50 [ 303.827131][T29848] ext4_ext_map_blocks+0xf79/0x1f00 [ 303.832331][T29848] ? __down_read_common+0x16b/0x5a0 [ 303.837522][T29848] ? percpu_counter_add_batch+0x69/0xd0 [ 303.843099][T29848] ? ext4_es_lookup_extent+0x206/0x490 [ 303.848568][T29848] ext4_map_blocks+0x1be/0xef0 20:05:17 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x7a05, 0x1700) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) write$binfmt_script(r2, &(0x7f0000000240)={'#! ', './file0', [{0x20, 'syz1'}, {0x20, '-\xa8*]-'}, {0x20, 'rdma.current\x00'}, {}, {0x20, '\x00'}, {0x20, '}'}], 0xa, "021d5aa7fda310df4fc449ca9a349d2a15cf218b17cc29b70e612561d172cd89925066902178a3a933942961c0b3a82e9e7ddacd1dff93ae51c2c03c3d9fd23dca912ba63d5ff775e1e15d41a646df518e398a8e6ee41414bf34f06dfea8e1d111b13d04b44eb6c9719bd298cce6ee1a51a93669bb49055fcf28bc5a64771012d6d155dc79eafb07de3e53b61979edb7afc28ab0d9aa8ac640aa50941c4e42e04db003dff6f673ef9b3a925b4a08eb429cd975811064a4fdb2472de390d10a3bac66337c1b69164d285a4bb8821cd84a352bc8d5cfe983f0ab968cf259f01a3e57cddaf70c2c86"}, 0x110) syz_open_dev$vcsn(&(0x7f0000000380), 0x216f5eed, 0x101000) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000cab000)=0xc) write$binfmt_misc(r1, &(0x7f0000000100)={'syz1', "da80aebf3227fa2640dbb13d327e68f87ec94c33c5780a2193b1300a4a80e7f40bd78ebdee9ced29f13a0341ac0f8871df0191386caf871e3d3ad891dbf22f95d9da4c3bd8c2de6677538ad773b0df2c0c5c5bc2093fe67345e75cf236e6fcee99e636c29309f2aff2e130a5f07d030d84a8b53e343f21ad284f1a29010872179a32b41f0c4c62d4c45b5a7f65e5b18f56cb06c7e7e9b17a0f232457a5c2d2da397ae213dee2abc5a69cf0eb87fe20e476ce6879ee8458268f3329a7bde7d9e133e5849c51ad"}, 0xca) setsockopt$inet6_int(r0, 0x29, 0xcf, &(0x7f0000000200)=0x2, 0x4) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000003c0)={0xf800000, 0x1, 0x3, 0x1, 0x8, [{0xe2, 0x7, 0x80000000ffffffff, '\x00', 0x1381}, {0x400, 0x88, 0x5, '\x00', 0x104}, {0x3, 0x6, 0x5, '\x00', 0xe80}, {0xfffffffffffffff8, 0x6, 0x2, '\x00', 0x1102}, {0x7, 0xffffffffffffffc1, 0x1, '\x00', 0x8}, {0x41, 0x1, 0x1000, '\x00', 0xa08}, {0x5e2, 0x8, 0x2, '\x00', 0x2003}, {0x3, 0x20, 0x8, '\x00', 0x4}]}) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) openat$cgroup_ro(r4, &(0x7f0000000080)='cpuacct.stat\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 303.853337][T29848] ext4_getblk+0xb1/0x3d0 [ 303.857678][T29848] ? __ext4_new_inode+0x2aed/0x2f70 [ 303.862982][T29848] ext4_bread+0x28/0x130 [ 303.867218][T29848] ext4_append+0xd1/0x1c0 [ 303.871557][T29848] ext4_init_new_dir+0x177/0x500 [ 303.876777][T29848] ext4_mkdir+0x329/0x760 [ 303.881268][T29848] vfs_mkdir+0x2a4/0x370 [ 303.885516][T29848] do_mkdirat+0x11d/0x200 [ 303.889884][T29848] __x64_sys_mkdir+0x32/0x40 [ 303.894578][T29848] do_syscall_64+0x4a/0x90 [ 303.898996][T29848] entry_SYSCALL_64_after_hwframe+0x44/0xae 20:05:18 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x7, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 303.904903][T29848] RIP: 0033:0x4656e7 [ 303.908790][T29848] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 303.928815][T29848] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 20:05:18 executing program 3 (fault-call:0 fault-nth:43): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:18 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x9, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 303.928840][T29848] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 303.928919][T29848] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 303.928930][T29848] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 303.928942][T29848] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 303.928951][T29848] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 303.939376][T29848] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 303.940142][T29848] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 303.940167][T29848] ext4_test_bit(bit=16, block=18) = 1 [ 303.940178][T29848] is_bad_inode(inode)=0 [ 303.940184][T29848] NEXT_ORPHAN(inode)=29447707 [ 303.940190][T29848] max_ino=32 [ 303.940195][T29848] i_nlink=144 20:05:18 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x22, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:18 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 303.940306][T29848] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:18 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xb, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 304.083343][T29890] loop4: detected capacity change from 0 to 4101 [ 304.098651][T29899] loop3: detected capacity change from 0 to 4101 [ 304.101279][T29899] FAULT_INJECTION: forcing a failure. [ 304.101279][T29899] name failslab, interval 1, probability 0, space 0, times 0 [ 304.101301][T29899] CPU: 1 PID: 29899 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 304.101320][T29899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 304.101330][T29899] Call Trace: [ 304.101337][T29899] dump_stack+0x137/0x19d [ 304.101408][T29899] should_fail+0x23c/0x250 [ 304.101472][T29899] ? kcalloc+0x32/0x50 [ 304.101487][T29899] __should_failslab+0x81/0x90 [ 304.101505][T29899] should_failslab+0x5/0x20 [ 304.101527][T29899] __kmalloc+0x66/0x340 [ 304.101545][T29899] ? kcalloc+0x32/0x50 [ 304.101562][T29899] kcalloc+0x32/0x50 [ 304.101655][T29899] ext4_find_extent+0x21c/0x7f0 [ 304.101697][T29899] ? kfree+0xf0/0x1d0 [ 304.101722][T29899] ext4_ext_map_blocks+0xd9/0x1f00 [ 304.101741][T29899] ? __down_write_common+0x45/0x890 [ 304.101756][T29899] ? __down_read_common+0x16b/0x5a0 [ 304.101772][T29899] ? percpu_counter_add_batch+0x69/0xd0 [ 304.101866][T29899] ? ext4_es_lookup_extent+0x206/0x490 [ 304.101955][T29899] ext4_map_blocks+0x70d/0xef0 [ 304.101973][T29899] ext4_getblk+0xb1/0x3d0 [ 304.102019][T29899] ext4_bread+0x28/0x130 [ 304.102031][T29899] ext4_append+0xd1/0x1c0 [ 304.102048][T29899] ext4_init_new_dir+0x177/0x500 [ 304.102113][T29899] ext4_mkdir+0x329/0x760 [ 304.102135][T29899] vfs_mkdir+0x2a4/0x370 [ 304.102152][T29899] do_mkdirat+0x11d/0x200 [ 304.102176][T29899] __x64_sys_mkdir+0x32/0x40 [ 304.102272][T29899] do_syscall_64+0x4a/0x90 [ 304.102369][T29899] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 304.102394][T29899] RIP: 0033:0x4656e7 [ 304.102408][T29899] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 304.102481][T29899] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 304.102537][T29899] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 304.102546][T29899] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 304.102555][T29899] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 304.102565][T29899] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 304.102574][T29899] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 304.120455][T29890] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 304.121084][T29890] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 304.121105][T29890] ext4_test_bit(bit=16, block=18) = 1 [ 304.121113][T29890] is_bad_inode(inode)=0 [ 304.121117][T29890] NEXT_ORPHAN(inode)=29447707 [ 304.121122][T29890] max_ino=32 [ 304.121125][T29890] i_nlink=144 [ 304.121137][T29890] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 304.232675][T29919] loop4: detected capacity change from 0 to 4101 [ 304.241149][T29919] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 304.479029][T29919] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 304.489521][T29919] ext4_test_bit(bit=16, block=18) = 1 [ 304.494944][T29919] is_bad_inode(inode)=0 [ 304.499092][T29919] NEXT_ORPHAN(inode)=29447707 [ 304.503756][T29919] max_ino=32 [ 304.506968][T29919] i_nlink=144 [ 304.510445][T29919] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:18 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:18 executing program 3 (fault-call:0 fault-nth:44): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:18 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x300, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:18 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:18 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r2 = pidfd_getfd(r0, r0, 0x0) dup3(r1, r2, 0x80000) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:18 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xc, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:18 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x480, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 304.682254][T29937] loop4: detected capacity change from 0 to 4101 [ 304.689420][T29936] loop3: detected capacity change from 0 to 4101 [ 304.703193][T29936] FAULT_INJECTION: forcing a failure. [ 304.703193][T29936] name failslab, interval 1, probability 0, space 0, times 0 [ 304.717900][T29936] CPU: 1 PID: 29936 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 304.727371][T29936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 304.738420][T29936] Call Trace: [ 304.741891][T29936] dump_stack+0x137/0x19d [ 304.746425][T29936] should_fail+0x23c/0x250 [ 304.750842][T29936] ? kcalloc+0x32/0x50 [ 304.754896][T29936] __should_failslab+0x81/0x90 [ 304.759717][T29936] should_failslab+0x5/0x20 [ 304.764206][T29936] __kmalloc+0x66/0x340 [ 304.768360][T29936] ? kcalloc+0x32/0x50 [ 304.772486][T29936] kcalloc+0x32/0x50 [ 304.776382][T29936] ext4_find_extent+0x21c/0x7f0 [ 304.781229][T29936] ? kfree+0xf0/0x1d0 [ 304.785354][T29936] ext4_ext_map_blocks+0xd9/0x1f00 [ 304.790462][T29936] ? __down_write_common+0x45/0x890 [ 304.795655][T29936] ? __down_read_common+0x16b/0x5a0 [ 304.800838][T29936] ? percpu_counter_add_batch+0x69/0xd0 [ 304.806369][T29936] ? ext4_es_lookup_extent+0x206/0x490 [ 304.811922][T29936] ext4_map_blocks+0x70d/0xef0 [ 304.816922][T29936] ext4_getblk+0xb1/0x3d0 [ 304.821242][T29936] ext4_bread+0x28/0x130 [ 304.825490][T29936] ext4_append+0xd1/0x1c0 [ 304.829816][T29936] ext4_init_new_dir+0x177/0x500 [ 304.834783][T29936] ext4_mkdir+0x329/0x760 [ 304.839104][T29936] vfs_mkdir+0x2a4/0x370 [ 304.843391][T29936] do_mkdirat+0x11d/0x200 [ 304.847761][T29936] __x64_sys_mkdir+0x32/0x40 [ 304.852389][T29936] do_syscall_64+0x4a/0x90 [ 304.856827][T29936] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 304.862812][T29936] RIP: 0033:0x4656e7 [ 304.866749][T29936] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 304.886340][T29936] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 304.894748][T29936] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 304.902711][T29936] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 304.910833][T29936] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 304.918877][T29936] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 304.926834][T29936] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 304.946973][T29937] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:19 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81000) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) fcntl$dupfd(r1, 0x0, r1) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r5 = syz_open_dev$vcsn(&(0x7f0000000000), 0xf0, 0xc0080) openat$cgroup_ro(r5, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:19 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:19 executing program 3 (fault-call:0 fault-nth:45): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x500, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 304.974651][T29937] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 304.985051][T29937] ext4_test_bit(bit=16, block=18) = 1 [ 304.990421][T29937] is_bad_inode(inode)=0 [ 304.994672][T29937] NEXT_ORPHAN(inode)=29447707 [ 304.999360][T29937] max_ino=32 [ 305.002551][T29937] i_nlink=144 20:05:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x600, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 305.070006][T29937] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 305.081772][T29972] loop3: detected capacity change from 0 to 4101 [ 305.102387][T29972] FAULT_INJECTION: forcing a failure. [ 305.102387][T29972] name failslab, interval 1, probability 0, space 0, times 0 [ 305.115069][T29972] CPU: 0 PID: 29972 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 305.123925][T29972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.133985][T29972] Call Trace: [ 305.137259][T29972] dump_stack+0x137/0x19d [ 305.141651][T29972] should_fail+0x23c/0x250 [ 305.146098][T29972] ? ext4_mb_new_blocks+0x70f/0x1f90 [ 305.151469][T29972] __should_failslab+0x81/0x90 [ 305.156261][T29972] should_failslab+0x5/0x20 [ 305.160843][T29972] kmem_cache_alloc+0x46/0x2f0 [ 305.165607][T29972] ext4_mb_new_blocks+0x70f/0x1f90 [ 305.170779][T29972] ? ext4_find_extent+0x6cf/0x7f0 [ 305.175818][T29972] ? ext4_ext_search_right+0x300/0x540 [ 305.181378][T29972] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 305.187113][T29972] ext4_ext_map_blocks+0x1569/0x1f00 [ 305.192404][T29972] ? __down_read_common+0x16b/0x5a0 [ 305.197600][T29972] ? percpu_counter_add_batch+0x69/0xd0 [ 305.203157][T29972] ? ext4_es_lookup_extent+0x206/0x490 [ 305.208605][T29972] ext4_map_blocks+0x70d/0xef0 [ 305.213357][T29972] ext4_getblk+0xb1/0x3d0 [ 305.217777][T29972] ext4_bread+0x28/0x130 [ 305.222004][T29972] ext4_append+0xd1/0x1c0 [ 305.226417][T29972] ext4_init_new_dir+0x177/0x500 [ 305.231440][T29972] ext4_mkdir+0x329/0x760 [ 305.235771][T29972] vfs_mkdir+0x2a4/0x370 [ 305.240003][T29972] do_mkdirat+0x11d/0x200 [ 305.244421][T29972] __x64_sys_mkdir+0x32/0x40 [ 305.249010][T29972] do_syscall_64+0x4a/0x90 [ 305.253420][T29972] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 305.259297][T29972] RIP: 0033:0x4656e7 [ 305.263170][T29972] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 305.282816][T29972] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 305.291313][T29972] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 305.299311][T29972] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 305.307261][T29972] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 305.315230][T29972] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 305.323192][T29972] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:19 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xd, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:19 executing program 1: syncfs(0xffffffffffffffff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x700, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:19 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x6c00}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:19 executing program 3 (fault-call:0 fault-nth:46): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x900, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 305.557886][T29994] loop4: detected capacity change from 0 to 4101 [ 305.568329][T29996] loop3: detected capacity change from 0 to 4101 [ 305.585931][T29996] FAULT_INJECTION: forcing a failure. [ 305.585931][T29996] name failslab, interval 1, probability 0, space 0, times 0 [ 305.605171][T29996] CPU: 0 PID: 29996 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 305.618579][T29996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.635991][T29996] Call Trace: [ 305.642616][T29996] dump_stack+0x137/0x19d [ 305.650645][T29996] should_fail+0x23c/0x250 [ 305.658352][T29996] ? ext4_mb_new_blocks+0x70f/0x1f90 [ 305.667916][T29996] __should_failslab+0x81/0x90 [ 305.678055][T29996] should_failslab+0x5/0x20 [ 305.685255][T29996] kmem_cache_alloc+0x46/0x2f0 [ 305.693322][T29996] ext4_mb_new_blocks+0x70f/0x1f90 [ 305.700491][T29996] ? ext4_find_extent+0x6cf/0x7f0 [ 305.707604][T29996] ? ext4_ext_search_right+0x300/0x540 [ 305.715657][T29996] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 305.724400][T29996] ext4_ext_map_blocks+0x1569/0x1f00 [ 305.734008][T29996] ? __down_read_common+0x16b/0x5a0 [ 305.743883][T29996] ? percpu_counter_add_batch+0x69/0xd0 [ 305.754146][T29996] ? ext4_es_lookup_extent+0x206/0x490 [ 305.764591][T29996] ext4_map_blocks+0x70d/0xef0 [ 305.772536][T29996] ext4_getblk+0xb1/0x3d0 [ 305.781056][T29996] ext4_bread+0x28/0x130 [ 305.787636][T29996] ext4_append+0xd1/0x1c0 [ 305.794227][T29996] ext4_init_new_dir+0x177/0x500 [ 305.802676][T29996] ext4_mkdir+0x329/0x760 [ 305.810108][T29996] vfs_mkdir+0x2a4/0x370 [ 305.818324][T29996] do_mkdirat+0x11d/0x200 [ 305.824127][T29996] __x64_sys_mkdir+0x32/0x40 [ 305.834104][T29996] do_syscall_64+0x4a/0x90 [ 305.841555][T29996] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 305.850538][T29996] RIP: 0033:0x4656e7 [ 305.857302][T29996] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 305.888757][T29996] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 305.902573][T29996] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 305.913675][T29996] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 305.923454][T29996] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 305.934901][T29996] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 305.943827][T29996] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:20 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0x84c6, 0x8a101) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 305.954875][T29994] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 305.975781][T29994] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 305.986269][T29994] ext4_test_bit(bit=16, block=18) = 1 [ 305.991654][T29994] is_bad_inode(inode)=0 [ 305.995829][T29994] NEXT_ORPHAN(inode)=29447707 [ 306.000513][T29994] max_ino=32 [ 306.003803][T29994] i_nlink=144 20:05:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x2200, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xe, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x8004, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:20 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000000000)={0x176, 0xffff, 0x4, 0x8, 0x1000}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = open$dir(&(0x7f0000000280)='./file0\x00', 0x800, 0x95) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r2, r3, r4, r5, r6], 0x5) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000340)={0x0, 0x0, r3, 0xfffff2e2}) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_EEE_GET(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x60, r7, 0x320, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000004) [ 306.007299][T29994] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 306.110675][T30039] loop4: detected capacity change from 0 to 4101 [ 306.125888][T30039] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 306.144420][T30038] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30038 comm=syz-executor.1 [ 306.160388][T30039] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 306.166970][T30047] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30047 comm=syz-executor.1 [ 306.170827][T30039] ext4_test_bit(bit=16, block=18) = 1 [ 306.188961][T30039] is_bad_inode(inode)=0 [ 306.193107][T30039] NEXT_ORPHAN(inode)=29447707 [ 306.197803][T30039] max_ino=32 [ 306.200994][T30039] i_nlink=144 [ 306.204493][T30039] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:20 executing program 3 (fault-call:0 fault-nth:47): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x30000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:20 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = fsopen(&(0x7f0000000000)='btrfs\x00', 0x1) r3 = io_uring_setup(0x61b3, &(0x7f0000000100)={0x0, 0xfbb, 0x1, 0x3, 0x2c7, 0x0, r0}) splice(r2, &(0x7f0000000040)=0xb, r3, &(0x7f0000000080)=0x7ffe, 0x3, 0x3) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0, 0x0) openat$cgroup_ro(r5, &(0x7f0000000180)='memory.current\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEV_REPLACE(r2, 0xca289435, &(0x7f00000003c0)={0x0, 0x8, @start={0x0, 0x0, "300d8788f5858c55c7227ec30636b582757d3c6a3a8f6997580a3a5cf841f457c1714d53684906b17fc650ea487cc766f896f05b29f6b20a79f33ca263fcc8bcad8df797d9e73ff964239c74309f576baf4fbeb78b6205cb73fedc5f90367122473bee49c33b73fc5a19844102f7a704ab6627da976928a131a9fe9ad76c1c6cde601c62d0cb994e8ffb1890ec1c61f3607885ff7e809f242842364aaabb12c75b3e801afc4cdb701ce4addc010d2fd3b344e6e86fc8b1d04b5ef154c132472b8665589b5c192bc5e963e75d809dda65fd87904cdd8da4d73a475b62f8939145e04ee9404e961dafd8a772f671c13df704f876e980671f0a7d8207fdef229894194d0232cc378b79c02ab881d6dce361a7dee5b778881b42ad4ef2e552d0087388ce9632b196415c623ea6baa2a24a4eb052e4cbc7d0f48479ba952ead6a4f3a47b9496c4f51389da88b5e51bfdfc9c7496991648e0696218f30e1bc7eed41689e8e56c58b6768eb8a4c30e065dbd20c444d61b66a03914c5d3d0881901f12745cae80967fa9d95b527bac324c9a0c484d5e0ff728be87660635c69f1bd313b1f57eb3be813a77a0fb15a7e761a0787998f04d1cf2ac1be05e60cb57e3596d3a7513a30636e55d30a3851cc5f75ed34891924c43200bd16721522ef3e3af125fafe5bfffb2228c703ab2d1301b568aa59d1aac23a19347e02fe3237493d7839060c0f8f06c0dca0b9b3336b8bd07715a23a8bbc5e1e967a88fc270f6877986f38498c77095f04a01ae131903bca500fad638537e4a9d0035a8fc49406e9c53560ac43546716f6826929e4192d5fb044f0f41717a5538a1cb2a1d5a2a51697cfad5d0f287ea1a5b5d440df4e8f2346fb7e5dbf89155f4ffc0f6c4a829215a32937d92a0c90070b51013ae2850fe58860b0b4d09a98d32b4524e8e1e0f2e1457b9d544f5e8de67b7eb8aa2a9f73f733ec300b3363f208605ea9fd774381ed3c3bfb48739115766a975fae2a1cd4f8a5e19a09dee3b705e878edaa11ff43214cab1a9aef41d0fb959616339e21a1044a372d835e53d805147b5b371fc7cec2d1ee5e41d35a8707c0464c5ddbf2582c2aa37d547a868b81edd156a8d88f8ea0533f7bf7c4417df0daf500c771ff09362df847b15e5a5fd3ac88448097612964deae149bf78a114684cd9dc1af2bb02ab94574e81aeb6ae9079e6a9999b31b56d901e9c11733eb1e0b162f5e29f300734ca23d8ba886b0f055c09ac36f246b8fba8f7857c0daa28965161ff9d7e4bcb6ca9e2e5625d679af4f42ecaa9dcd6ba4d93cdc455ba59fbc5d05cdeaddfddeff8dca02266a983ef7588461c6c5e28e481dcdd515779c1a688729036cfb8da14f0df070d163ea314e8b306b3026332ed62ffbac821346de44abad90986d46b8e3e5c180fb9a51cdb96205f962ad9fded23f598f0", "77f7f242ca5b595e1c64a7b7d6323927558b5d63c49034a37ef0fc204b784ede4e154f819b86537f56bd4ec48a0cbf6422b074d0a23a6a03a0a5c18e6a3a1597c88aaa02361a3a926920f387fcf5e319355b497cbc008f8692863cf51746711ac3789c1519df52593827c7b3c758d655281889412466d927a98e284fbca02b1d5b59060a1dc639afecb9f67f30d8fa584828ccf95d48ddede81fc2b4a71ba9ced7031b87cc0c3cb1d1bf9ca20e36cf0f919d90fa7a38d831466bf2b17015ee939e4ad2cc531054515d5338c1b84ae8cfb5a5496855dff8d93546835d9aade03e14caf9c7b4db52618b736d0b08d2cbc1a0999d096828960280e6f7315c05a183849382aa01402119712ce6f64c26ca14ee7de2911a3f947731df245b3f0f43918eff015746665d842edd0a9dbe39b3bf3cd5a42923bb7a8593216ff8727f29ce1e7c11d70a84547a47441899c3507895e90f3f5e74339726c08706d7a4319e54963ac00e597c2612483dbd113cc0af2939a18e06a2a1d83d5f6b1f872f0b6fb662d76995b844566c898812a365a145295723de4f1493d8d0fcd69a403ea97a0ec19502a8145003df997c76103555d1575f50e9c520683df11f61de39b4827481f0430086dd1a69df65118fcb6cf980fe98fa537f0346570c4d054bbe3dc5f5106507074805d42ac446df2969bff7157b3309f8c47090b10daf1e413260c22cc68670f67bb6480585fb5c861a98058991f80cda9e166069059a4d09384dc6e7719c610e1961d21aa86810e732727db357794105b459a9984ae62d98d2bff2a79809f7aeadb0f72609c3ef397eb1189c05643fdba801e382429e3ddc0824b7b7ef8ddb5209b9cd91b38b673fdc09de59f4e0f39e849e8e1fa402455d098a8b9efd3e88222a8df5202efbae30a994ef709266d6a80cd02247f7124a177cde7a390db30226146a4f2641f1f05e973522c3b06a0a11bea9a4d69565d5718e57a76f94d0fc6603a573c17519e615a5918bd79d9a798425ecb642126d8e614b6b9816dc589f0570453cf543c544847b97381e3d3931006590e2c213e30893d08469c6ed7e4f90c4d0ac4283cd4cc04f6830d1bd64176b71b48e794cf1ed0ef72f869827dbcbd92dae6bb2c659d20fc18335959d17e6c964f959ac4fefec6e81e052bbc7227308b990ab0b23be5438a0a58ab34832a60016d547faa7efba209584539b2098e6eadde822fcf46e8533292fefcba66d706d6c494e45c393b0c37eec4c6fe7f3e24ae4ebfc134d820ce31b433e4adbd2e2b145e5087bb44f6ba6a328bdbd8f0e78adb391249d8f3b2ae4dacc560f231df2609b480176e6c8f7c703c8d37759ea2a196b3acfb61fd222e7ae4e06d0a8355f0309a47db121e1386e45b101413975040f3c694323cb9b8031c6edb0c16eff36ee1a041d0df21a6084c3251146dfd2"}, [0x6, 0x4, 0x4, 0x9, 0x4, 0x8d, 0x7f, 0xff, 0xffffffff, 0x1, 0x100, 0x80, 0x6, 0x1, 0x4, 0x3f, 0x80000000, 0x8, 0xba05, 0x2, 0x7, 0x79, 0xaeb, 0x1, 0x1f, 0x1, 0x0, 0x4000000000, 0x81, 0x6, 0x0, 0x4, 0x200, 0xff, 0x9, 0x7, 0x5, 0x5, 0x508, 0x25cd, 0x0, 0xfff, 0x3, 0x8, 0x3, 0x0, 0x0, 0x6, 0x3, 0x5, 0x8, 0x40, 0x8, 0xfff, 0x9, 0x48000000000, 0xfffffffffffffffc, 0x4a, 0x100, 0x2, 0x5, 0x9, 0xe294, 0x7]}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000400)={0x0, 0x3, 0x6, @dev}, 0x10) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f00000002c0)={'erspan0\x00', &(0x7f0000000e00)={'syztnl2\x00', 0x0, 0x60, 0x8007, 0x3, 0x6, {{0x3c, 0x4, 0x2, 0x3e, 0xf0, 0x68, 0x0, 0x40, 0x29, 0x0, @multicast2, @loopback, {[@ssrr={0x89, 0x27, 0x34, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @private=0xa010101, @multicast1, @dev={0xac, 0x14, 0x14, 0x1b}, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ssrr={0x89, 0xf, 0x7b, [@local, @private=0xa010100, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_addr={0x44, 0x4c, 0x3c, 0x1, 0xf, [{@rand_addr=0x64010101, 0x20}, {@multicast1, 0x16dde288}, {@rand_addr=0x64010101, 0x6}, {@local, 0xffff}, {@remote, 0x2}, {@multicast1, 0x7fff}, {@broadcast, 0x2}, {@loopback, 0x8}, {@dev={0xac, 0x14, 0x14, 0x31}, 0xa45}]}, @timestamp_addr={0x44, 0x14, 0x49, 0x1, 0x7, [{@loopback, 0x1800}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x1000}]}, @noop, @noop, @timestamp_prespec={0x44, 0x34, 0xa2, 0x3, 0xd, [{@multicast1, 0x20}, {@remote, 0x4ba5}, {@remote, 0x900}, {@multicast2, 0x7fffffff}, {@private=0xa010100, 0x100}, {@empty, 0x3}]}, @ra={0x94, 0x4}, @rr={0x7, 0xb, 0xd3, [@multicast1, @rand_addr=0x64010101]}]}}}}}) getsockname$packet(r4, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r4, 0x89fa, &(0x7f0000000fc0)={'ip6tnl0\x00', &(0x7f0000000f40)={'syztnl2\x00', 0x0, 0x29, 0x5, 0x0, 0x7, 0x40, @dev={0xfe, 0x80, '\x00', 0x29}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x0, 0x8, 0x8, 0xd04}}) getpeername$packet(0xffffffffffffffff, &(0x7f0000001000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001040)=0x14) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001080)={0x308, 0x0, 0x423, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x308}, 0x1, 0x0, 0x0, 0x40004}, 0x20000000) 20:05:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xf, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x34000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 306.437332][T30066] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 306.438473][T30067] loop3: detected capacity change from 0 to 4101 [ 306.461717][T30068] loop4: detected capacity change from 0 to 4101 20:05:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:20 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 306.486647][T30081] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 306.488320][T30068] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 306.519078][T30067] FAULT_INJECTION: forcing a failure. [ 306.519078][T30067] name failslab, interval 1, probability 0, space 0, times 0 20:05:20 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x400300, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 306.531712][T30067] CPU: 1 PID: 30067 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 306.542108][T30067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.554467][T30067] Call Trace: [ 306.557918][T30067] dump_stack+0x137/0x19d [ 306.563561][T30067] should_fail+0x23c/0x250 [ 306.569163][T30067] ? __es_insert_extent+0x51f/0xe70 [ 306.576536][T30067] __should_failslab+0x81/0x90 20:05:20 executing program 1: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 306.577351][T30092] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 306.582988][T30067] should_failslab+0x5/0x20 [ 306.583036][T30067] kmem_cache_alloc+0x46/0x2f0 [ 306.601558][T30068] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 306.603927][T30067] __es_insert_extent+0x51f/0xe70 20:05:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 306.611215][T30068] ext4_test_bit(bit=16, block=18) = 1 [ 306.611226][T30068] is_bad_inode(inode)=0 [ 306.611230][T30068] NEXT_ORPHAN(inode)=29447707 [ 306.611234][T30068] max_ino=32 [ 306.611238][T30068] i_nlink=144 [ 306.634363][T30068] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 306.641462][T30067] ? ext4_ext_map_blocks+0x10a8/0x1f00 [ 306.641491][T30067] ext4_es_insert_extent+0x1bb/0x19d0 [ 306.641521][T30067] ? percpu_counter_add_batch+0x69/0xd0 [ 306.711580][T30067] ? ext4_es_lookup_extent+0x206/0x490 [ 306.721793][T30067] ext4_map_blocks+0xa4c/0xef0 [ 306.728625][T30067] ext4_getblk+0xb1/0x3d0 [ 306.735736][T30067] ext4_bread+0x28/0x130 [ 306.742028][T30067] ext4_append+0xd1/0x1c0 [ 306.749603][T30067] ext4_init_new_dir+0x177/0x500 [ 306.758477][T30067] ext4_mkdir+0x329/0x760 [ 306.765299][T30067] vfs_mkdir+0x2a4/0x370 [ 306.765703][T30111] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 306.771724][T30067] do_mkdirat+0x11d/0x200 [ 306.771753][T30067] __x64_sys_mkdir+0x32/0x40 [ 306.804512][T30067] do_syscall_64+0x4a/0x90 [ 306.811053][T30067] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 306.819762][T30067] RIP: 0033:0x4656e7 [ 306.825592][T30067] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 306.862243][T30067] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 306.877527][T30067] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7 [ 306.890375][T30067] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040 [ 306.904116][T30067] RBP: 00007f0b5e2d0040 R08: 0000000000000000 R09: ffffffffffffffff [ 306.916719][T30067] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 306.926792][T30067] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 306.939707][T30067] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 306.951300][T30067] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 306.961784][T30067] ext4_test_bit(bit=16, block=18) = 1 [ 306.967303][T30067] is_bad_inode(inode)=0 [ 306.971489][T30067] NEXT_ORPHAN(inode)=29447707 [ 306.976179][T30067] max_ino=32 [ 306.979376][T30067] i_nlink=144 20:05:21 executing program 3 (fault-call:0 fault-nth:48): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:21 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:21 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x1000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:21 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:21 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r2 = socket(0x10, 0x2, 0x0) write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0', [{0x20, 'memory.events\x00'}, {}, {0x20, 'memory.events\x00'}, {0x20, '/\xaf\'#:b!$*%%^{'}, {0x20, '-]\\(#'}, {0x20, 'memory.events\x00'}, {0x20, 'memory.events\x00'}, {0x20, '['}], 0xa, "f3edaf361bc7165e44456583bf83e61e3a7f4b00683d23ef0c1092eb10f76c9347729ddd66d8"}, 0x84) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) ioctl$BTRFS_IOC_GET_FEATURES(r2, 0x80189439, &(0x7f0000000000)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 306.983463][T30067] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x2000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:21 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) write$binfmt_elf64(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c460663000700000100000000000200030008000000c3000000000000004000000000000000a0008000000000ff0f0000000800380002000400050005000500000009000000fefffeffffffffff04000000000000005c00000000000000ff00000000000000ff0f000000000000050000000000000000000060050000000600000000000000ff00000000000000ccf0000000000000000100000000000000000080ffffffff0800000000000000a0a3355df5a427d14bf1369d92fc654a95ff3911261429424e995584e834751add452a"], 0xd3) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 307.036171][T30127] loop4: detected capacity change from 0 to 4101 [ 307.051307][T30133] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 307.062663][T30127] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:21 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:21 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 307.108217][T30127] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 307.118611][T30127] ext4_test_bit(bit=16, block=18) = 1 [ 307.124005][T30127] is_bad_inode(inode)=0 [ 307.128166][T30127] NEXT_ORPHAN(inode)=29447707 [ 307.132845][T30127] max_ino=32 [ 307.136091][T30127] i_nlink=144 20:05:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x3000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 307.158853][T30150] loop3: detected capacity change from 0 to 4101 [ 307.167578][T30127] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 307.179898][T30150] FAULT_INJECTION: forcing a failure. [ 307.179898][T30150] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.192996][T30150] CPU: 1 PID: 30150 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 20:05:21 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 307.201761][T30150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.208362][T30159] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 307.211806][T30150] Call Trace: [ 307.211815][T30150] dump_stack+0x137/0x19d [ 307.231346][T30150] should_fail+0x23c/0x250 [ 307.235768][T30150] should_fail_usercopy+0x16/0x20 [ 307.240804][T30150] _copy_from_user+0x1c/0xd0 [ 307.245419][T30150] strndup_user+0xb0/0x120 [ 307.249899][T30150] __se_sys_mount+0x4e/0x2e0 [ 307.254497][T30150] ? mntput+0x45/0x70 [ 307.258481][T30150] ? __fpregs_load_activate+0x103/0x1b0 [ 307.264129][T30150] __x64_sys_mount+0x63/0x70 [ 307.268721][T30150] do_syscall_64+0x4a/0x90 [ 307.273182][T30150] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 307.279084][T30150] RIP: 0033:0x467afa [ 307.283018][T30150] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 307.302736][T30150] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 307.311180][T30150] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 307.319688][T30150] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 307.327683][T30150] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 307.335700][T30150] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 307.343653][T30150] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:21 executing program 3 (fault-call:0 fault-nth:49): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x4000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:21 executing program 0: set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:21 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='freezer.state\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x5000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 307.450197][T30180] loop4: detected capacity change from 0 to 4101 [ 307.458297][T30193] loop3: detected capacity change from 0 to 4101 [ 307.475937][T30193] FAULT_INJECTION: forcing a failure. [ 307.475937][T30193] name failslab, interval 1, probability 0, space 0, times 0 [ 307.476112][T30180] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 307.488589][T30193] CPU: 1 PID: 30193 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 307.506437][T30193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.516534][T30193] Call Trace: [ 307.518843][T30180] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 307.519813][T30193] dump_stack+0x137/0x19d [ 307.530159][T30180] ext4_test_bit(bit=16, block=18) = 1 [ 307.534472][T30193] should_fail+0x23c/0x250 [ 307.539862][T30180] is_bad_inode(inode)=0 20:05:21 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:21 executing program 0: set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 307.544207][T30193] ? __se_sys_mount+0x91/0x2e0 [ 307.548376][T30180] NEXT_ORPHAN(inode)=29447707 [ 307.553087][T30193] __should_failslab+0x81/0x90 [ 307.557753][T30180] max_ino=32 [ 307.562477][T30193] should_failslab+0x5/0x20 [ 307.565662][T30180] i_nlink=144 [ 307.570124][T30193] __kmalloc_track_caller+0x64/0x340 [ 307.578643][T30193] ? strnlen_user+0x137/0x1c0 [ 307.583313][T30193] strndup_user+0x73/0x120 [ 307.587744][T30193] __se_sys_mount+0x91/0x2e0 [ 307.592376][T30193] __x64_sys_mount+0x63/0x70 20:05:21 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x6000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 307.596971][T30193] do_syscall_64+0x4a/0x90 [ 307.601391][T30193] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 307.607554][T30193] RIP: 0033:0x467afa [ 307.611518][T30193] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 307.632600][T30193] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 307.641215][T30193] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa 20:05:21 executing program 0: set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 307.649189][T30193] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 307.657447][T30193] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 307.665430][T30193] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 307.673681][T30193] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 307.686354][T30180] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:22 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x7000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:22 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x12, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:22 executing program 3 (fault-call:0 fault-nth:50): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:22 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x18, 0x17, {0x6, 0x8, @l2={'eth', 0x3a, 'erspan0\x00'}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4004004}, 0x4000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:22 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:22 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 308.046656][T30234] loop3: detected capacity change from 0 to 4101 [ 308.047457][T30235] loop4: detected capacity change from 0 to 4101 [ 308.061520][T30234] FAULT_INJECTION: forcing a failure. [ 308.061520][T30234] name failslab, interval 1, probability 0, space 0, times 0 [ 308.074159][T30234] CPU: 1 PID: 30234 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 308.082942][T30234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.093014][T30234] Call Trace: 20:05:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x9000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 308.096312][T30234] dump_stack+0x137/0x19d [ 308.100637][T30234] should_fail+0x23c/0x250 [ 308.105063][T30234] ? __se_sys_mount+0x91/0x2e0 [ 308.109836][T30234] __should_failslab+0x81/0x90 [ 308.114595][T30234] should_failslab+0x5/0x20 [ 308.119182][T30234] __kmalloc_track_caller+0x64/0x340 [ 308.124470][T30234] ? strnlen_user+0x137/0x1c0 [ 308.129373][T30234] strndup_user+0x73/0x120 [ 308.133989][T30234] __se_sys_mount+0x91/0x2e0 [ 308.138609][T30234] ? mntput+0x45/0x70 20:05:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x22000000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:22 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, r5, 0x0) r6 = socket(0x10, 0x2, 0x0) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000200)={{{@in=@rand_addr=0x400, @in6=@private1, 0x4e20, 0x7f, 0x4e24, 0x8611, 0xa, 0x80, 0x20, 0x73, 0x0, r4}, {0xffffffff00000001, 0x9, 0x0, 0x2, 0x1, 0xfff, 0x5, 0xb0e}, {0x4, 0x8, 0x8, 0x18}, 0x7fffffff, 0x6e6bbc, 0x0, 0x1, 0x1, 0x3}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d2, 0x2b}, 0x2, @in=@multicast2, 0x0, 0x3, 0x2, 0xa8, 0x0, 0x2, 0x6}}, 0xe8) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, r8, 0x0) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') setsockopt$inet_MCAST_LEAVE_GROUP(r9, 0x0, 0x2d, &(0x7f0000000100)={0x80000001, {{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x15}}}}, 0x88) preadv(r9, &(0x7f0000000500), 0x37d, 0x0, 0x0) r10 = fsmount(r1, 0x1, 0x5) write$cgroup_subtree(r10, &(0x7f0000000080)=ANY=[@ANYRES16=r2, @ANYRES16=r8, @ANYRES32, @ANYRESHEX=r7, @ANYRES32=r9], 0xffffffffffffffe1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 308.142608][T30234] ? __fpregs_load_activate+0x103/0x1b0 [ 308.148164][T30234] __x64_sys_mount+0x63/0x70 [ 308.152755][T30234] do_syscall_64+0x4a/0x90 [ 308.157168][T30234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 308.163135][T30234] RIP: 0033:0x467afa [ 308.167019][T30234] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 308.185091][T30235] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 308.186712][T30234] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 308.186734][T30234] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 308.212351][T30234] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 308.220410][T30234] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 308.223299][T30235] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 308.228502][T30234] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 20:05:22 executing program 3 (fault-call:0 fault-nth:51): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:22 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 308.228518][T30234] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 308.254998][T30235] ext4_test_bit(bit=16, block=18) = 1 [ 308.260374][T30235] is_bad_inode(inode)=0 [ 308.264514][T30235] NEXT_ORPHAN(inode)=29447707 [ 308.269319][T30235] max_ino=32 [ 308.272687][T30235] i_nlink=144 [ 308.286819][T30235] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 308.326879][T30270] loop3: detected capacity change from 0 to 4101 [ 308.334622][T30270] FAULT_INJECTION: forcing a failure. [ 308.334622][T30270] name failslab, interval 1, probability 0, space 0, times 0 [ 308.347356][T30270] CPU: 1 PID: 30270 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 308.356116][T30270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.366151][T30270] Call Trace: [ 308.369423][T30270] dump_stack+0x137/0x19d [ 308.373732][T30270] should_fail+0x23c/0x250 [ 308.378144][T30270] __should_failslab+0x81/0x90 [ 308.382888][T30270] ? __se_sys_mount+0xf2/0x2e0 [ 308.387629][T30270] should_failslab+0x5/0x20 [ 308.392112][T30270] kmem_cache_alloc_trace+0x49/0x310 [ 308.397396][T30270] ? _copy_from_user+0x94/0xd0 [ 308.402197][T30270] __se_sys_mount+0xf2/0x2e0 [ 308.406892][T30270] ? mntput+0x45/0x70 [ 308.410913][T30270] ? __fpregs_load_activate+0x103/0x1b0 [ 308.416454][T30270] __x64_sys_mount+0x63/0x70 [ 308.421022][T30270] do_syscall_64+0x4a/0x90 [ 308.425416][T30270] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 308.431556][T30270] RIP: 0033:0x467afa [ 308.435447][T30270] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 308.455461][T30270] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 308.464028][T30270] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 308.472046][T30270] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 308.480394][T30270] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 308.488463][T30270] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 308.496680][T30270] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x80040000, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:22 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:22 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x15, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:22 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = socket(0x8, 0x2, 0x200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) splice(r1, &(0x7f0000000140)=0x81, r2, &(0x7f0000000180)=0x10000, 0x3, 0x6) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) r4 = accept4$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000200)=0x1c, 0x80800) r5 = syz_open_dev$vcsu(&(0x7f0000000080), 0x1b4, 0x3a1000) copy_file_range(r4, 0x0, r5, &(0x7f0000000100)=0x4, 0xffffffffffff7fff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:22 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x0, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:22 executing program 3 (fault-call:0 fault-nth:52): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x8cffffff, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 308.915564][T30288] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 308.927943][T30292] loop3: detected capacity change from 0 to 4101 [ 308.934394][T30289] loop4: detected capacity change from 0 to 4101 20:05:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x0, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x0, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 308.961338][T30292] FAULT_INJECTION: forcing a failure. [ 308.961338][T30292] name failslab, interval 1, probability 0, space 0, times 0 [ 308.974037][T30292] CPU: 1 PID: 30292 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 308.979618][T30310] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 308.982793][T30292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.982805][T30292] Call Trace: [ 308.982812][T30292] dump_stack+0x137/0x19d [ 309.011496][T30292] should_fail+0x23c/0x250 [ 309.015984][T30292] __should_failslab+0x81/0x90 [ 309.020760][T30292] ? __se_sys_mount+0xf2/0x2e0 [ 309.025591][T30292] should_failslab+0x5/0x20 [ 309.030099][T30292] kmem_cache_alloc_trace+0x49/0x310 [ 309.035405][T30292] ? _copy_from_user+0x94/0xd0 [ 309.040171][T30292] __se_sys_mount+0xf2/0x2e0 [ 309.042916][T30316] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 309.044756][T30292] ? mntput+0x45/0x70 20:05:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 309.044780][T30292] ? __fpregs_load_activate+0x103/0x1b0 [ 309.065289][T30292] __x64_sys_mount+0x63/0x70 [ 309.067399][T30289] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 309.069882][T30292] do_syscall_64+0x4a/0x90 [ 309.083384][T30292] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 309.089324][T30292] RIP: 0033:0x467afa [ 309.093214][T30292] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 309.093901][T30289] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 309.113225][T30292] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 309.113247][T30292] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 309.113259][T30292] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 309.113269][T30292] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 20:05:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x9effffff, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:23 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(r1, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 309.113278][T30292] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 309.113289][T30292] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 309.123617][T30289] ext4_test_bit(bit=16, block=18) = 1 [ 309.175301][T30319] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 309.177317][T30289] is_bad_inode(inode)=0 [ 309.177324][T30289] NEXT_ORPHAN(inode)=29447707 [ 309.197362][T30289] max_ino=32 [ 309.200549][T30289] i_nlink=144 20:05:23 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x16, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 309.204073][T30289] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 309.300538][T30340] loop4: detected capacity change from 0 to 4101 [ 309.312586][T30340] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 309.323369][T30340] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 309.333951][T30340] ext4_test_bit(bit=16, block=18) = 1 [ 309.339525][T30340] is_bad_inode(inode)=0 [ 309.343818][T30340] NEXT_ORPHAN(inode)=29447707 [ 309.348667][T30340] max_ino=32 [ 309.352292][T30340] i_nlink=144 [ 309.355774][T30340] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:23 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:23 executing program 1: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r1 = openat$cgroup_int(r0, &(0x7f0000000000)='cpuset.sched_load_balance\x00', 0x2, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x8) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xb74d69c4, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:23 executing program 3 (fault-call:0 fault-nth:53): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:23 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x17, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xc4694db7, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 309.823254][T30361] loop3: detected capacity change from 0 to 4101 [ 309.823350][T30357] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 309.833264][T30361] FAULT_INJECTION: forcing a failure. [ 309.833264][T30361] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 309.853719][T30361] CPU: 1 PID: 30361 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 309.862583][T30361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 20:05:24 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f0000000080)='cpu.stat\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 309.864833][T30359] loop4: detected capacity change from 0 to 4101 [ 309.872719][T30361] Call Trace: [ 309.872728][T30361] dump_stack+0x137/0x19d [ 309.886679][T30361] should_fail+0x23c/0x250 [ 309.891277][T30361] should_fail_usercopy+0x16/0x20 [ 309.896326][T30361] _copy_from_user+0x1c/0xd0 [ 309.901028][T30361] __se_sys_mount+0x115/0x2e0 [ 309.905711][T30361] ? mntput+0x45/0x70 [ 309.909792][T30361] ? __fpregs_load_activate+0x103/0x1b0 [ 309.915419][T30361] __x64_sys_mount+0x63/0x70 [ 309.920004][T30361] do_syscall_64+0x4a/0x90 [ 309.924417][T30361] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 309.930329][T30361] RIP: 0033:0x467afa [ 309.934218][T30361] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 309.953895][T30361] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 309.962391][T30361] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, 0x0, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 309.970351][T30361] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 309.978535][T30361] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 309.986551][T30361] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 309.994507][T30361] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 310.007477][T30361] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, 0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.040533][T30361] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 310.050970][T30361] ext4_test_bit(bit=16, block=18) = 1 [ 310.056360][T30361] is_bad_inode(inode)=0 [ 310.060508][T30361] NEXT_ORPHAN(inode)=29447707 [ 310.065190][T30361] max_ino=32 [ 310.066132][T30383] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 310.068554][T30361] i_nlink=144 [ 310.068849][T30361] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:24 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = dup(r1) write$cgroup_int(r2, &(0x7f0000000000)=0x7, 0x12) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xeaffffff, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:24 executing program 3 (fault-call:0 fault-nth:54): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 310.115429][T30359] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 310.142741][T30359] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 310.153308][T30359] ext4_test_bit(bit=16, block=18) = 1 [ 310.158722][T30359] is_bad_inode(inode)=0 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300), 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 310.162866][T30359] NEXT_ORPHAN(inode)=29447707 [ 310.167552][T30359] max_ino=32 [ 310.170743][T30359] i_nlink=144 [ 310.189922][T30359] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x18, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xefffffff, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.219212][T30406] loop3: detected capacity change from 0 to 4101 [ 310.233442][T30410] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 310.256025][T30406] FAULT_INJECTION: forcing a failure. [ 310.256025][T30406] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 310.269173][T30406] CPU: 1 PID: 30406 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 310.277972][T30406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.288030][T30406] Call Trace: [ 310.291314][T30406] dump_stack+0x137/0x19d [ 310.295651][T30406] should_fail+0x23c/0x250 [ 310.300073][T30406] should_fail_usercopy+0x16/0x20 [ 310.305111][T30406] strncpy_from_user+0x21/0x250 [ 310.309972][T30406] getname_flags+0xb8/0x3d0 [ 310.314559][T30406] ? should_fail+0xd6/0x250 [ 310.319057][T30406] user_path_at_empty+0x28/0x50 [ 310.323917][T30406] __se_sys_mount+0x209/0x2e0 [ 310.328593][T30406] ? mntput+0x45/0x70 [ 310.332589][T30406] ? __fpregs_load_activate+0x103/0x1b0 [ 310.333675][T30424] loop4: detected capacity change from 0 to 4101 [ 310.338196][T30406] __x64_sys_mount+0x63/0x70 [ 310.338218][T30406] do_syscall_64+0x4a/0x90 [ 310.338237][T30406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 310.359426][T30406] RIP: 0033:0x467afa [ 310.363305][T30406] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 310.382900][T30406] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 310.391345][T30406] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 310.399316][T30406] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 310.407275][T30406] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000), 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300), 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xf0ffffff, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 310.415227][T30406] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 310.423180][T30406] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:24 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='memory.stat\x00', 0x7a05, 0x1700) open(&(0x7f0000000000)='./file0\x00', 0x80, 0x10) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300), 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:24 executing program 3 (fault-call:0 fault-nth:55): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 310.473631][T30436] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 310.500286][T30424] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.538159][T30424] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 310.554066][T30424] ext4_test_bit(bit=16, block=18) = 1 [ 310.561194][T30424] is_bad_inode(inode)=0 [ 310.567261][T30424] NEXT_ORPHAN(inode)=29447707 [ 310.574271][T30424] max_ino=32 [ 310.578681][T30424] i_nlink=144 20:05:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xffffff7f, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x19, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:24 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0x6141, 0x2c100) mkdirat$cgroup(r2, &(0x7f0000000040)='syz1\x00', 0x1ff) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x103000, 0x0) openat$cgroup_ro(r3, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 310.592714][T30453] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 310.617552][T30456] loop3: detected capacity change from 0 to 4101 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.638628][T30456] FAULT_INJECTION: forcing a failure. [ 310.638628][T30456] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 310.657013][T30456] CPU: 1 PID: 30456 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 310.669299][T30456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.683201][T30456] Call Trace: [ 310.687739][T30456] dump_stack+0x137/0x19d 20:05:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xffffff8c, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.693039][T30456] should_fail+0x23c/0x250 [ 310.699932][T30456] should_fail_usercopy+0x16/0x20 [ 310.706136][T30456] strncpy_from_user+0x21/0x250 [ 310.712543][T30456] getname_flags+0xb8/0x3d0 [ 310.718010][T30456] ? should_fail+0xd6/0x250 [ 310.724463][T30456] user_path_at_empty+0x28/0x50 [ 310.730701][T30456] __se_sys_mount+0x209/0x2e0 [ 310.736142][T30456] ? mntput+0x45/0x70 20:05:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 310.740698][T30456] ? __fpregs_load_activate+0x103/0x1b0 [ 310.748009][T30456] __x64_sys_mount+0x63/0x70 [ 310.754275][T30456] do_syscall_64+0x4a/0x90 [ 310.759295][T30456] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 310.767475][T30456] RIP: 0033:0x467afa 20:05:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xffffff9e, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 310.772781][T30456] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 310.795541][T30456] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 310.803148][T30482] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 310.806252][T30456] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 310.806269][T30456] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 310.806279][T30456] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 20:05:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:24 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.806290][T30456] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 310.852135][T30456] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:25 executing program 3 (fault-call:0 fault-nth:56): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:25 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400009) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 310.898004][T30492] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 310.942943][T30508] loop4: detected capacity change from 0 to 4101 [ 310.970455][T30513] loop3: detected capacity change from 0 to 4101 [ 310.970485][T30508] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 310.980869][T30513] FAULT_INJECTION: forcing a failure. [ 310.980869][T30513] name failslab, interval 1, probability 0, space 0, times 0 [ 310.998599][T30513] CPU: 1 PID: 30513 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 311.007351][T30513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.017405][T30513] Call Trace: [ 311.020683][T30513] dump_stack+0x137/0x19d [ 311.022709][T30508] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 311.025118][T30513] should_fail+0x23c/0x250 [ 311.025140][T30513] __should_failslab+0x81/0x90 [ 311.035501][T30508] ext4_test_bit(bit=16, block=18) = 1 [ 311.039861][T30513] ? legacy_init_fs_context+0x2d/0x70 [ 311.044686][T30508] is_bad_inode(inode)=0 [ 311.044694][T30508] NEXT_ORPHAN(inode)=29447707 [ 311.050223][T30513] should_failslab+0x5/0x20 [ 311.050274][T30513] kmem_cache_alloc_trace+0x49/0x310 [ 311.055725][T30508] max_ino=32 [ 311.059841][T30513] ? kmem_cache_alloc_trace+0x215/0x310 [ 311.064947][T30508] i_nlink=144 [ 311.069433][T30513] ? alloc_fs_context+0x46/0x500 20:05:25 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xffffffea, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:25 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000100)={{0xa, 0x4e22, 0x6, @local, 0x400}, {0xa, 0x4e23, 0x8000, @mcast2, 0x8}, 0x8, [0x2, 0x1ff, 0xd8b2, 0x80, 0x80000001, 0x4, 0x4, 0x13]}, 0x5c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x2) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) openat$cgroup_ro(r3, &(0x7f0000000000)='devices.list\x00', 0x0, 0x0) r4 = eventfd(0x3) preadv(r4, &(0x7f0000002780)=[{&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f0000000180)=""/146, 0x92}, {&(0x7f0000000240)=""/148, 0x94}, {&(0x7f00000023c0)=""/211, 0xd3}, {&(0x7f00000024c0)=""/251, 0xfb}, {&(0x7f0000000300)=""/52, 0x34}, {&(0x7f00000025c0)=""/244, 0xf4}, {&(0x7f00000026c0)=""/158, 0x9e}], 0x9, 0x74ee, 0x4) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 311.091741][T30513] legacy_init_fs_context+0x2d/0x70 [ 311.096944][T30513] alloc_fs_context+0x419/0x500 [ 311.101882][T30513] fs_context_for_mount+0x1d/0x20 [ 311.106916][T30513] path_mount+0xdf5/0x1ce0 [ 311.111325][T30513] __se_sys_mount+0x23d/0x2e0 [ 311.116007][T30513] ? mntput+0x45/0x70 [ 311.120027][T30513] ? __fpregs_load_activate+0x103/0x1b0 [ 311.125589][T30513] __x64_sys_mount+0x63/0x70 [ 311.130178][T30513] do_syscall_64+0x4a/0x90 [ 311.134707][T30513] entry_SYSCALL_64_after_hwframe+0x44/0xae 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 311.140602][T30513] RIP: 0033:0x467afa [ 311.144491][T30513] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 311.164235][T30513] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 311.172642][T30513] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 311.180688][T30513] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 20:05:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 311.188662][T30513] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 311.196089][T30536] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 311.196623][T30513] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 311.215577][T30513] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:25 executing program 3 (fault-call:0 fault-nth:57): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xffffffef, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x0]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 311.297857][T30556] loop4: detected capacity change from 0 to 4101 [ 311.325332][T30556] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 311.336178][T30556] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 311.346567][T30556] ext4_test_bit(bit=16, block=18) = 1 [ 311.351934][T30556] is_bad_inode(inode)=0 [ 311.356111][T30556] NEXT_ORPHAN(inode)=29447707 [ 311.360780][T30556] max_ino=32 [ 311.363988][T30556] i_nlink=144 [ 311.365912][T30568] loop3: detected capacity change from 0 to 4101 [ 311.380909][T30568] FAULT_INJECTION: forcing a failure. [ 311.380909][T30568] name failslab, interval 1, probability 0, space 0, times 0 20:05:25 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1b, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:25 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r2, 0x400c6615, &(0x7f0000000000)={0x0, @aes256, 0x0, @desc3}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0xfffffff0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x0]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) [ 311.393581][T30568] CPU: 1 PID: 30568 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 311.402343][T30568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.412443][T30568] Call Trace: [ 311.415728][T30568] dump_stack+0x137/0x19d [ 311.420130][T30568] should_fail+0x23c/0x250 [ 311.424542][T30568] ? vfs_parse_fs_string+0x5e/0xc0 [ 311.429649][T30568] __should_failslab+0x81/0x90 [ 311.434460][T30568] should_failslab+0x5/0x20 [ 311.438972][T30568] __kmalloc_track_caller+0x64/0x340 [ 311.444277][T30568] kmemdup_nul+0x27/0x70 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x0]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 311.448601][T30568] vfs_parse_fs_string+0x5e/0xc0 [ 311.453535][T30568] path_mount+0xf99/0x1ce0 [ 311.457946][T30568] __se_sys_mount+0x23d/0x2e0 [ 311.462686][T30568] ? mntput+0x45/0x70 [ 311.466736][T30568] ? __fpregs_load_activate+0x103/0x1b0 [ 311.472505][T30568] __x64_sys_mount+0x63/0x70 [ 311.477103][T30568] do_syscall_64+0x4a/0x90 [ 311.481529][T30568] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 311.487461][T30568] RIP: 0033:0x467afa 20:05:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 311.491364][T30568] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 311.511426][T30568] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 311.520084][T30568] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 311.529211][T30568] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 311.538671][T30568] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 311.549877][T30568] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 311.561130][T30568] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 20:05:25 executing program 3 (fault-call:0 fault-nth:58): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x2, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 311.621947][T30611] loop4: detected capacity change from 0 to 4101 [ 311.674370][T30611] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 311.685257][T30620] loop3: detected capacity change from 0 to 4101 [ 311.697239][T30611] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 311.708414][T30620] FAULT_INJECTION: forcing a failure. [ 311.708414][T30620] name failslab, interval 1, probability 0, space 0, times 0 [ 311.715464][T30611] ext4_test_bit(bit=16, block=18) = 1 [ 311.734576][T30620] CPU: 0 PID: 30620 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 311.743314][T30611] is_bad_inode(inode)=0 [ 311.757618][T30620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.757634][T30620] Call Trace: [ 311.757641][T30620] dump_stack+0x137/0x19d [ 311.764572][T30611] NEXT_ORPHAN(inode)=29447707 [ 311.780122][T30620] should_fail+0x23c/0x250 [ 311.780146][T30620] ? vfs_parse_fs_string+0x5e/0xc0 [ 311.784579][T30611] max_ino=32 [ 311.790901][T30620] __should_failslab+0x81/0x90 [ 311.798749][T30611] i_nlink=144 [ 311.805504][T30620] should_failslab+0x5/0x20 [ 311.847395][T30620] __kmalloc_track_caller+0x64/0x340 [ 311.858734][T30620] kmemdup_nul+0x27/0x70 [ 311.867655][T30620] vfs_parse_fs_string+0x5e/0xc0 [ 311.876594][T30620] path_mount+0xf99/0x1ce0 [ 311.886956][T30620] __se_sys_mount+0x23d/0x2e0 [ 311.894113][T30620] ? mntput+0x45/0x70 [ 311.901098][T30620] ? __fpregs_load_activate+0x103/0x1b0 [ 311.909951][T30620] __x64_sys_mount+0x63/0x70 [ 311.917732][T30620] do_syscall_64+0x4a/0x90 [ 311.927965][T30620] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 311.940431][T30620] RIP: 0033:0x467afa [ 311.947976][T30620] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 311.981159][T30620] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 311.994200][T30620] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 312.005280][T30620] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 20:05:25 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x22, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:25 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x8000001000400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$binfmt_script(r0, &(0x7f0000000200)={'#! ', './file0', [{}, {0x20, 'memory.events\x00'}, {0x20, '/}\\+'}, {}, {0x20, 'memory.events\x00'}, {0x20, 'memory.events\x00'}], 0xa, "dde3fc92260a9e200deba3d83549653bc3076a6bb0f7e0b4b4ac19498c3a2750fddba7e8a2350110fb799ad166dcae19834699fc254c9e275c8e53168f7602e18d18bc12a9c86f58af819285b8444bb6369fcefe2ae3d489de9f51b9342458155b97fd29e34061ec2825d37fb1ab9aca6eb1427b343798e11e56def76338d9a28b5d2e6bf8d942f41396567a5438f553e444cda917bb13de37217dff172a75258b78"}, 0xe1) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r3 = dup3(r2, r1, 0x80000) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x50, r3, 0xa340b000) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0, 0x0) r5 = io_uring_setup(0x7667, &(0x7f0000000000)={0x0, 0x8f5f, 0x8, 0x2, 0x1f5, 0x0, r1}) copy_file_range(r4, 0x0, r5, 0x0, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:25 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x3, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:26 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0xc0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:26 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x4, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:26 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:26 executing program 3 (fault-call:0 fault-nth:59): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000000)='devices.list\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 312.016975][T30620] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 312.030055][T30620] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 312.040624][T30620] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 312.099104][T30660] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 312.136423][T30666] loop3: detected capacity change from 0 to 4101 [ 312.148421][T30666] FAULT_INJECTION: forcing a failure. [ 312.148421][T30666] name failslab, interval 1, probability 0, space 0, times 0 [ 312.165321][T30666] CPU: 0 PID: 30666 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 312.176096][T30666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.196190][T30666] Call Trace: [ 312.200421][T30670] loop4: detected capacity change from 0 to 4101 [ 312.200549][T30666] dump_stack+0x137/0x19d [ 312.215856][T30666] should_fail+0x23c/0x250 [ 312.223004][T30666] ? ext4_mount+0x40/0x40 [ 312.229229][T30666] ? getname_kernel+0x37/0x1d0 [ 312.236887][T30666] __should_failslab+0x81/0x90 [ 312.242302][T30666] should_failslab+0x5/0x20 [ 312.247171][T30666] kmem_cache_alloc+0x46/0x2f0 [ 312.252027][T30666] ? avc_has_perm_noaudit+0x19a/0x240 [ 312.257862][T30666] ? ext4_mount+0x40/0x40 [ 312.262359][T30666] getname_kernel+0x37/0x1d0 [ 312.266968][T30666] ? ext4_mount+0x40/0x40 [ 312.271539][T30666] kern_path+0x19/0x40 [ 312.275694][T30666] blkdev_get_by_path+0x54/0x1b0 [ 312.280698][T30666] mount_bdev+0x47/0x290 [ 312.284924][T30666] ? ext4_errno_to_code+0x110/0x110 [ 312.290114][T30666] ext4_mount+0x2d/0x40 [ 312.294286][T30666] legacy_get_tree+0x70/0xc0 [ 312.298860][T30666] vfs_get_tree+0x4a/0x1a0 [ 312.303329][T30666] path_mount+0x11d4/0x1ce0 [ 312.307842][T30666] __se_sys_mount+0x23d/0x2e0 [ 312.312584][T30666] ? mntput+0x45/0x70 [ 312.316549][T30666] ? __fpregs_load_activate+0x8f/0x1b0 [ 312.322126][T30666] __x64_sys_mount+0x63/0x70 [ 312.326694][T30666] do_syscall_64+0x4a/0x90 [ 312.331201][T30666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 312.337078][T30666] RIP: 0033:0x467afa [ 312.340953][T30666] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 312.360551][T30666] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 312.368944][T30666] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 312.376914][T30666] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 312.384874][T30666] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 312.392940][T30666] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 312.400989][T30666] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 312.415950][T30670] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 312.425611][T30670] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 312.436121][T30670] ext4_test_bit(bit=16, block=18) = 1 [ 312.441507][T30670] is_bad_inode(inode)=0 [ 312.445699][T30670] NEXT_ORPHAN(inode)=29447707 20:05:26 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x25, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:26 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x5, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:26 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:26 executing program 3 (fault-call:0 fault-nth:60): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 312.450371][T30670] max_ino=32 [ 312.453541][T30670] i_nlink=144 [ 312.457169][T30670] EXT4-fs mount: 4 callbacks suppressed [ 312.457180][T30670] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:26 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:26 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x6, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(r0, &(0x7f0000000340)='cgroup.stat\x00', 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x300a2100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x7, 0x1, 0x3, 0x0, 0x0, {0x3}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x44000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x5, 0x4, 0xffffff00) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000300)=0x40000) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r3) socketpair(0x3, 0xa, 0x30, &(0x7f00000002c0)={0xffffffffffffffff}) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3000008, 0x4010, r5, 0xa8551000) sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x6c, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0x12, 0x1, 'memory.events\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @NLBL_MGMT_A_DOMAIN={0x12, 0x1, 'memory.events\x00'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1}]}, 0x6c}}, 0x0) [ 312.542319][T30691] loop3: detected capacity change from 0 to 4101 [ 312.568843][T30691] FAULT_INJECTION: forcing a failure. [ 312.568843][T30691] name failslab, interval 1, probability 0, space 0, times 0 [ 312.584155][T30691] CPU: 1 PID: 30691 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 312.594741][T30691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.608366][T30691] Call Trace: [ 312.612476][T30691] dump_stack+0x137/0x19d [ 312.617891][T30691] should_fail+0x23c/0x250 [ 312.624767][T30691] ? ext4_mount+0x40/0x40 [ 312.629941][T30691] ? getname_kernel+0x37/0x1d0 [ 312.635945][T30691] __should_failslab+0x81/0x90 20:05:26 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{0x1, 0x7}, {}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 312.642495][T30691] should_failslab+0x5/0x20 [ 312.648204][T30691] kmem_cache_alloc+0x46/0x2f0 [ 312.654954][T30691] ? avc_has_perm_noaudit+0x19a/0x240 [ 312.657699][T30714] loop4: detected capacity change from 0 to 4101 [ 312.662689][T30691] ? ext4_mount+0x40/0x40 [ 312.676634][T30691] getname_kernel+0x37/0x1d0 [ 312.682502][T30691] ? ext4_mount+0x40/0x40 [ 312.687912][T30691] kern_path+0x19/0x40 20:05:26 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x7, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 312.693293][T30691] blkdev_get_by_path+0x54/0x1b0 [ 312.699716][T30691] mount_bdev+0x47/0x290 [ 312.705430][T30691] ? ext4_errno_to_code+0x110/0x110 [ 312.713103][T30691] ext4_mount+0x2d/0x40 [ 312.718639][T30691] legacy_get_tree+0x70/0xc0 [ 312.724053][T30691] vfs_get_tree+0x4a/0x1a0 [ 312.729234][T30691] path_mount+0x11d4/0x1ce0 [ 312.734807][T30691] __se_sys_mount+0x23d/0x2e0 [ 312.740046][T30691] ? mntput+0x45/0x70 [ 312.744489][T30691] ? __fpregs_load_activate+0x103/0x1b0 [ 312.751011][T30691] __x64_sys_mount+0x63/0x70 [ 312.756596][T30691] do_syscall_64+0x4a/0x90 [ 312.761660][T30691] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 312.768508][T30691] RIP: 0033:0x467afa [ 312.772575][T30691] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 312.794970][T30691] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 312.803463][T30691] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 312.811426][T30691] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 312.819420][T30691] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 312.827374][T30691] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 312.835326][T30691] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 312.859854][T30714] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 312.869565][T30714] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 312.880239][T30714] ext4_test_bit(bit=16, block=18) = 1 [ 312.885713][T30714] is_bad_inode(inode)=0 [ 312.889855][T30714] NEXT_ORPHAN(inode)=29447707 [ 312.894510][T30714] max_ino=32 [ 312.897863][T30714] i_nlink=144 20:05:27 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:27 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:27 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x9, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:27 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) r2 = dup(r0) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 312.902957][T30714] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:27 executing program 3 (fault-call:0 fault-nth:61): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:27 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x22, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:27 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 313.002816][T30763] loop3: detected capacity change from 0 to 4101 [ 313.011926][T30762] loop4: detected capacity change from 0 to 4101 [ 313.036258][T30763] FAULT_INJECTION: forcing a failure. [ 313.036258][T30763] name failslab, interval 1, probability 0, space 0, times 0 [ 313.048925][T30763] CPU: 1 PID: 30763 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 313.057686][T30763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.067920][T30763] Call Trace: [ 313.071200][T30763] dump_stack+0x137/0x19d [ 313.075531][T30763] should_fail+0x23c/0x250 [ 313.080141][T30763] __should_failslab+0x81/0x90 [ 313.084915][T30763] ? alloc_super+0x3a/0x520 [ 313.084946][T30777] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:27 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:27 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, 0x0) [ 313.089483][T30763] should_failslab+0x5/0x20 [ 313.105018][T30763] kmem_cache_alloc_trace+0x49/0x310 [ 313.110309][T30763] ? __blkdev_get+0x8c/0x6c0 [ 313.114957][T30763] ? disk_block_events+0x94/0xd0 [ 313.119930][T30763] ? mount_bdev+0x290/0x290 [ 313.124454][T30763] alloc_super+0x3a/0x520 [ 313.128780][T30763] ? mount_bdev+0x290/0x290 [ 313.133352][T30763] sget+0x1a5/0x400 [ 313.137231][T30763] ? test_bdev_super+0x30/0x30 [ 313.142040][T30763] mount_bdev+0xd3/0x290 [ 313.146283][T30763] ? ext4_mount+0x40/0x40 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x300, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 313.150615][T30763] ? ext4_errno_to_code+0x110/0x110 [ 313.154174][T30785] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 313.155865][T30763] ext4_mount+0x2d/0x40 [ 313.171060][T30763] legacy_get_tree+0x70/0xc0 [ 313.175654][T30763] vfs_get_tree+0x4a/0x1a0 [ 313.180079][T30763] path_mount+0x11d4/0x1ce0 [ 313.184576][T30763] __se_sys_mount+0x23d/0x2e0 [ 313.189286][T30763] ? mntput+0x45/0x70 [ 313.193430][T30763] ? __fpregs_load_activate+0x103/0x1b0 [ 313.199083][T30763] __x64_sys_mount+0x63/0x70 [ 313.203780][T30763] do_syscall_64+0x4a/0x90 [ 313.208182][T30763] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 313.214128][T30763] RIP: 0033:0x467afa [ 313.218003][T30763] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 313.237598][T30763] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 313.245992][T30763] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa 20:05:27 executing program 1: r0 = syz_open_dev$vcsn(&(0x7f0000000080), 0x1000, 0x340000) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="b7ca485d19630000000007"], 0x1c}}, 0x0) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r1, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x76}, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x3f}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x20008041) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="f4420000", @ANYRES16=r1, @ANYBLOB="000226bd7000fddbdf25520000000c009900000000004a00000010002a002a01003e01013e0101030109050089001f0000000400cf00060048005100000006004800010000009e002a00263a1b8300eec551e4e733d35b26a9ddcc13988e56eaa37d9e977e582662476e900f9bbe76acdac7217fd70d74a436459e9ace1cccfdea44922428c93754200191670e2171a029ac75fb8c65620dc35e5f9c749d304cc4d909f6ef2fe5095c5ebf7b8709d99d6485964d537521385c94e62d3fd5aabc12db4306382f84a145c84a13503e84950b7c1d97f7f53964da820300bd06ffffffffffff00000a000600080211000001000020002a002d1a40001000000008000000001f0005000400000001000900000003"], 0x118}, 0x1, 0x0, 0x0, 0x4000}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40086602, 0x400009) ioctl$BLKIOMIN(r2, 0x1278, &(0x7f0000000040)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r4 = fcntl$dupfd(r3, 0x406, 0xffffffffffffffff) openat$cgroup_ro(r4, &(0x7f0000000000)='cgroup.events\x00', 0x0, 0x0) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) r5 = dup(r0) openat$cgroup_ro(r5, &(0x7f0000000380)='memory.stat\x00', 0x7a05, 0x1700) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000480), 0x20000, 0x0) ioctl$FS_IOC_SETVERSION(r6, 0x40087602, &(0x7f00000004c0)=0x5) fsync(r3) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 313.253943][T30763] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 313.261894][T30763] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 313.269844][T30763] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 313.277888][T30763] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 313.314208][T30762] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 313.334352][T30762] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 313.344837][T30762] ext4_test_bit(bit=16, block=18) = 1 [ 313.350205][T30762] is_bad_inode(inode)=0 [ 313.354342][T30762] NEXT_ORPHAN(inode)=29447707 [ 313.359154][T30762] max_ino=32 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x480, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:27 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x32, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:27 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = semget$private(0x0, 0x2, 0x633) semtimedop(r1, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(r1, &(0x7f0000000040)=[{0x1, 0x7}, {0x0, 0x0, 0x3000}], 0x2) r2 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r2, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r2, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:27 executing program 3 (fault-call:0 fault-nth:62): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:27 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x240040, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r2, 0x6005}, {}, {r3, 0xa000}], 0x3, &(0x7f0000000200)={0x0, 0x3938700}, &(0x7f0000000240)={[0x489]}, 0x8) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400009) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x81, 0x3, 0x2, 0x6, 0x0, 0x8d, 0x1, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x4, @perf_bp={&(0x7f0000000000), 0xc}, 0xd232, 0x80000001, 0xfca, 0x2, 0x1, 0x100, 0xff, 0x0, 0x100, 0x0, 0x7}, 0x0, 0x2, 0xffffffffffffffff, 0xa) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 313.362342][T30762] i_nlink=144 [ 313.384114][T30762] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 313.458102][T30817] loop3: detected capacity change from 0 to 4101 [ 313.469787][T30817] FAULT_INJECTION: forcing a failure. [ 313.469787][T30817] name failslab, interval 1, probability 0, space 0, times 0 [ 313.482526][T30817] CPU: 0 PID: 30817 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 313.491345][T30817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.501419][T30817] Call Trace: [ 313.504723][T30817] dump_stack+0x137/0x19d [ 313.509061][T30817] should_fail+0x23c/0x250 [ 313.513474][T30817] ? __list_lru_init+0x70/0x680 [ 313.518387][T30817] __should_failslab+0x81/0x90 [ 313.523172][T30817] should_failslab+0x5/0x20 [ 313.527733][T30817] __kmalloc+0x66/0x340 [ 313.531886][T30817] ? prealloc_memcg_shrinker+0x444/0x460 [ 313.537524][T30817] __list_lru_init+0x70/0x680 [ 313.542228][T30817] alloc_super+0x490/0x520 [ 313.546641][T30817] ? mount_bdev+0x290/0x290 [ 313.551152][T30817] sget+0x1a5/0x400 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x500, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x600, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:27 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = fsmount(r0, 0x0, 0x2) copy_file_range(r0, &(0x7f0000000000)=0x5, r1, &(0x7f0000000080)=0x80000000, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') mmap$perf(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x93a565140d4b9aaa, 0x4010, r0, 0x80000001) preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) r3 = openat$cgroup_ro(r1, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) close_range(r2, r3, 0x2) 20:05:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x700, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 313.554950][T30817] ? test_bdev_super+0x30/0x30 [ 313.559720][T30817] mount_bdev+0xd3/0x290 [ 313.564023][T30817] ? ext4_mount+0x40/0x40 [ 313.568357][T30817] ? ext4_errno_to_code+0x110/0x110 [ 313.573931][T30817] ext4_mount+0x2d/0x40 [ 313.578505][T30817] legacy_get_tree+0x70/0xc0 [ 313.583256][T30817] vfs_get_tree+0x4a/0x1a0 [ 313.587708][T30817] path_mount+0x11d4/0x1ce0 [ 313.592231][T30817] __se_sys_mount+0x23d/0x2e0 [ 313.596956][T30817] ? mntput+0x45/0x70 [ 313.601098][T30817] ? __fpregs_load_activate+0x103/0x1b0 [ 313.606719][T30817] __x64_sys_mount+0x63/0x70 [ 313.611389][T30817] do_syscall_64+0x4a/0x90 [ 313.615803][T30817] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 313.621737][T30817] RIP: 0033:0x467afa [ 313.625669][T30817] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 313.628568][T30816] loop4: detected capacity change from 0 to 4101 [ 313.646560][T30817] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 313.646639][T30817] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 313.646649][T30817] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 313.646658][T30817] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 313.646668][T30817] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 313.693804][T30817] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 313.725733][T30816] EXT4-fs: failed to create workqueue [ 313.731268][T30816] EXT4-fs (loop4): mount failed 20:05:28 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 20:05:28 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0) r2 = socket(0x1d, 0x5, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) dup3(r1, r2, 0x0) r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x37, 0x12) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x900, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x48, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 314.037744][T30872] loop4: detected capacity change from 0 to 4101 [ 314.059980][T30872] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 314.071474][T30872] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 314.081960][T30872] ext4_test_bit(bit=16, block=18) = 1 [ 314.087344][T30872] is_bad_inode(inode)=0 [ 314.091492][T30872] NEXT_ORPHAN(inode)=29447707 [ 314.096200][T30872] max_ino=32 [ 314.099415][T30872] i_nlink=144 [ 314.102774][T30872] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x2200, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:28 executing program 3 (fault-call:0 fault-nth:63): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:28 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x6c00}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:28 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x60480, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e24, @empty}, {0x2, 0x4e22, @private=0xa010100}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x401, 0x2}) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, 0x2, 0x7, 0x3, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0xe66b}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x200}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x100000001}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x4081) 20:05:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4a, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x8004, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 314.342289][T30898] loop3: detected capacity change from 0 to 4101 [ 314.353899][T30899] loop4: detected capacity change from 0 to 4101 [ 314.372129][T30898] FAULT_INJECTION: forcing a failure. [ 314.372129][T30898] name failslab, interval 1, probability 0, space 0, times 0 [ 314.384796][T30898] CPU: 0 PID: 30898 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 314.393562][T30898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.403761][T30898] Call Trace: [ 314.407043][T30898] dump_stack+0x137/0x19d [ 314.411363][T30898] should_fail+0x23c/0x250 [ 314.415778][T30898] ? __list_lru_init+0x70/0x680 [ 314.420757][T30898] __should_failslab+0x81/0x90 [ 314.425516][T30898] should_failslab+0x5/0x20 [ 314.430398][T30898] __kmalloc+0x66/0x340 [ 314.434618][T30898] ? prealloc_memcg_shrinker+0x444/0x460 [ 314.440241][T30898] __list_lru_init+0x70/0x680 [ 314.444940][T30898] alloc_super+0x490/0x520 [ 314.449342][T30898] ? mount_bdev+0x290/0x290 [ 314.453837][T30898] sget+0x1a5/0x400 [ 314.457668][T30898] ? test_bdev_super+0x30/0x30 [ 314.462411][T30898] mount_bdev+0xd3/0x290 [ 314.466660][T30898] ? ext4_mount+0x40/0x40 [ 314.470977][T30898] ? ext4_errno_to_code+0x110/0x110 [ 314.476161][T30898] ext4_mount+0x2d/0x40 [ 314.480368][T30898] legacy_get_tree+0x70/0xc0 [ 314.485033][T30898] vfs_get_tree+0x4a/0x1a0 [ 314.489463][T30898] path_mount+0x11d4/0x1ce0 [ 314.493956][T30898] __se_sys_mount+0x23d/0x2e0 [ 314.498681][T30898] ? mntput+0x45/0x70 [ 314.502671][T30898] ? __fpregs_load_activate+0x103/0x1b0 [ 314.508201][T30898] __x64_sys_mount+0x63/0x70 [ 314.512778][T30898] do_syscall_64+0x4a/0x90 [ 314.517181][T30898] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 314.523311][T30898] RIP: 0033:0x467afa [ 314.527293][T30898] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 314.547117][T30898] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 314.555908][T30898] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 314.564046][T30898] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 314.572348][T30898] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 314.580549][T30898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 20:05:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x30000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:28 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x810, 0xffffffffffffffff, 0xbb2c5000) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x3b52) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r2 = syz_io_uring_complete(0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000000)=0xffffffff) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000040)={0x8000, 0x1, 0x9, 0x81, 0x40}, 0x14) write(r2, &(0x7f0000000200)="7fc6939d69e7bbaadb3bada8e0eedc7380883570bd1e5ac092c4bd5b2e33f955c0a98dfec2057a1a3a14cf82b27105b3300728b1d1563454f01700b26fef40cf336721092f35f322e34fa330c240c2b0b1a24377422f2c4671e3f9beb3585cb64372bdaf242785233d78680c2206fbc5eb9b17e44b3e2c9228b31eeb88d7e97cb8818521835e28b1b0a7178be7b0441472233e2219b363c8df33f604252847f823475625d45b3c26f7b75502d457898a69d46a08839f8cad5ddbc80d01b132129e7d1d5a8b12233fcd0846368df629b0dae24223357981425f49df3b0c644de4cb7d6a0981233b24be24f5beb9e0942175c5ced3", 0xf4) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 314.588649][T30898] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 314.605622][T30899] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 314.623093][T30899] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 314.635419][T30899] ext4_test_bit(bit=16, block=18) = 1 [ 314.643309][T30899] is_bad_inode(inode)=0 [ 314.649478][T30899] NEXT_ORPHAN(inode)=29447707 [ 314.655179][T30899] max_ino=32 [ 314.659679][T30899] i_nlink=144 [ 314.685625][T30899] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:28 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 20:05:28 executing program 3 (fault-call:0 fault-nth:64): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:28 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x2040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4c, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:28 executing program 0 (fault-call:2 fault-nth:0): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:28 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x34000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 314.916600][T30942] loop3: detected capacity change from 0 to 4101 [ 314.922882][T30946] FAULT_INJECTION: forcing a failure. [ 314.922882][T30946] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 314.928834][T30942] FAULT_INJECTION: forcing a failure. [ 314.928834][T30942] name failslab, interval 1, probability 0, space 0, times 0 20:05:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x400300, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 314.942827][T30946] CPU: 0 PID: 30946 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 314.967618][T30946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.967631][T30946] Call Trace: [ 314.967638][T30946] dump_stack+0x137/0x19d [ 314.967659][T30946] should_fail+0x23c/0x250 [ 314.967796][T30946] should_fail_usercopy+0x16/0x20 20:05:29 executing program 3 (fault-call:0 fault-nth:65): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:29 executing program 0 (fault-call:2 fault-nth:1): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:29 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x56, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 314.967809][T30946] _copy_from_user+0x1c/0xd0 [ 314.967867][T30946] perf_copy_attr+0x156/0x650 [ 314.967884][T30946] __se_sys_perf_event_open+0xb6/0x2740 [ 314.967898][T30946] ? vfs_write+0x50c/0x770 [ 314.967911][T30946] __x64_sys_perf_event_open+0x63/0x70 [ 314.967925][T30946] do_syscall_64+0x4a/0x90 [ 314.967941][T30946] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 314.967983][T30946] RIP: 0033:0x4665d9 [ 314.967995][T30946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 314.968008][T30946] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 314.968022][T30946] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 314.968031][T30946] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 314.968040][T30946] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 314.968048][T30946] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 314.968056][T30946] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 314.968067][T30942] CPU: 1 PID: 30942 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 314.968144][T30942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.968152][T30942] Call Trace: [ 314.968156][T30942] dump_stack+0x137/0x19d [ 314.968173][T30942] should_fail+0x23c/0x250 [ 314.968186][T30942] __should_failslab+0x81/0x90 [ 314.968204][T30942] should_failslab+0x5/0x20 [ 314.968248][T30942] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 314.968266][T30942] ? __list_lru_init+0x70/0x680 [ 314.968324][T30942] ? __kmalloc_node+0x30/0x40 [ 314.968346][T30942] __kmalloc_node+0x30/0x40 [ 314.968363][T30942] kvmalloc_node+0x81/0xf0 [ 314.968377][T30942] __list_lru_init+0x2d7/0x680 [ 314.968393][T30942] alloc_super+0x490/0x520 [ 314.968408][T30942] ? mount_bdev+0x290/0x290 [ 314.968442][T30942] sget+0x1a5/0x400 [ 314.968455][T30942] ? test_bdev_super+0x30/0x30 [ 314.968471][T30942] mount_bdev+0xd3/0x290 [ 314.968537][T30942] ? ext4_mount+0x40/0x40 [ 314.968557][T30942] ? ext4_errno_to_code+0x110/0x110 [ 314.968575][T30942] ext4_mount+0x2d/0x40 [ 314.968594][T30942] legacy_get_tree+0x70/0xc0 [ 314.968615][T30942] vfs_get_tree+0x4a/0x1a0 [ 314.968678][T30942] path_mount+0x11d4/0x1ce0 [ 314.968692][T30942] __se_sys_mount+0x23d/0x2e0 [ 314.968753][T30942] ? mntput+0x45/0x70 [ 314.968771][T30942] ? __fpregs_load_activate+0x103/0x1b0 [ 314.968795][T30942] __x64_sys_mount+0x63/0x70 [ 314.968810][T30942] do_syscall_64+0x4a/0x90 [ 314.968829][T30942] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 314.968858][T30942] RIP: 0033:0x467afa [ 314.968931][T30942] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 314.968973][T30942] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 314.968990][T30942] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 314.969002][T30942] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 314.969013][T30942] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 314.969024][T30942] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 314.969033][T30942] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 315.011204][T30948] loop4: detected capacity change from 0 to 4101 [ 315.035535][T30948] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 315.047217][T30948] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 315.047239][T30948] ext4_test_bit(bit=16, block=18) = 1 [ 315.047247][T30948] is_bad_inode(inode)=0 [ 315.047282][T30948] NEXT_ORPHAN(inode)=29447707 [ 315.047365][T30948] max_ino=32 [ 315.047370][T30948] i_nlink=144 [ 315.047387][T30948] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 315.082365][T30967] loop3: detected capacity change from 0 to 4101 [ 315.096659][T30967] FAULT_INJECTION: forcing a failure. [ 315.096659][T30967] name failslab, interval 1, probability 0, space 0, times 0 [ 315.117193][T30971] FAULT_INJECTION: forcing a failure. [ 315.117193][T30971] name failslab, interval 1, probability 0, space 0, times 0 [ 315.122675][T30967] CPU: 0 PID: 30967 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 315.122694][T30967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 20:05:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x1000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 315.122713][T30967] Call Trace: [ 315.122720][T30967] dump_stack+0x137/0x19d [ 315.487690][T30967] should_fail+0x23c/0x250 [ 315.487713][T30967] __should_failslab+0x81/0x90 [ 315.487776][T30967] should_failslab+0x5/0x20 [ 315.487794][T30967] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 315.487812][T30967] ? __list_lru_init+0x70/0x680 [ 315.487868][T30967] ? __kmalloc_node+0x30/0x40 [ 315.487882][T30967] __kmalloc_node+0x30/0x40 20:05:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x2000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 315.487959][T30967] kvmalloc_node+0x81/0xf0 [ 315.487971][T30967] __list_lru_init+0x2d7/0x680 [ 315.487985][T30967] alloc_super+0x4bf/0x520 [ 315.488067][T30967] ? mount_bdev+0x290/0x290 [ 315.488099][T30967] sget+0x1a5/0x400 [ 315.488111][T30967] ? test_bdev_super+0x30/0x30 [ 315.488125][T30967] mount_bdev+0xd3/0x290 [ 315.488138][T30967] ? ext4_mount+0x40/0x40 [ 315.488155][T30967] ? ext4_errno_to_code+0x110/0x110 [ 315.488203][T30967] ext4_mount+0x2d/0x40 [ 315.488264][T30967] legacy_get_tree+0x70/0xc0 [ 315.488282][T30967] vfs_get_tree+0x4a/0x1a0 [ 315.488296][T30967] path_mount+0x11d4/0x1ce0 [ 315.488435][T30967] __se_sys_mount+0x23d/0x2e0 [ 315.488447][T30967] ? mntput+0x45/0x70 [ 315.488462][T30967] ? __fpregs_load_activate+0x103/0x1b0 [ 315.488536][T30967] __x64_sys_mount+0x63/0x70 [ 315.488552][T30967] do_syscall_64+0x4a/0x90 [ 315.488568][T30967] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 315.488586][T30967] RIP: 0033:0x467afa [ 315.488603][T30967] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 315.488616][T30967] RSP: 002b:00007f0b5e2cffa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 315.488632][T30967] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa [ 315.488641][T30967] RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007f0b5e2d0000 [ 315.488650][T30967] RBP: 00007f0b5e2d0040 R08: 00007f0b5e2d0040 R09: 0000000020000000 [ 315.488658][T30967] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 315.488667][T30967] R13: 0000000020000040 R14: 00007f0b5e2d0000 R15: 0000000020000080 [ 315.488678][T30971] CPU: 1 PID: 30971 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 315.488696][T30971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.488705][T30971] Call Trace: [ 315.488710][T30971] dump_stack+0x137/0x19d 20:05:29 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:29 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x6000, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) sendfile(r0, r2, &(0x7f0000000100)=0x3, 0x4) socket$inet_icmp(0x2, 0x2, 0x1) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x8580, 0x0) r3 = syz_io_uring_complete(0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, 0x0) 20:05:29 executing program 0 (fault-call:2 fault-nth:2): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x3000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 315.488728][T30971] should_fail+0x23c/0x250 [ 315.488816][T30971] __should_failslab+0x81/0x90 [ 315.488832][T30971] should_failslab+0x5/0x20 [ 315.488849][T30971] kmem_cache_alloc_node+0x58/0x2b0 [ 315.488888][T30971] ? cred_has_capability+0x1af/0x210 [ 315.488905][T30971] ? perf_event_alloc+0x160/0x1790 [ 315.488919][T30971] perf_event_alloc+0x160/0x1790 [ 315.488932][T30971] __se_sys_perf_event_open+0x5c7/0x2740 [ 315.488947][T30971] ? vfs_write+0x50c/0x770 [ 315.488959][T30971] __x64_sys_perf_event_open+0x63/0x70 [ 315.488973][T30971] do_syscall_64+0x4a/0x90 [ 315.489043][T30971] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 315.489116][T30971] RIP: 0033:0x4665d9 [ 315.489128][T30971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 315.489144][T30971] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 315.489160][T30971] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 20:05:29 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x4000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 315.489172][T30971] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 315.489182][T30971] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 315.489192][T30971] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 315.489201][T30971] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 315.563733][T30982] loop4: detected capacity change from 0 to 4101 [ 315.813061][T30995] FAULT_INJECTION: forcing a failure. [ 315.813061][T30995] name failslab, interval 1, probability 0, space 0, times 0 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x5000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 315.879259][T30982] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 315.883928][T30995] CPU: 0 PID: 30995 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 315.901756][T30995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.911801][T30995] Call Trace: [ 315.915085][T30995] dump_stack+0x137/0x19d [ 315.919519][T30995] should_fail+0x23c/0x250 [ 315.924007][T30995] ? perf_uprobe_init+0x45/0x140 [ 315.928949][T30995] __should_failslab+0x81/0x90 [ 315.933935][T30995] should_failslab+0x5/0x20 [ 315.934330][T30982] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 315.938508][T30995] __kmalloc_track_caller+0x64/0x340 [ 315.938532][T30995] ? strnlen_user+0x137/0x1c0 [ 315.938546][T30995] strndup_user+0x73/0x120 [ 315.938562][T30995] perf_uprobe_init+0x45/0x140 [ 315.938582][T30995] perf_uprobe_event_init+0xde/0x140 [ 315.938621][T30995] perf_try_init_event+0x21a/0x400 [ 315.938637][T30995] perf_event_alloc+0xa60/0x1790 20:05:30 executing program 5 (fault-call:4 fault-nth:0): clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) [ 315.938654][T30995] __se_sys_perf_event_open+0x5c7/0x2740 [ 315.938671][T30995] ? vfs_write+0x50c/0x770 [ 315.938686][T30995] __x64_sys_perf_event_open+0x63/0x70 [ 315.938703][T30995] do_syscall_64+0x4a/0x90 [ 315.949176][T30982] ext4_test_bit(bit=16, block=18) = 1 [ 315.954428][T30995] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 315.959102][T30982] is_bad_inode(inode)=0 [ 315.963466][T30995] RIP: 0033:0x4665d9 [ 315.968219][T30982] NEXT_ORPHAN(inode)=29447707 [ 315.973455][T30995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 315.978581][T30982] max_ino=32 [ 315.983459][T30995] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 [ 315.989088][T30982] i_nlink=144 [ 315.993463][T30995] ORIG_RAX: 000000000000012a [ 315.993472][T30995] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 315.993481][T30995] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 20:05:30 executing program 0 (fault-call:2 fault-nth:3): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x6000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:30 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x60, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 315.993490][T30995] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 316.009512][T30982] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 316.014607][T30995] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 316.014622][T30995] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:30 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = socket(0x10, 0x2, 0x0) r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x101200, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000180)) openat$cgroup_ro(r1, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0}, &(0x7f0000cab000)=0xc) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x6e, 0x29, 0xa6, 0x7, 0x0, 0x1000, 0x20000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0x6}, 0xc080, 0xffffffffffffff01, 0x5, 0x9, 0xc775, 0x4, 0xfb6a, 0x0, 0x3ff, 0x0, 0x3f}, r4, 0x4, r0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[@ANYRESHEX, @ANYBLOB="371102c6ea2e18d405eb1ca3e3e288eacb9a8c36b0caf6337c3d8b10826021a35237eba2a4db17e56232618ac1926d65247668762ef8164af0b1aaa4e4a462778b281dc8c0084fb39a80290f94f30396015ce9c9b44d110e8219b550162da30ff512556a41486d022b43edf8fbb29da2e460a1805d9afccb838048b5f51448311607fe0c03ed9c4298c5839bb2e4c220e1b6cb9e0d5fa4023db8b37d90a1b63f903866ba4f27d557f85714f603b4a0fec35ccfb57dab9fe0806581d01f5d8994622eff28", @ANYRES64, @ANYRESOCT, @ANYBLOB="a9d51822f7aa861cc2a3baa527fbf674c84e4f96de34d18085de30f88e40fbd7bff8e18c", @ANYRES32=r2], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:30 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x7000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 316.200169][T31040] FAULT_INJECTION: forcing a failure. [ 316.200169][T31040] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 316.213437][T31040] CPU: 1 PID: 31040 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 316.222203][T31040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.232387][T31040] Call Trace: [ 316.235669][T31040] dump_stack+0x137/0x19d [ 316.240077][T31040] should_fail+0x23c/0x250 [ 316.240216][T31041] loop3: detected capacity change from 0 to 4101 [ 316.244534][T31040] should_fail_usercopy+0x16/0x20 [ 316.244560][T31040] _copy_from_user+0x1c/0xd0 [ 316.260443][T31040] strndup_user+0xb0/0x120 [ 316.264901][T31040] perf_uprobe_init+0x45/0x140 [ 316.269663][T31040] perf_uprobe_event_init+0xde/0x140 [ 316.274932][T31040] perf_try_init_event+0x21a/0x400 [ 316.280038][T31040] perf_event_alloc+0xa60/0x1790 [ 316.284958][T31040] __se_sys_perf_event_open+0x5c7/0x2740 [ 316.290571][T31040] ? vfs_write+0x50c/0x770 [ 316.295021][T31040] __x64_sys_perf_event_open+0x63/0x70 [ 316.300475][T31040] do_syscall_64+0x4a/0x90 [ 316.305087][T31040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 316.310968][T31040] RIP: 0033:0x4665d9 [ 316.314886][T31040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 316.334522][T31040] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x9000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 316.342951][T31040] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 316.351204][T31040] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 316.359161][T31040] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 316.367143][T31040] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 316.375109][T31040] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:30 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x7, 0x11, &(0x7f0000000080)) 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x22000000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 316.399041][T31039] loop4: detected capacity change from 0 to 4101 20:05:30 executing program 0 (fault-call:2 fault-nth:4): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:30 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000200)=""/215, 0xd7}, {&(0x7f0000000000)=""/15, 0xf}, {&(0x7f0000000040)=""/89, 0x59}], 0x3, 0x3, 0x3) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 316.453532][T31039] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 316.462995][T31041] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 316.482731][T31041] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 316.489099][T31074] FAULT_INJECTION: forcing a failure. [ 316.489099][T31074] name failslab, interval 1, probability 0, space 0, times 0 [ 316.493348][T31041] ext4_test_bit(bit=16, block=18) = 1 [ 316.506140][T31074] CPU: 0 PID: 31074 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 316.511780][T31041] is_bad_inode(inode)=0 [ 316.520612][T31074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.520626][T31074] Call Trace: [ 316.520632][T31074] dump_stack+0x137/0x19d [ 316.524969][T31041] NEXT_ORPHAN(inode)=29447707 [ 316.534998][T31074] should_fail+0x23c/0x250 [ 316.538274][T31041] max_ino=32 [ 316.542580][T31074] ? getname_kernel+0x37/0x1d0 [ 316.547244][T31041] i_nlink=144 [ 316.551617][T31074] __should_failslab+0x81/0x90 [ 316.554897][T31041] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 316.559546][T31074] should_failslab+0x5/0x20 [ 316.577687][T31039] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 316.578373][T31074] kmem_cache_alloc+0x46/0x2f0 [ 316.582880][T31039] ext4_test_bit(bit=16, block=18) = 1 [ 316.593205][T31074] ? __next_node_in+0xad/0xe0 [ 316.598146][T31039] is_bad_inode(inode)=0 [ 316.603486][T31074] getname_kernel+0x37/0x1d0 [ 316.608173][T31039] NEXT_ORPHAN(inode)=29447707 [ 316.608180][T31039] max_ino=32 [ 316.608183][T31039] i_nlink=144 [ 316.628372][T31074] kern_path+0x19/0x40 [ 316.628968][T31039] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 316.632450][T31074] create_local_trace_uprobe+0x3f/0x3c0 [ 316.632476][T31074] perf_uprobe_init+0xbe/0x140 [ 316.632492][T31074] perf_uprobe_event_init+0xde/0x140 [ 316.632508][T31074] perf_try_init_event+0x21a/0x400 [ 316.668265][T31074] perf_event_alloc+0xa60/0x1790 [ 316.674358][T31074] __se_sys_perf_event_open+0x5c7/0x2740 [ 316.680687][T31074] ? vfs_write+0x50c/0x770 [ 316.685518][T31074] __x64_sys_perf_event_open+0x63/0x70 [ 316.691400][T31074] do_syscall_64+0x4a/0x90 [ 316.696896][T31074] entry_SYSCALL_64_after_hwframe+0x44/0xae 20:05:30 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x68, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x80040000, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x8cffffff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 316.703746][T31074] RIP: 0033:0x4665d9 [ 316.708016][T31074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 316.732578][T31074] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 316.742462][T31074] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x9effffff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:30 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x8, 0x11, &(0x7f0000000080)) 20:05:30 executing program 0 (fault-call:2 fault-nth:5): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 316.752358][T31074] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 316.760417][T31074] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 316.768739][T31074] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 316.777079][T31074] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:30 executing program 1: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000400)={r2, 0x3, 0x6, @dev}, 0x10) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x602081, 0x0) getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000340)=0x14) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f00000003c0)={r4, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000100)=[{{&(0x7f0000000000)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000040)="b81201aa4f", 0x5}], 0x1, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @loopback, @private=0xa010100}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}, @ip_retopts={{0xac, 0x0, 0x7, {[@lsrr={0x83, 0x27, 0x95, [@multicast2, @empty, @multicast1, @private=0xa010102, @broadcast, @empty, @rand_addr=0x64010102, @multicast1, @remote]}, @timestamp={0x44, 0x10, 0x9, 0x0, 0x2, [0xffffffff, 0x40, 0x3f]}, @generic={0x44, 0x4, "1cc1"}, @ssrr={0x89, 0x1b, 0x9a, [@private=0xa010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x10}, @rand_addr=0x64010102, @remote, @local]}, @cipso={0x86, 0x45, 0x1, [{0x5, 0xd, "ff90fc5b375e6367add4dd"}, {0x6, 0x12, "19c27c0f7d0a8a0f546ddda522d572eb"}, {0x2, 0x12, "b061161259a6f40505f927dcad6b9614"}, {0x2, 0xe, "c79cde01ed39e1ca8eb9f0cb"}]}]}}}], 0x100}}], 0x1, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r5, 0x40086602, 0x400009) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x2, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000400)={r7, 0x3, 0x6, @dev}, 0x10) getsockname$packet(r0, &(0x7f0000000540)={0x11, 0x0, 0x0}, &(0x7f0000000580)=0x14) sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4700b219", @ANYRES16=0x0, @ANYBLOB="000127bd7000fddbdf2503000000050002000100000005000200c50000001c00018008000100", @ANYRES32=r7, @ANYBLOB="080003000300000008000100", @ANYRES32=r8, @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x2}, 0x40) write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xb74d69c4, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:31 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x700, 0x11, &(0x7f0000000080)) [ 316.888141][T31120] loop4: detected capacity change from 0 to 4101 [ 316.888627][T31118] loop3: detected capacity change from 0 to 4101 [ 316.903428][T31128] FAULT_INJECTION: forcing a failure. [ 316.903428][T31128] name failslab, interval 1, probability 0, space 0, times 0 [ 316.914006][T31132] device lo entered promiscuous mode [ 316.916507][T31128] CPU: 1 PID: 31128 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xc4694db7, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 316.930684][T31128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.940754][T31128] Call Trace: [ 316.944037][T31128] dump_stack+0x137/0x19d [ 316.948369][T31128] should_fail+0x23c/0x250 [ 316.952868][T31128] __should_failslab+0x81/0x90 [ 316.957652][T31128] ? proc_self_get_link+0x90/0x100 [ 316.962890][T31128] should_failslab+0x5/0x20 [ 316.967450][T31128] kmem_cache_alloc_trace+0x49/0x310 [ 316.972785][T31128] proc_self_get_link+0x90/0x100 [ 316.977861][T31128] ? proc_setup_self+0x1d0/0x1d0 [ 316.982814][T31128] step_into+0x9b4/0xec0 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xeaffffff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 316.987066][T31128] walk_component+0x190/0x350 [ 316.991859][T31128] link_path_walk+0x4ba/0x780 [ 316.996547][T31128] path_lookupat+0x7b/0x570 [ 317.001123][T31128] filename_lookup+0xff/0x390 [ 317.005798][T31128] ? kmem_cache_alloc+0x201/0x2f0 [ 317.010831][T31128] ? getname_kernel+0x37/0x1d0 [ 317.012887][T31118] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 317.015590][T31128] kern_path+0x2e/0x40 [ 317.015610][T31128] create_local_trace_uprobe+0x3f/0x3c0 [ 317.029300][T31118] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 317.034614][T31128] perf_uprobe_init+0xbe/0x140 [ 317.034641][T31128] perf_uprobe_event_init+0xde/0x140 [ 317.044978][T31118] ext4_test_bit(bit=16, block=18) = 1 [ 317.049765][T31128] perf_try_init_event+0x21a/0x400 [ 317.055062][T31118] is_bad_inode(inode)=0 [ 317.060390][T31128] perf_event_alloc+0xa60/0x1790 [ 317.065510][T31118] NEXT_ORPHAN(inode)=29447707 [ 317.069704][T31128] __se_sys_perf_event_open+0x5c7/0x2740 [ 317.069722][T31128] ? vfs_write+0x50c/0x770 [ 317.069735][T31128] __x64_sys_perf_event_open+0x63/0x70 [ 317.069750][T31128] do_syscall_64+0x4a/0x90 [ 317.074658][T31118] max_ino=32 [ 317.074667][T31118] i_nlink=144 [ 317.099183][T31118] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 317.099503][T31128] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 317.117628][T31120] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 317.122630][T31128] RIP: 0033:0x4665d9 [ 317.134212][T31120] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 317.135585][T31128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 317.135602][T31128] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 317.135621][T31128] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 317.135633][T31128] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 317.135662][T31128] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 317.146003][T31120] ext4_test_bit(bit=16, block=18) = 1 [ 317.165561][T31128] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 317.165578][T31128] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 317.190191][T31128] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 317.198053][T31120] is_bad_inode(inode)=0 [ 317.198060][T31120] NEXT_ORPHAN(inode)=29447707 20:05:31 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x6c, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xefffffff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:31 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x3f00, 0x11, &(0x7f0000000080)) 20:05:31 executing program 0 (fault-call:2 fault-nth:6): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 317.198084][T31120] max_ino=32 [ 317.198089][T31120] i_nlink=144 [ 317.198383][T31120] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 317.205650][T31115] device lo left promiscuous mode 20:05:31 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x0, 0x3, 0x0) sendfile(r3, r2, &(0x7f0000000080)=0x10, 0x319e) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x1f, 0x71, 0xbe, 0x0, 0x9, 0x20024, 0xb, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xaf, 0x1, @perf_config_ext={0x6, 0x40}, 0x4000, 0x8, 0x0, 0x6, 0x8, 0x2, 0x81, 0x0, 0x4, 0x0, 0x83}, 0xffffffffffffffff, 0xc, r2, 0xe) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 317.293723][T31132] device lo entered promiscuous mode [ 317.303204][T31115] device lo left promiscuous mode [ 317.309267][T31162] loop3: detected capacity change from 0 to 4101 [ 317.317235][T31167] FAULT_INJECTION: forcing a failure. [ 317.317235][T31167] name failslab, interval 1, probability 0, space 0, times 0 [ 317.329870][T31167] CPU: 1 PID: 31167 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 317.338746][T31167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.348820][T31167] Call Trace: [ 317.352118][T31167] dump_stack+0x137/0x19d [ 317.356448][T31167] should_fail+0x23c/0x250 [ 317.360937][T31167] __should_failslab+0x81/0x90 [ 317.365699][T31167] ? create_local_trace_uprobe+0xa9/0x3c0 [ 317.371416][T31167] should_failslab+0x5/0x20 [ 317.375919][T31167] kmem_cache_alloc_trace+0x49/0x310 [ 317.381199][T31167] create_local_trace_uprobe+0xa9/0x3c0 [ 317.386819][T31167] perf_uprobe_init+0xbe/0x140 [ 317.391663][T31167] perf_uprobe_event_init+0xde/0x140 [ 317.397019][T31167] perf_try_init_event+0x21a/0x400 [ 317.402141][T31167] perf_event_alloc+0xa60/0x1790 [ 317.407065][T31167] __se_sys_perf_event_open+0x5c7/0x2740 [ 317.412683][T31167] ? vfs_write+0x50c/0x770 [ 317.417085][T31167] __x64_sys_perf_event_open+0x63/0x70 [ 317.422543][T31167] do_syscall_64+0x4a/0x90 [ 317.426987][T31167] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 317.432901][T31167] RIP: 0033:0x4665d9 [ 317.436803][T31167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 317.456402][T31167] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 317.464910][T31167] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 317.472938][T31167] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 317.481429][T31167] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 317.490340][T31167] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 317.498834][T31167] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 317.507988][T31167] trace_uprobe: Failed to allocate trace_uprobe.(-12) [ 317.511080][T31162] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 317.526042][T31162] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 317.537969][T31162] ext4_test_bit(bit=16, block=18) = 1 20:05:31 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0xff7f, 0x11, &(0x7f0000000080)) 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xf0ffffff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:31 executing program 0 (fault-call:2 fault-nth:7): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 317.544396][T31162] is_bad_inode(inode)=0 [ 317.548849][T31162] NEXT_ORPHAN(inode)=29447707 [ 317.554258][T31162] max_ino=32 [ 317.558209][T31162] i_nlink=144 [ 317.562603][T31162] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 317.585555][T31173] loop4: detected capacity change from 0 to 4101 20:05:31 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 317.605550][T31189] FAULT_INJECTION: forcing a failure. [ 317.605550][T31189] name failslab, interval 1, probability 0, space 0, times 0 [ 317.619419][T31189] CPU: 0 PID: 31189 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 317.629492][T31189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.640440][T31189] Call Trace: [ 317.644571][T31189] dump_stack+0x137/0x19d [ 317.649011][T31189] should_fail+0x23c/0x250 20:05:31 executing program 1: ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000140)=@add_del={0x2, &(0x7f0000000100)='veth0_to_hsr\x00'}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) splice(r1, &(0x7f0000000700)=0x1000, r2, &(0x7f0000000740)=0xcc31, 0x401, 0x3) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000600)=ANY=[], 0x32600) r4 = openat$cgroup_freezer_state(r3, &(0x7f0000000180), 0x2, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r4, 0xc400941d, &(0x7f0000000200)={0x0, 0x3, 0x9, 0x1}) setsockopt$inet_int(r3, 0x0, 0x0, &(0x7f0000000080)=0x40, 0x4) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0, 0x0) write$cgroup_subtree(r5, &(0x7f0000000680)={[{0x2d, 'io'}, {0x2d, 'io'}, {0x2b, 'cpu'}, {0x2d, 'rdma'}, {0x2d, 'memory'}]}, 0x1b) openat$cgroup_ro(r0, &(0x7f0000000000)='pids.current\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000600), 0xc081, 0x0) r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000640), 0x3aa00, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000040)) 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xffffff7f, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 317.653737][T31189] ? kzalloc+0x16/0x20 [ 317.658445][T31189] __should_failslab+0x81/0x90 [ 317.663603][T31189] should_failslab+0x5/0x20 [ 317.668153][T31189] __kmalloc+0x66/0x340 [ 317.672347][T31189] kzalloc+0x16/0x20 [ 317.676269][T31189] trace_probe_init+0x41/0x250 [ 317.681102][T31189] create_local_trace_uprobe+0xd1/0x3c0 [ 317.686908][T31189] perf_uprobe_init+0xbe/0x140 [ 317.691791][T31189] perf_uprobe_event_init+0xde/0x140 [ 317.697172][T31189] perf_try_init_event+0x21a/0x400 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xffffff8c, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 317.702813][T31189] perf_event_alloc+0xa60/0x1790 [ 317.709372][T31189] __se_sys_perf_event_open+0x5c7/0x2740 [ 317.716484][T31189] ? vfs_write+0x50c/0x770 [ 317.722615][T31189] __x64_sys_perf_event_open+0x63/0x70 [ 317.731545][T31189] do_syscall_64+0x4a/0x90 [ 317.736377][T31189] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 317.742748][T31189] RIP: 0033:0x4665d9 [ 317.745598][T31173] EXT4-fs: failed to create workqueue [ 317.747692][T31189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 317.747713][T31189] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 [ 317.756784][T31173] EXT4-fs (loop4): mount failed [ 317.780631][T31189] ORIG_RAX: 000000000000012a [ 317.780644][T31189] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 317.780657][T31189] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 317.780669][T31189] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 317.780680][T31189] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 317.841791][T31189] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x74, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xffffff9e, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:31 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x1000000, 0x11, &(0x7f0000000080)) 20:05:31 executing program 0 (fault-call:2 fault-nth:8): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:32 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 317.853582][T31189] trace_uprobe: Failed to allocate trace_uprobe.(-12) 20:05:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xffffffea, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:32 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=0x0) statx(r1, &(0x7f0000000300)='./file0\x00', 0x2000, 0x200, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r4, r5, r3) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 317.949860][T31235] FAULT_INJECTION: forcing a failure. [ 317.949860][T31235] name failslab, interval 1, probability 0, space 0, times 0 [ 317.962547][T31235] CPU: 0 PID: 31235 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 317.971325][T31235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.973147][T31231] loop3: detected capacity change from 0 to 4101 [ 317.981365][T31235] Call Trace: [ 317.981375][T31235] dump_stack+0x137/0x19d [ 317.981400][T31235] should_fail+0x23c/0x250 [ 317.999680][T31235] ? trace_probe_init+0x1bd/0x250 [ 318.004714][T31235] __should_failslab+0x81/0x90 [ 318.009525][T31235] should_failslab+0x5/0x20 [ 318.014050][T31235] __kmalloc_track_caller+0x64/0x340 [ 318.019497][T31235] ? __kmalloc+0x23d/0x340 [ 318.023934][T31235] ? kzalloc+0x16/0x20 [ 318.028060][T31235] kstrdup+0x31/0x70 [ 318.031939][T31235] trace_probe_init+0x1bd/0x250 [ 318.036811][T31235] create_local_trace_uprobe+0xd1/0x3c0 [ 318.042358][T31235] perf_uprobe_init+0xbe/0x140 [ 318.047124][T31235] perf_uprobe_event_init+0xde/0x140 [ 318.052600][T31235] perf_try_init_event+0x21a/0x400 [ 318.057797][T31235] perf_event_alloc+0xa60/0x1790 [ 318.062731][T31235] __se_sys_perf_event_open+0x5c7/0x2740 [ 318.068353][T31235] ? vfs_write+0x50c/0x770 [ 318.072862][T31235] __x64_sys_perf_event_open+0x63/0x70 [ 318.078305][T31235] do_syscall_64+0x4a/0x90 [ 318.082784][T31235] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 318.088661][T31235] RIP: 0033:0x4665d9 [ 318.092667][T31235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 318.112311][T31235] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 318.120811][T31235] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 318.128761][T31235] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 318.136713][T31235] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 318.144668][T31235] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 318.152737][T31235] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 318.160828][T31235] trace_uprobe: Failed to allocate trace_uprobe.(-12) [ 318.169534][T31231] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 318.178811][T31233] loop4: detected capacity change from 0 to 4101 [ 318.190437][T31231] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 20:05:32 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x7000000, 0x11, &(0x7f0000000080)) [ 318.200839][T31231] ext4_test_bit(bit=16, block=18) = 1 [ 318.206219][T31231] is_bad_inode(inode)=0 [ 318.210365][T31231] NEXT_ORPHAN(inode)=29447707 [ 318.215143][T31231] max_ino=32 [ 318.218765][T31231] i_nlink=144 [ 318.228420][T31233] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x5, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xffffffef, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:32 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000440)=0xc) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r0) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x24b6422, &(0x7f0000000280)=ANY=[@ANYBLOB="5d69643ddba91a2ed676de6e69ad5eabb26dce60a8d2bdcf6a840000a85faee582e0b778cf2a55a02b9af6d425b81e8d1150b66a3e", @ANYRESHEX=r2]) r4 = pidfd_getfd(r0, r1, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x6) write$P9_RGETATTR(r0, &(0x7f0000000000)={0xa0, 0x19, 0x2, {0x408, {0x40, 0x0, 0x3}, 0x20, r2, 0xffffffffffffffff, 0x1, 0x1000, 0xad, 0x0, 0x40, 0x71b41a3, 0x7fff, 0x8ac5, 0x52f3f07e, 0x557, 0x73388d3b, 0x6, 0x4, 0x2, 0x7}}, 0xa0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0, 0x0) splice(r6, &(0x7f0000000200)=0x3, r7, &(0x7f0000000240), 0x7fffffff, 0x5) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:32 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x8000000, 0x11, &(0x7f0000000080)) [ 318.240920][T31231] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 318.243031][T31233] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 318.261880][T31233] ext4_test_bit(bit=16, block=18) = 1 [ 318.267373][T31233] is_bad_inode(inode)=0 [ 318.271519][T31233] NEXT_ORPHAN(inode)=29447707 [ 318.276221][T31233] max_ino=32 [ 318.279409][T31233] i_nlink=144 20:05:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x7a, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:32 executing program 0 (fault-call:2 fault-nth:9): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0xfffffff0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 318.341966][T31233] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 318.379302][T31277] loop3: detected capacity change from 0 to 4101 20:05:32 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@empty, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@private}, 0x0, @in6=@private0}}, &(0x7f0000000040)=0xe8) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=@v3={0x3000000, [{0x8, 0x1ff}, {0x10001, 0x400}], r1}, 0x18, 0x3) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 318.397426][T31277] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 318.428916][T31277] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 318.439389][T31277] ext4_test_bit(bit=16, block=18) = 1 20:05:32 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x3f000000, 0x11, &(0x7f0000000080)) [ 318.444773][T31277] is_bad_inode(inode)=0 [ 318.448914][T31277] NEXT_ORPHAN(inode)=29447707 [ 318.453646][T31277] max_ino=32 [ 318.456867][T31277] i_nlink=144 [ 318.460386][T31277] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:32 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x0}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 318.490295][T31296] FAULT_INJECTION: forcing a failure. [ 318.490295][T31296] name failslab, interval 1, probability 0, space 0, times 0 [ 318.502945][T31296] CPU: 0 PID: 31296 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 318.511735][T31296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.521821][T31296] Call Trace: [ 318.525166][T31296] dump_stack+0x137/0x19d [ 318.529519][T31296] should_fail+0x23c/0x250 [ 318.534023][T31296] ? trace_probe_init+0x1e1/0x250 20:05:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x2}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 318.539062][T31296] __should_failslab+0x81/0x90 [ 318.543902][T31296] should_failslab+0x5/0x20 [ 318.544778][T31299] loop4: detected capacity change from 0 to 4101 [ 318.548410][T31296] __kmalloc_track_caller+0x64/0x340 [ 318.560263][T31296] ? trace_probe_init+0x1bd/0x250 [ 318.565472][T31296] kstrdup+0x31/0x70 [ 318.569381][T31296] trace_probe_init+0x1e1/0x250 [ 318.574255][T31296] create_local_trace_uprobe+0xd1/0x3c0 [ 318.579823][T31296] perf_uprobe_init+0xbe/0x140 [ 318.584901][T31296] perf_uprobe_event_init+0xde/0x140 [ 318.591194][T31296] perf_try_init_event+0x21a/0x400 [ 318.597575][T31296] perf_event_alloc+0xa60/0x1790 [ 318.603293][T31296] __se_sys_perf_event_open+0x5c7/0x2740 [ 318.610055][T31296] ? vfs_write+0x50c/0x770 [ 318.615737][T31296] __x64_sys_perf_event_open+0x63/0x70 [ 318.623036][T31296] do_syscall_64+0x4a/0x90 [ 318.629968][T31296] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 318.637130][T31296] RIP: 0033:0x4665d9 [ 318.642246][T31296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 318.673808][T31296] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 318.685020][T31296] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 318.695786][T31296] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 318.706974][T31296] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 318.716436][T31296] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 318.726236][T31296] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:32 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0xff7f0000, 0x11, &(0x7f0000000080)) 20:05:32 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) syz_io_uring_setup(0x3311, &(0x7f0000000000)={0x0, 0xf5de, 0x2, 0x3, 0x12b}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000100)) syz_io_uring_submit(r2, 0x0, &(0x7f0000000180)=@IORING_OP_LINK_TIMEOUT={0xf, 0x2, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}}, 0xfffffffe) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:32 executing program 0 (fault-call:2 fault-nth:10): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 318.736456][T31296] trace_uprobe: Failed to allocate trace_uprobe.(-12) [ 318.759020][T31299] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 318.837183][T31299] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 318.848763][T31299] ext4_test_bit(bit=16, block=18) = 1 [ 318.851911][T31337] loop3: detected capacity change from 0 to 4101 [ 318.854517][T31299] is_bad_inode(inode)=0 [ 318.854525][T31299] NEXT_ORPHAN(inode)=29447707 [ 318.854531][T31299] max_ino=32 [ 318.854536][T31299] i_nlink=144 [ 318.868507][T31340] FAULT_INJECTION: forcing a failure. [ 318.868507][T31340] name failslab, interval 1, probability 0, space 0, times 0 [ 318.884367][T31299] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 318.888982][T31340] CPU: 0 PID: 31340 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 318.889002][T31340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.889011][T31340] Call Trace: [ 318.889018][T31340] dump_stack+0x137/0x19d [ 318.889050][T31340] should_fail+0x23c/0x250 [ 318.930299][T31340] ? create_local_trace_uprobe+0x235/0x3c0 [ 318.936150][T31340] __should_failslab+0x81/0x90 [ 318.940902][T31340] should_failslab+0x5/0x20 [ 318.945440][T31340] __kmalloc_track_caller+0x64/0x340 [ 318.950779][T31340] ? kstrdup+0x4c/0x70 [ 318.954927][T31340] kstrdup+0x31/0x70 [ 318.958802][T31340] create_local_trace_uprobe+0x235/0x3c0 [ 318.964419][T31340] perf_uprobe_init+0xbe/0x140 [ 318.969183][T31340] perf_uprobe_event_init+0xde/0x140 [ 318.974570][T31340] perf_try_init_event+0x21a/0x400 [ 318.979736][T31340] perf_event_alloc+0xa60/0x1790 [ 318.984661][T31340] __se_sys_perf_event_open+0x5c7/0x2740 [ 318.990317][T31340] ? vfs_write+0x50c/0x770 [ 318.994730][T31340] __x64_sys_perf_event_open+0x63/0x70 [ 319.000176][T31340] do_syscall_64+0x4a/0x90 [ 319.004629][T31340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 319.010584][T31340] RIP: 0033:0x4665d9 [ 319.014461][T31340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 319.034066][T31340] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 319.042529][T31340] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 319.050481][T31340] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 319.058522][T31340] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 319.066476][T31340] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 319.074488][T31340] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xd7, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x2}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:33 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x100000000000000, 0x11, &(0x7f0000000080)) 20:05:33 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000000)="421e4b2b537c28047e8cab15aec3981e727aa60d083087f494aa5120097be1ac9c506de880416bf9895a291a9d56296d625de3d10a49f1b021bc287b4a37a9fb1bf1ec2be5efbdf344463f171e676dba07d00e012690222586b4f6d1c7d46e08a1f6951ceb7093b43fe777e11ad3a5bd97f7c6d864be6d8275eddbda86525493", 0x80}, {&(0x7f0000000100)="9db5a339f1691c0a48a74564d7246b984c071d63a1ccee0bab2d6ddf10aa3cc60f3e23d31c715d03e438cee930d11272092f0243515401059842fe34f76513947fbede1e6b1fbd7601810ca4e5f0f6fb4c880265ee28721865ee6b35071cda30983b3d80cec818498c70ebddcd3fd07bb1313f7402f0c15b1e63fd6b34bef9ff92b5104790edb49e5175e32e279311d6ecdc6d30dcb1091e0706ba113229430c7e448f1724bdfe94ed25a66b38af1700804c38b331f3", 0xb6}, {&(0x7f0000000200)="30b6ef6c917297e6983cd59b2e2b08ca8f8bbeb30f3f355648a6d9181fcd0dbbaf61b062341c220254dd3d16637e932b3746b593b174687435c2a1739c5e0385b9c942e103aacd69d5c45977", 0x4c}], 0x3) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000280)={[{0x2b, 'rdma'}, {0x2b, 'pids'}, {0x2b, 'cpu'}, {0x2b, 'cpu'}, {0x2b, 'io'}]}, 0x1a) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:33 executing program 0 (fault-call:2 fault-nth:11): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 319.085100][T31340] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 319.150316][T31337] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 319.160483][T31337] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 319.170871][T31337] ext4_test_bit(bit=16, block=18) = 1 [ 319.176310][T31337] is_bad_inode(inode)=0 [ 319.180466][T31337] NEXT_ORPHAN(inode)=29447707 [ 319.181885][T31362] FAULT_INJECTION: forcing a failure. [ 319.181885][T31362] name failslab, interval 1, probability 0, space 0, times 0 [ 319.185175][T31337] max_ino=32 [ 319.185182][T31337] i_nlink=144 [ 319.187342][T31337] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 319.197785][T31362] CPU: 0 PID: 31362 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 319.223541][T31362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.233592][T31362] Call Trace: [ 319.236864][T31362] dump_stack+0x137/0x19d [ 319.241220][T31362] should_fail+0x23c/0x250 20:05:33 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x7, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x3}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 319.245717][T31362] ? traceprobe_set_print_fmt+0x45/0xa0 [ 319.251267][T31362] __should_failslab+0x81/0x90 [ 319.256035][T31362] should_failslab+0x5/0x20 [ 319.260543][T31362] __kmalloc+0x66/0x340 [ 319.264884][T31362] ? __kmalloc_track_caller+0x23b/0x340 [ 319.270559][T31362] traceprobe_set_print_fmt+0x45/0xa0 [ 319.276027][T31362] create_local_trace_uprobe+0x2eb/0x3c0 [ 319.281654][T31362] perf_uprobe_init+0xbe/0x140 [ 319.286423][T31362] perf_uprobe_event_init+0xde/0x140 [ 319.291813][T31362] perf_try_init_event+0x21a/0x400 20:05:33 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x700000000000000, 0x11, &(0x7f0000000080)) [ 319.296942][T31362] perf_event_alloc+0xa60/0x1790 [ 319.301939][T31362] __se_sys_perf_event_open+0x5c7/0x2740 [ 319.307189][T31373] loop4: detected capacity change from 0 to 4101 [ 319.307565][T31362] ? vfs_write+0x50c/0x770 [ 319.307584][T31362] __x64_sys_perf_event_open+0x63/0x70 [ 319.323731][T31362] do_syscall_64+0x4a/0x90 [ 319.328310][T31362] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 319.334202][T31362] RIP: 0033:0x4665d9 [ 319.338080][T31362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 319.357879][T31362] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 319.366296][T31362] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 319.374294][T31362] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 319.382294][T31362] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 319.390249][T31362] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 319.398205][T31362] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:33 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x3073e5a9d7a90fa4, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x4}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:33 executing program 0 (fault-call:2 fault-nth:12): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 319.427919][T31373] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 319.459615][T31373] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 319.470720][T31373] ext4_test_bit(bit=16, block=18) = 1 [ 319.471716][T31401] FAULT_INJECTION: forcing a failure. [ 319.471716][T31401] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 319.476825][T31373] is_bad_inode(inode)=0 [ 319.491065][T31401] CPU: 0 PID: 31401 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 319.495515][T31373] NEXT_ORPHAN(inode)=29447707 [ 319.504672][T31401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.509829][T31373] max_ino=32 [ 319.520236][T31401] Call Trace: [ 319.520245][T31401] dump_stack+0x137/0x19d [ 319.523532][T31373] i_nlink=144 [ 319.525158][T31373] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 319.528346][T31401] should_fail+0x23c/0x250 [ 319.528370][T31401] __alloc_pages+0x102/0x320 [ 319.539361][T31397] loop3: detected capacity change from 0 to 4101 [ 319.548107][T31401] probe_event_enable+0x421/0x7d0 [ 319.548139][T31401] ? __uprobe_trace_func+0x430/0x430 20:05:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x5}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xd8, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 319.548158][T31401] trace_uprobe_register+0x88/0x410 [ 319.585254][T31401] perf_trace_event_init+0x34e/0x790 [ 319.592095][T31401] perf_uprobe_init+0xf5/0x140 [ 319.597708][T31401] perf_uprobe_event_init+0xde/0x140 [ 319.605729][T31401] perf_try_init_event+0x21a/0x400 [ 319.611240][T31401] perf_event_alloc+0xa60/0x1790 [ 319.617133][T31401] __se_sys_perf_event_open+0x5c7/0x2740 [ 319.623829][T31401] ? vfs_write+0x50c/0x770 [ 319.628887][T31401] __x64_sys_perf_event_open+0x63/0x70 [ 319.635528][T31401] do_syscall_64+0x4a/0x90 [ 319.642358][T31401] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 319.649931][T31401] RIP: 0033:0x4665d9 [ 319.655371][T31401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 319.677931][T31401] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 319.687432][T31401] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 319.696015][T31401] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 319.705391][T31401] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 319.713657][T31401] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 20:05:33 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) finit_module(r1, &(0x7f0000000040)='\xee^(\x00', 0x3) write$cgroup_type(r0, &(0x7f0000000000), 0x9) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 319.722150][T31401] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 319.762675][T31397] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 319.782474][T31397] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 319.793041][T31397] ext4_test_bit(bit=16, block=18) = 1 [ 319.798445][T31397] is_bad_inode(inode)=0 [ 319.802593][T31397] NEXT_ORPHAN(inode)=29447707 [ 319.807370][T31397] max_ino=32 20:05:33 executing program 0 (fault-call:2 fault-nth:13): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:33 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x6}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 319.810573][T31397] i_nlink=144 [ 319.818092][T31397] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 319.828917][T31423] loop4: detected capacity change from 0 to 4101 [ 319.829350][T31431] FAULT_INJECTION: forcing a failure. [ 319.829350][T31431] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 319.848558][T31431] CPU: 0 PID: 31431 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 319.857313][T31431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.867538][T31431] Call Trace: [ 319.870969][T31431] dump_stack+0x137/0x19d [ 319.875438][T31431] should_fail+0x23c/0x250 [ 319.880017][T31431] __alloc_pages+0x102/0x320 [ 319.885095][T31431] probe_event_enable+0x421/0x7d0 [ 319.890206][T31431] ? __uprobe_trace_func+0x430/0x430 [ 319.895506][T31431] trace_uprobe_register+0x88/0x410 [ 319.900751][T31431] perf_trace_event_init+0x34e/0x790 [ 319.906362][T31431] perf_uprobe_init+0xf5/0x140 [ 319.911184][T31431] perf_uprobe_event_init+0xde/0x140 [ 319.916558][T31431] perf_try_init_event+0x21a/0x400 [ 319.921693][T31431] perf_event_alloc+0xa60/0x1790 [ 319.926785][T31431] __se_sys_perf_event_open+0x5c7/0x2740 [ 319.932542][T31431] ? vfs_write+0x50c/0x770 [ 319.936964][T31431] __x64_sys_perf_event_open+0x63/0x70 [ 319.942586][T31431] do_syscall_64+0x4a/0x90 [ 319.947018][T31431] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 319.952921][T31431] RIP: 0033:0x4665d9 [ 319.956808][T31431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 319.976479][T31431] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 319.984878][T31431] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 319.992835][T31431] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 320.000899][T31431] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 320.008970][T31431] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 320.017016][T31431] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x7}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:34 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:34 executing program 0 (fault-call:2 fault-nth:14): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 320.056369][T31423] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 320.082071][T31423] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 320.092550][T31423] ext4_test_bit(bit=16, block=18) = 1 [ 320.097935][T31423] is_bad_inode(inode)=0 [ 320.102095][T31423] NEXT_ORPHAN(inode)=29447707 [ 320.106786][T31423] max_ino=32 [ 320.109978][T31423] i_nlink=144 [ 320.118214][T31444] loop3: detected capacity change from 0 to 4101 [ 320.133504][T31449] FAULT_INJECTION: forcing a failure. [ 320.133504][T31449] name failslab, interval 1, probability 0, space 0, times 0 [ 320.146147][T31449] CPU: 0 PID: 31449 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 320.154989][T31449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.162543][T31423] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 320.165145][T31449] Call Trace: [ 320.165154][T31449] dump_stack+0x137/0x19d [ 320.183270][T31449] should_fail+0x23c/0x250 [ 320.187687][T31449] __should_failslab+0x81/0x90 [ 320.192460][T31449] ? __uprobe_register+0xf8/0x8a0 [ 320.197502][T31449] should_failslab+0x5/0x20 [ 320.202116][T31449] kmem_cache_alloc_trace+0x49/0x310 [ 320.207407][T31449] ? get_page_from_freelist+0x53e/0x800 [ 320.212989][T31449] __uprobe_register+0xf8/0x8a0 [ 320.217872][T31449] ? __alloc_pages+0x194/0x320 [ 320.222727][T31449] uprobe_register_refctr+0x29/0x40 [ 320.227973][T31449] probe_event_enable+0x2be/0x7d0 [ 320.233064][T31449] ? __uprobe_trace_func+0x430/0x430 [ 320.238356][T31449] trace_uprobe_register+0x88/0x410 [ 320.243608][T31449] perf_trace_event_init+0x34e/0x790 [ 320.248923][T31449] perf_uprobe_init+0xf5/0x140 [ 320.253778][T31449] perf_uprobe_event_init+0xde/0x140 [ 320.259064][T31449] perf_try_init_event+0x21a/0x400 [ 320.264222][T31449] perf_event_alloc+0xa60/0x1790 [ 320.269164][T31449] __se_sys_perf_event_open+0x5c7/0x2740 [ 320.274804][T31449] ? vfs_write+0x50c/0x770 [ 320.279227][T31449] __x64_sys_perf_event_open+0x63/0x70 [ 320.284724][T31449] do_syscall_64+0x4a/0x90 [ 320.289169][T31449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 320.295135][T31449] RIP: 0033:0x4665d9 [ 320.299092][T31449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 320.323483][T31449] RSP: 002b:00007ff96fbf4188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 320.331913][T31449] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 320.339887][T31449] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 320.347899][T31449] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 20:05:34 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x800000000000000, 0x11, &(0x7f0000000080)) 20:05:34 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x3f00000000000000, 0x11, &(0x7f0000000080)) 20:05:34 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xd9, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 320.355872][T31449] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 320.364004][T31449] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 [ 320.389022][T31444] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:34 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0xff7f000000000000, 0x11, &(0x7f0000000080)) 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x9}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:34 executing program 0 (fault-call:2 fault-nth:15): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x22}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 320.412004][T31444] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 320.422496][T31444] ext4_test_bit(bit=16, block=18) = 1 [ 320.427949][T31444] is_bad_inode(inode)=0 [ 320.432169][T31444] NEXT_ORPHAN(inode)=29447707 [ 320.437006][T31444] max_ino=32 [ 320.440216][T31444] i_nlink=144 [ 320.478570][T31444] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 320.478598][T31475] loop4: detected capacity change from 0 to 4101 [ 320.495233][T31482] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:34 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x9, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:34 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0xffffffff00000000, 0x11, &(0x7f0000000080)) [ 320.533390][T31475] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 320.549875][T31482] FAULT_INJECTION: forcing a failure. [ 320.549875][T31482] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 320.553099][T31475] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 320.563181][T31482] CPU: 1 PID: 31482 Comm: syz-executor.0 Not tainted 5.13.0-rc1-syzkaller #0 [ 320.573593][T31475] ext4_test_bit(bit=16, block=18) = 1 [ 320.582382][T31482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.582397][T31482] Call Trace: [ 320.582404][T31482] dump_stack+0x137/0x19d [ 320.582428][T31482] should_fail+0x23c/0x250 [ 320.582443][T31482] should_fail_usercopy+0x16/0x20 [ 320.582458][T31482] _copy_to_user+0x1c/0x90 [ 320.587854][T31475] is_bad_inode(inode)=0 [ 320.598072][T31482] simple_read_from_buffer+0xab/0x120 [ 320.598102][T31482] proc_fail_nth_read+0xf6/0x140 [ 320.601361][T31475] NEXT_ORPHAN(inode)=29447707 [ 320.601368][T31475] max_ino=32 [ 320.601372][T31475] i_nlink=144 [ 320.652456][T31482] ? rw_verify_area+0x136/0x250 [ 320.659170][T31482] ? proc_fault_inject_write+0x200/0x200 [ 320.667641][T31482] vfs_read+0x154/0x5d0 [ 320.674186][T31482] ? __fget_light+0x21b/0x260 [ 320.681472][T31482] ? __cond_resched+0x11/0x40 [ 320.686840][T31475] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 320.686858][T31482] ksys_read+0xce/0x180 [ 320.707931][T31482] __x64_sys_read+0x3e/0x50 [ 320.714336][T31482] do_syscall_64+0x4a/0x90 [ 320.721148][T31482] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 320.729427][T31482] RIP: 0033:0x41935c 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:34 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f0000000000)) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x10080, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r4 = creat(&(0x7f0000000100)='./file0/bus\x00', 0xbc9dc8fbd81cb5b7) fcntl$lock(r4, 0x7, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000001540)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_DEV_INFO(r4, 0xd000941e, &(0x7f0000002940)={r5, "4ef562ba8ef0c1d1d2623a139aba932e"}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r2, 0x50009418, &(0x7f00000003c0)={{r0}, 0x0, 0x1a, @unused=[0x401, 0x37, 0x4, 0x8], @devid=r5}) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:34 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x2, &(0x7f0000000080)) 20:05:34 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xfe, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 320.734141][T31482] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 320.760407][T31482] RSP: 002b:00007ff96fbf4170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 320.771838][T31482] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 320.781317][T31482] RDX: 000000000000000f RSI: 00007ff96fbf41e0 RDI: 0000000000000004 [ 320.791624][T31482] RBP: 00007ff96fbf41d0 R08: 0000000000000000 R09: 0000000000000000 [ 320.802324][T31482] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 320.812032][T31482] R13: 00007fff30f6bcef R14: 00007ff96fbf4300 R15: 0000000000022000 20:05:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x4}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:34 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:34 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpu.stat\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400009) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) syz_open_dev$tty1(0xc, 0x4, 0x2) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/crypto\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f00000000c0)=0x8) [ 320.848922][T31526] loop3: detected capacity change from 0 to 4101 [ 320.869245][T31526] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:35 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 320.907830][T31536] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 320.920654][T31545] loop4: detected capacity change from 0 to 4101 [ 320.928134][T31526] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 320.938634][T31526] ext4_test_bit(bit=16, block=18) = 1 [ 320.944005][T31526] is_bad_inode(inode)=0 [ 320.948201][T31526] NEXT_ORPHAN(inode)=29447707 [ 320.952868][T31526] max_ino=32 [ 320.956081][T31526] i_nlink=144 [ 320.968002][T31545] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 320.970669][T31526] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 320.985224][T31545] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 320.998337][T31545] ext4_test_bit(bit=16, block=18) = 1 [ 321.003760][T31545] is_bad_inode(inode)=0 20:05:35 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xa, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:35 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x40100, 0x10) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40086602, 0x400009) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:35 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 321.008005][T31545] NEXT_ORPHAN(inode)=29447707 [ 321.012908][T31545] max_ino=32 [ 321.016201][T31545] i_nlink=144 [ 321.031391][T31545] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 321.075086][T31573] loop3: detected capacity change from 0 to 4101 [ 321.087729][T31573] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 321.097982][T31573] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 321.108376][T31573] ext4_test_bit(bit=16, block=18) = 1 [ 321.113744][T31573] is_bad_inode(inode)=0 [ 321.117914][T31573] NEXT_ORPHAN(inode)=29447707 [ 321.122642][T31573] max_ino=32 [ 321.125878][T31573] i_nlink=144 [ 321.131658][T31573] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:35 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x3, &(0x7f0000000080)) 20:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x6}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:35 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:35 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000004, 0x10, r0, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x77359400}, 0x1, 0x0, 0x0, {0x0, r3}}, 0x0) openat$cgroup_ro(r0, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0, 0x0) preadv(r4, &(0x7f0000000140)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000100)=""/48, 0x30}], 0x2, 0xff, 0x9) 20:05:35 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x104, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:35 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xb, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x7}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:35 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 321.589569][T31597] loop3: detected capacity change from 0 to 4101 [ 321.602838][T31603] loop4: detected capacity change from 0 to 4101 [ 321.621535][T31597] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 321.643559][T31603] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 321.664353][T31603] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 321.678290][T31603] ext4_test_bit(bit=16, block=18) = 1 20:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x22}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:35 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x9, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:35 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x400080, 0x80) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000100)=""/110, 0x6e}], 0x1, 0x7f, 0x2) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="07a39a050162b04bb6842b6530207d7d5b2e2a39206d656d6f72792e6576656e747300206d656d6f72792e6576656e747300203a7d285b152d206d656d6f72792e6576656e7473ad863e8500e976a819dbbcaffada1780e956c3b8c620086a87d0b52d426c00000000000000baa0718f52aecbb4f34276ee5cf299b3e1667feff34c22a5a7e173f65a38de521b3670c9fc4fd3650afc50497e6978b93722a1ad1f612a770f0779cc5128cebfa983aae0be6716b2290048"], 0x4d) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') fsmount(r2, 0x1, 0x1) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x4011) [ 321.688656][T31603] is_bad_inode(inode)=0 [ 321.698925][T31603] NEXT_ORPHAN(inode)=29447707 [ 321.706267][T31603] max_ino=32 [ 321.713011][T31603] i_nlink=144 [ 321.724979][T31603] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x300}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 321.740100][T31597] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 321.758539][T31597] ext4_test_bit(bit=16, block=18) = 1 [ 321.767819][T31597] is_bad_inode(inode)=0 [ 321.775534][T31597] NEXT_ORPHAN(inode)=29447707 [ 321.783006][T31597] max_ino=32 [ 321.787786][T31597] i_nlink=144 [ 321.819978][T31597] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:36 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0xb, &(0x7f0000000080)) 20:05:36 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x110, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:36 executing program 1: creat(&(0x7f0000000040)='./file0\x00', 0x97) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r0, &(0x7f0000000500), 0x37d, 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400009) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) fcntl$lock(r3, 0x6, &(0x7f00000000c0)={0x2, 0x0, 0xf34f, 0x6}) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:36 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x480}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:36 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xc, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 322.444988][T31665] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 322.457712][T31669] loop3: detected capacity change from 0 to 4101 [ 322.467189][T31661] loop4: detected capacity change from 0 to 4101 [ 322.468806][T31669] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:36 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x500}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:36 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x20000200, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 322.482616][T31675] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 322.511141][T31661] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:36 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$setpipe(r2, 0x407, 0x100000000) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) vmsplice(r3, &(0x7f0000000640)=[{&(0x7f0000000280)="50fe2718a65c461a438d09a08abe524504a5b1d66584f4b7d7727a8ba4f6ace1c65db78a5c641c5010b87135dd11744e29f36fa8bd7dd99ef8c41286508a772ae68ca0d9943adcb7c17820e6ac4787c5ddc43778e68b024a57e79a8e8bb905ad1b35bc2ff1704db258fc6dd8876cf188bd21fb424ef36bbaa57392a9c2bf459c1894ce5fa62993c5c78ad90d64eed65c1a5961aef70d3105dabd564bd1a09e74461dc260905bfcee6bfdf485b0c8320bb9652d24f88046cfcfe4e44218291e781ed2ba628d37dbd07b558d336870b8b121ed0dea032829", 0xd7}, {&(0x7f00000003c0)="b8b5e58fa319e83494907ba699a38c3eff42ca6a2ba1ca25eeb4f157db6549a9047dd1241755ad1645fbb8c2bbb00bcba6504c72bea65d5ce7acd8c930133416e839", 0x42}, {&(0x7f0000000200)="6ea3fdca60d20a4fed806bf1", 0xc}, {&(0x7f0000000440)="87ebcfcca085", 0x6}, {&(0x7f0000000480)="6e7244159ae4f4a517f9fbc0d19963f4908abc133710f7f4d0ce4f17a769d2c07ad26633526250a06bb2f776a2c196dd9cbf07d92604de393624acf624757c340f0fb8d7380eab6beb2a9942953b0a954af485e8fcba1b726456f4f0b1f159ab7238cfed8f", 0x65}, {&(0x7f0000000500)="35c51f06257ac956835b957942bce79e1268049d73482b6cf310a66f7785fff5bd808a9bad428780158a839242886395631308986fff7622eff4fa469b01987427f026594ed694565b1bd8f34d33c0694d2a37e8fd8d08f904f26bac1e8706bef169c741b5119b0f3e250b71dc82639beb8991e6a26b547da93f08df4fd23b9fc6885e1d83232fda88893718ac5a84f9a08c43c65f378072efa970890198dea7dc66bd2eafff2939a14aa9e937074763c8472f958c2ce673fa60d0d65601c7cf45cef668bd04b0ec0308db07bd11b596a41164cedc26b5", 0xd7}, {&(0x7f0000000600)="39927d1cb1bfff93db36538991cd", 0xe}], 0x7, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180)={0x0, 0x0}) r5 = syz_open_procfs(r4, &(0x7f0000000240)='mountinfo\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0, 0x0) r6 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) write$binfmt_script(r6, &(0x7f00000007c0)=ANY=[@ANYBLOB="2321202e2f66696c653020265c292a2c3a202a2e5c2073656375726974792e73656c696e7578000a2e5fdb91ecfb5650056e7882597c0683166872d69d968d34a0e909dc4be60972d57215e44403574c891850529995ae0b2865025120169cffc0935906cefeb6ce116deb58b699d60ee7b4fafc98edb17c13ae6af62404fcc295ba4724338ee496ddc5f07e7ef6e47788b2de7ccde9a0ae4125891d2c5502ceffaef8e1683f988152d4515c079931197123c5edd135af6bec9779588af66401e6f15ce7ba11785697ec3a35576bde220a"], 0xa7) fsetxattr$security_selinux(r5, &(0x7f0000000080), &(0x7f00000000c0)='system_u:object_r:devpts_t:s0\x00', 0x1e, 0x3) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 322.544850][T31661] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 322.557371][T31661] ext4_test_bit(bit=16, block=18) = 1 [ 322.564962][T31661] is_bad_inode(inode)=0 [ 322.570582][T31661] NEXT_ORPHAN(inode)=29447707 [ 322.576490][T31661] max_ino=32 [ 322.580616][T31661] i_nlink=144 20:05:36 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x600}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 322.585323][T31661] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 322.585568][T31669] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 322.610115][T31669] ext4_test_bit(bit=16, block=18) = 1 [ 322.616875][T31669] is_bad_inode(inode)=0 [ 322.621837][T31669] NEXT_ORPHAN(inode)=29447707 [ 322.627514][T31669] max_ino=32 [ 322.631681][T31669] i_nlink=144 [ 322.665201][T31709] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 322.674816][T31669] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 322.681779][T31713] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:37 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0xc, &(0x7f0000000080)) 20:05:37 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x13e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:37 executing program 1: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400009) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000040)=0x8001, 0x8000) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000000)={0x0, r3, 0x3f, 0x7, 0xe8, 0x6}) 20:05:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x700}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:37 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xd, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:37 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x2, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 323.301335][T31726] loop4: detected capacity change from 0 to 4101 [ 323.312956][T31726] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 323.327119][T31726] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 323.335960][T31736] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:37 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat(r1, &(0x7f0000001740)='./file0\x00', 0x101000, 0x24) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000001780)={0x2c, 0x37, 0x1, {0x1, 0xfffffffffffffffc, 0x9, 0xffffffffffffffff, 0xe, 'memory.events\x00'}}, 0x2c) sendmmsg(r0, &(0x7f0000001640)=[{{&(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000200)="2f25495e403ff81a400db8be7c09ecf8aa7d24ccd0192947cb1a4169f8612b25642a5ad724e1ef9a9bca0ffc2e9591d8d58aec3519c7af76414642d731968c5cc6ee143fa6093486855206eb4878c45e808aab4c1f9b837a68fd6cb88e2913f4d1c3b2c4e6eb1141eb6bdff7466aff6448e7ca7ea33eb8dc36132448b0215a4eb333bed659cbfcc122c453af638f191b5696ce47cbcade8fadf8837f9979e25dc4a7a54fc6897e96291d0e0b70d69bf002b5cf892c537d3c92b7eeee95be4537bc98b140f97b87547255a137376c4ef2ed", 0xd1}, {&(0x7f0000000080)="e272be476255abcbaa295a75160bfe5a588d4671116d164ba50dd6c8ce690e0d6de16cb659c128847edd5620f5aa", 0x2e}, {&(0x7f0000000100)="e850f40d0a3427ab70239d0f8f4c", 0xe}], 0x3, &(0x7f00000003c0)=[{0xe8, 0x107, 0xf3, "67d02f326ee95afafc62eea46f75a10953ffcf0b87ed356b26daf199e5cffc4e9e12b58fff5e72d72a89d7cded93c71bca769070b165d83ad25e138d950873b4cc979df92cb08662b70245e9b63ecf0c7b8a0a10abde57bdf3e8269402c78478481c10a7c9a6abd5008ced835487dc35b89dea1548bb03d5a3db3d8bfadba5fe6a0bf3410ab59d5201874a58ebc39e45cc36d4ccbbeaa3fb85c6684302c71d1f004e5adaaa408f0d405566ee540428cf28abb232ffffa08e15732fbb9a2501cfcd051a65df848540b12c91d06adbef5f1677b712"}, {0x58, 0x110, 0x2, "1f28d322bca1f602214918942309c4e77640cd1d20a44a00d430826ec62dfe36d622d0b250804747bd8c3105870c7c8a2e88ef5d6dd2fca7fb8c467d8f802a80880fed784a079d"}], 0x140}}, {{&(0x7f0000000300)=@pptp={0x18, 0x2, {0x2, @dev={0xac, 0x14, 0x14, 0x21}}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000500)="e5cd9e1cb810790bb5888bf17290f94e67ff863f8598809db1c641f7cbc8ccb064710f1a6929e49f6cf9ab47a866b9227db86dd85271ad61e4bf1e0aeceead312279df1a75f0745fa61f9cce0e09c1ec5402e97a66504a8aa776bb73b2090b90b05d4cbd87500ab221e60da75583f2cb3068a84baee79ea48c13b6e054b456f077c03d0738e6a58177aef421c4f43d790349d6f0bcd01798d0f9f48c7c09c04ba6732d", 0xa3}, {&(0x7f00000005c0)="aedd0035a905cf63ad452696a6f3fcefb1007639de89b91037ad536940807f2880c798a7f9bd557567b9db141fec2a2250b3240fc7a99c6857dc2ee28193952ce348eab4430d1412d8ec8a6648f9ea961d5a59b7bdf70aff526d24c81f9b6887398d3668ceb8de1a777f13086baeab052998caf2a337708d2c4016f0d41614ec69b0cf20af9cf2c72bba54d3e7b024bc28b3abf4e7", 0x95}], 0x2, &(0x7f0000000680)=[{0xf8, 0x10e, 0xd4, "1d90e1177785fe0f0da636406604d057847508e067d47aea0a5d2f32e8e784d32742d56a0c517a679c1bca02db14c3cdc56464486b196033302cc3f704ae4b56b962b654404374cb47193df1849097bf6af7f767cf7a04fe247cee27db0adadaae91df7e910ba39137cc744fcb83a9bb1f4c0054291688285dc413fd3d0bda207a6d96fa659e9ca76d6950a7d433fa98a7994b6be99774753a21bbf7286b1804934dea4e95e9ac98be71f2aca39a5bc76699b0e961d2a27bad6821bdb9d9fc50b9df4023947576e9af96db35a559328168a2e961893dac123e41d07cb77918113961c4"}, {0xe0, 0x108, 0xffffff81, "c7ab283845bb3b7f546fc0113473ba483dbeaea217b3a96021e073a63e9c3c9cb703e0b6ba5c539d2cc5b7b04b1c8d5b48f706022fcfd3002a90f5b0cf99adc5cbf30ba11a70c389820544aea2470e6f146ecb1d6be8d1ce0b829e7159e96d6961a550648562bc53e6bd0ab1502ab0338d7800b853247dee798acc38b18281954d609beb0f4269ef4fbe1d7e01ed69b66275cff3205a7e30730cabb2a1ca1e9101ce21ecebdc5ed9afa650f6294be2eeba6b8d89e4ece04b65f7f1d390f8640c901057ab9a3b5cdac74106a0"}, {0x98, 0x10d, 0x4, "69496faa57d2be3013dad973ef78d1e7deb76a2fbe5cfd3e012b3ebd18511b6451ccfe6963212fdc89e0bbd6c91b7ec196cd26112f824d348cc7d9dbbd0025cf2184783e06dd6c8d2a783f48be000f3b7bc8fc8967ac3375040a55961e5735ce65be4cd7cbe048150e3192b985324345bfa8173e7c5f619fba5d61bdbb365c6f44aa3aa7c26d61"}, {0x48, 0x114, 0x1f, "327222d34acc8bfa42bdc8e98472c9fa1cfd70b6208235a99659688dce0e874ca8bdb5203656a8d823cba73d89aa050b19c0f892c5ba2f1b"}, {0x18, 0x105, 0x4, "b060ec20"}, {0xa8, 0x10d, 0x80000000, "d487c00b4de6b1d35d03e9ea05c7541eccdd6ad2139d708fe8b63dcd94a63b90d224325eef51cd8a2674b7b0c70d83a795de98508e476f6d54166d8f4c20bad79390f7d6a8c58a2901e88fda8ceeba618b8d47e01c2ea5255f042b5a543f18bdd21ca8fcf26089c51fd3c74bcfec9afcc0b768dee3577f6b527685242b5fd8bf0c0665f66cad3ff7a794e2e0a4ff1c54825a6027489256"}], 0x378}}, {{&(0x7f0000000a00)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}, 0x4}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000a80)="f7e01b9578b3fe6a55c071876d39abd8b1bf10e7838edaf977253d229e8fb1cc488c437ccb2caf99883760ce381742598c4fcdfb219be3c5e51800132d0b50c7623fa134cf9de6e42923dd4f9831fca85e99ce55817e441ca8c5ecb28d64fc9de7ff37f499c5e66a278281d86390948dd04f5e002074395c9e2a1f2d1c52c3b992bf8ee9c16421c1aa80f2e723d3b935485ffd2a515c695b593075463ef271b100de73e5901453130eeec9db4083df8df183f253712d8550", 0xb8}, {&(0x7f0000000b40)="06219645b94676ecadc8285de7f3a63c10bb79446cbaf0cb42b75747f83c39553d8f5b1e34bc4a0791352ac590120ce6afdf0d633e835ee341e21f5c72d9d97d5dff4cda3990fbc2ac455dc68b1bd0131b67d620d725850a94d5c072ff79903c3a", 0x61}, {&(0x7f0000000bc0)="580c26c31b3d1aac322f458bfb6e765a92145e9b740f84b2e1dccdf708e67794a1ba2c092b5dde561a21545caa4dd4cdbd28af7b968497dbf4ad4f703687cba41e7ba8665950c43b0d062c38b6adaa616d5308816c9d2f1f4ef7f59108240c4d49ad06a507d8433fe19927d524383613bc4c577abd0488235ccd2c0ea2455bd869963480d51e097ecc8bb8d81c392a8a4538c1eac0cb42e7b017f8d8cea394a1ac", 0xa1}, {&(0x7f0000000c80)="05f1e1bc6e07fd67f5ad5d2618dd79d5dbfe96b3835baa57031d3e21da4b5341598a27c59b0ea9c8a15e4a32b1c5b321b056c054c679a2e6729d9a6fefcbcb3e006f8845bb770533d19c1709ac5639f7b50ccf22e55e", 0x56}, {&(0x7f0000000d00)="0801d2e18f8d63eeec552cc475ffb568995bb7ae5e721d30c87c1154c712262ffb8bcbdded7586e40666dfcac86ca632b39cba5ad89f978a34e7d5570bb843f4c4478dc49d4445f44a820230b41ed7dd7033a355de8c90eae82abdb233434fd7465f76aafa97854c984dc9a78658c4ca1f6766da987b02c7a3bb0924f9993a023088fe75fcee8c4a5aeb6d4c7faa7ba7d341033603648a025363262691786b658036c872446fb68386b2ad0e3398d03c5f372172fcca5c77792b3d5a99262a84487017b8d76c62964020575e044e927bd7d674693a487d93b5f4831ecc83f00794cffb", 0xe3}], 0x5, &(0x7f0000000e80)=[{0x88, 0x117, 0x101, "bd1faf2ef5d90555d90b5568e1d1502242e6c0de69b7168c9bf3d75d4d6e8dd25ad01a46334d68fdca3c44c3b79073f86503535a8d0d2460aec1053d5ec94f3bd1b7680463d8b9a345c9a57e8dd54b569a4cdde7fa72f0271fd3aacbe51fb249a8d91ab5bc817bc0f1585ad5118bb07ba1a7cd"}, {0xb8, 0x102, 0x4, "f18b09960c94d04b2fa6757d61aa41b4082107a1a65fa5fad62a79554488d6fd462725778510e235df1a9cefe1037277607fdf69bedac68f702c53c92e1810e2a41c7bc6db53b3a501a403c4a0f549ac81ce78a1d234bbb80cd6816e4b63ba5b2d64105229671e637c258a12f0d8d6b0400a9eba1e9b9d34c00ed6a49f29311e1533f47af865f4ab5aea5a8d1121bb972a93bdc9c31191ea63e002bdcfb8b28efa"}, {0xd0, 0x84, 0x1, "e39f11167e27bae013b35a420bcf5b12c66b9b8ef56856271a155a13ae5386c747205fa0ac4e951a7ad227f0491e50bed71765bd883a2c844e5058ac0ae0d1d34302dbac9ec7ae40ad97c670e181f77b7659f2b68cbfe92299d16f4a16e924fe1eed3a49197edf018f7b12fab015f7121baf1446fc0ee0c09e2cdb477a51e1e2bc4a08d064c2e46c6b6cd093e466943873cd523716cd3e0b7054a6058441a470a2a07577868c9eb3001274a17c4c87fdc78ec05caf8719497a6875f0c4dc0570"}], 0x210}}, {{&(0x7f00000010c0)=@generic={0x15, "84528bb0fccf06bac41ad9e6446f29bc72ffc35b5287420a2060fa9059a3abfe7e18a1b98e832bc97058dd09265e19413c3ccf44fc072d411729ca47d11b2c8e5f05aef0f261535e77e88be861025da6684fc5299bdf02cd006a8a28f88ec0ccd903e61108c9456d16ddc80ec1533a2a001cc94f742ac92c7f478ed85d6e"}, 0x80, &(0x7f00000012c0)=[{&(0x7f0000001140)="206c6cc71b60281b2b990810c7ddfabd4a7fc1b7ba1da947ffb84f25ec2cfc573a4ad2c0232a981268bab0b8f87f75d369b93ddbc12ea21c47657b0c7c14d5ba6b7901b56715eeef160b8c4586218c155f268691cea264c2c649e0b23d583c62703962", 0x63}, {&(0x7f00000011c0)="1669129535bf94e3bfd023c1055e71d07465d08ebbf0da0e70c6ee555bb444477932dff7a1d7ac7eba32a54cecb1092c3c7b59c5ae2d03830170f0ae1bb65a1a0204160b1f7fffb1231946bd522320131dd9ab82c8304efcf449a5c66b5390fc72562e57234493adc282d37b05522b34272995861c21f9439c10d300407f2cff1e7fbe1d738726c0855ed16b95db6629ae075ccb8b164bbbea80aa5132f981df0e413ea2548d5065c1af76e0500cd931de50d50bacbc6b0ae8c9195d452d524912129d27d3657fffdb50dd0291f320c3d7e7a8833482dfe8c99424279054407eb6dc48cbb3cb65291eb68c3ebd04", 0xee}], 0x2, &(0x7f0000001300)=[{0xb0, 0x6, 0x1000, "e083842f24ace8e2b222886e26876f574fe9a90895491325b0d28f93d5c735ddb472b8cc8345912de7cb2289c2a8d012a5bd14ab3b164b630da7406220c7debfb903404209b9643502d4090743146051bc2bd2a08fa3ca0c32f3a02e70a14384e1e47dc2a4f3f5fd30a53ec0d14f1683dbcf7cb5447f80f4c0c8e638727ea381bf17460e0d6d04b0d893f807f8625b424a9f8df9afd961c871063e623e"}, {0xd0, 0x0, 0xd2, "e5cc53888a2f7db27e7410aba9551259cee3ec5614b1a2d834ae83c2bcc6b1d8695324bacf1265f95f132dbdd33b0a2ce89f3f83e5ed58a747ff09fd8ce5a8fcbd5e82fcb218094ef1bdd4870d8f39b736c2fa278c3e22f906d864ba2fde4fa667810106b44e8dcd9257fd2dcb2eddfc0ecedf1edfa97059307b7a82bc714ff9cb1d2f4862fc8e04109ee215d514e9c19ea9fca1dcf43baa8679bbab04c147a391e92f3455c2474d708d5c680309529a17735a106b787d760fb1"}, {0xc8, 0x0, 0x1f, "705131a7a1f6b259e29233aee6d73f1605ae27aacac82348ae953b2158a13e8219debf6a558aeb53c167d31c32b45b9468f7a67e119d64a29110bbf9e0c7232a58a8fb3f78b7726998b23af5ea33c847d130f6e8050f708301d8ad369e6290aed8e82ca72a60e3aaeb524dcdf96297c1cba313a5798c124b3c91597eb30e60c4e2b758ee82ad28b704e8b13413091a6d7d5d6a3b47739ce2c94b318e448628bcd7031f7305e00a420a05eafc63d28bead0ceab"}, {0xa0, 0x10b, 0xfffffffb, "cdba6ebdac024d503f526965f4847cab06f8dd87241e59511d99f11edf9c8d03d31a576833f9ae188e6e61a21800c79de03242619ce42df4128b8cb0f2344c39fcc936f3e7d5c6f85bb3d785c64a885d2fa98837860f5b14af7fdc28246096b2fac8d8ad7f395087ddce84c4e19e2effe1a0a3e0bd7f2459cb2e5c7bcc091e06bd63d87d58f83b3c70053135dbc7"}, {0x48, 0x0, 0x10000, "0e8ba8372690718818204679c4d58b26c88158a1f66749c921568cad6741a6f2b85957fda68d5b9eb92dfe56f019190cfb16f222f0"}], 0x330}}], 0x4, 0x8001) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) preadv(r3, &(0x7f0000001840)=[{&(0x7f00000017c0)=""/20, 0x14}, {&(0x7f0000001800)=""/3, 0x3}], 0x2, 0x282, 0xfffffe4c) 20:05:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x900}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 323.337572][T31726] ext4_test_bit(bit=16, block=18) = 1 [ 323.353947][T31726] is_bad_inode(inode)=0 [ 323.354401][T31738] loop3: detected capacity change from 0 to 4101 [ 323.358222][T31726] NEXT_ORPHAN(inode)=29447707 [ 323.358230][T31726] max_ino=32 [ 323.358236][T31726] i_nlink=144 [ 323.398304][T31738] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 323.407777][T31751] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 323.411712][T31726] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 323.435374][T31738] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 20:05:37 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x1) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x89000) r2 = openat$cgroup_ro(r1, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000000)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/tty/ldiscs\x00', 0x0, 0x0) fcntl$setstatus(r3, 0x4, 0x800) 20:05:37 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x17e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x2200}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:37 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x3, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 323.445752][T31738] ext4_test_bit(bit=16, block=18) = 1 [ 323.451119][T31738] is_bad_inode(inode)=0 [ 323.455317][T31738] NEXT_ORPHAN(inode)=29447707 [ 323.459977][T31738] max_ino=32 [ 323.463202][T31738] i_nlink=144 [ 323.479521][T31738] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 323.527763][T31773] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 323.547713][T31779] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 323.574065][T31780] loop4: detected capacity change from 0 to 4101 [ 323.586521][T31780] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 323.600128][T31780] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 323.613281][T31780] ext4_test_bit(bit=16, block=18) = 1 [ 323.621563][T31780] is_bad_inode(inode)=0 [ 323.628361][T31780] NEXT_ORPHAN(inode)=29447707 [ 323.636409][T31780] max_ino=32 [ 323.641477][T31780] i_nlink=144 [ 323.646330][T31780] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:38 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0xd, &(0x7f0000000080)) 20:05:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {0x3, 0x0, 0x8004}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:38 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xe, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:38 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x4, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:38 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x0, 0x2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x3, &(0x7f0000000200)=[{0x6, 0x4, 0x0, 0x7fc00000}, {0xffff, 0x2, 0xff, 0x3e60}, {0x4, 0x1, 0x2, 0x4}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000000c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000140)={r4, 0x1, r3}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000240)={0x0}) socket$inet_tcp(0x2, 0x1, 0x0) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000001580)={r5, 0x0, 0xffffffffffffffff, 0x461f}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000040)={r4, 0x1, 0xffffffffffffffff, 0xffffff7f, 0x80000}) copy_file_range(r1, &(0x7f0000000080)=0x3, r3, &(0x7f0000000180)=0xfe4, 0x7, 0x0) openat$cgroup(r6, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x180, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x4, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 324.200151][T31802] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 324.212666][T31809] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 324.213499][T31801] loop3: detected capacity change from 0 to 4101 [ 324.224406][T31804] loop4: detected capacity change from 0 to 4101 20:05:38 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x5, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:38 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xf, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 324.255076][T31804] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 324.265418][T31804] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 324.275813][T31804] ext4_test_bit(bit=16, block=18) = 1 [ 324.275825][T31804] is_bad_inode(inode)=0 [ 324.275829][T31804] NEXT_ORPHAN(inode)=29447707 20:05:38 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x5, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x181, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 324.275834][T31804] max_ino=32 [ 324.275838][T31804] i_nlink=144 [ 324.276188][T31801] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 324.276981][T31801] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 324.277001][T31801] ext4_test_bit(bit=16, block=18) = 1 [ 324.277010][T31801] is_bad_inode(inode)=0 [ 324.277013][T31801] NEXT_ORPHAN(inode)=29447707 [ 324.277019][T31801] max_ino=32 [ 324.277022][T31801] i_nlink=144 20:05:38 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000001e00)=[{&(0x7f00000017c0)=""/182, 0xb6}, {&(0x7f0000001880)=""/226, 0xe2}, {&(0x7f0000001980)=""/230, 0xe6}, {&(0x7f0000001ec0)=""/112, 0x70}, {&(0x7f0000001f40)=""/159, 0x9f}, {&(0x7f0000000100)=""/60, 0x3c}, {&(0x7f0000001bc0)=""/232, 0xe8}, {&(0x7f0000001cc0)=""/96, 0x60}, {&(0x7f0000001d40)=""/152, 0x98}], 0x9, 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='io.stat\x00', 0x7a05, 0x1700) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x4000) r4 = eventfd(0x14) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x381102, 0x0) r6 = eventfd(0xffff8000) r7 = dup3(r2, r1, 0x80000) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r8, &(0x7f0000000500), 0x37d, 0x0, 0x0) r9 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) io_submit(0x0, 0x7, &(0x7f0000001780)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0xa, 0x9, r3, &(0x7f0000000180)="527be3f319ba48d2562eebb7a3c944aadc9e938986a8c9b7eadc2128ecf9136805c7445109d7ecb5a1dc2902f64156b420bc6929dd8dc3ed7d2e1f213bafa05194bd6487a5450f9d89ed4033250f0dc2336be404233a59c6a6f39b0e36a260bbc9ee67f9347d76cd3872f3726ce52b4ddacb8faa034ce3434607a49d8cc2f1a46dba53f3f15f6d20c837db45e8778ccb081e70adc6b5a85e7c476c427a72b5eab554623902ea24f57bcb42127d1690618d76c919b5b1a88333f03b950f0539a773f83a7b1659eb1e73ac66b764", 0xcd, 0xfff, 0x0, 0x2, r4}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x3, 0x8, r5, &(0x7f0000000300)="68a9b9ed84fa92f4495faf6173eaa76274e9bdbd4c941060", 0x18, 0x1000, 0x0, 0x0, r6}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x3, 0x3f, r7, &(0x7f00000003c0)="6e1617a76d99eaf34019c7a88a7aed0e32adc2038dd01bbcd12fb003766e7dd8b6d72555ca639ce21be9765c9ce18a97c7b62b9956c74cf5095c271d4c2fe61f90c6b98d22456d977d7f85f543fad28e4f5c1c40e47d64edbf8e5f900332617d53af6c64898795824f4d5fe32f13d7930259438de084062ab3fd7732712b8640b423aa723a45057adaddecd240b4c31c5dcfe6d7195840b14a9bef6c5e98478e5b1e7aa24b4042648670be879f2f4f4141c76a1bc098978098f6221f9b7aae", 0xbf, 0x2, 0x0, 0x1}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x6, 0xffff, r2, &(0x7f00000004c0)="16f00332c4ac5336ef287aa36d4f18f8683a958c5b18321fb66c6c7ea15ce2072617d360a6c98ae5c6da382fbbfaa2250d2ab6b387d15f7ac3c8d6abe4e20c5266188097b9558bbb78ac3de5bd29c46c7c36c22abfaf110a6b40c5e4112bcd11bc9df4c0a544ee87d3f56c16440cc86fe0ed4ba6350bc82bab33adcaa28f93b77666b693739676068a7000fbf631c04bcd21c976872de332c1f988f5bb328b310adf663d05a626d0268babc840bf68d6dee5d934a5831893037de1bfc255789e49d234ca24858e3596a0adf3c40da55713ed", 0xd2, 0x10000, 0x0, 0x1, r8}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x486, r2, &(0x7f0000000600)="18f318b9720ba30b668dadde2dccebf1194d1bd42b7d40f3406a075e", 0x1c, 0x1, 0x0, 0x0, r1}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0xc, r9, &(0x7f0000000680)="3358c3fb2d5893c37299192334149b265f56599cefcc3c535f6618f293c9eeff15bc352fbb20d5034c645adf334db3058bda107b7b3b48977f96fb477381be7d58a3a60d782f55408db9f4cba35c8712c90e03377124375a02e6475e2c24823e46916820e1ee7dddb08f68701296a0c3cf1cffeef22e4eada594f88d2bfd1154e258f357ce152e577d4a8adb654d895a502b2607c075114025b116d98732a5340e35882e3a613622feffe5bd0d5ab70cfef2816837341a8f8fe761ad4e4a49ff23a505c296c371beab94018894bc813480f4595d7ef7a630a5f3fddc3d965fb63bd56d607986e718b8e492bc597b3e19b43a974f519b45648b7e774c38f27e9258bbacd7d627af3be7bb88b7c68f5b9c0bec76b4880f5d6360e12d183c718cdf0cab68011d66b2526e347221a6ee333536261c814c72fa1e2fbd9919afd1a9c57b09f4659d68cf7d7348f625f68e357b64528d7c17e76ab24beea9367c2bd031c842b9739dfb9a69cce4e8b187bef8d60a82721b58697d3e944fae143e4eda102e1264b7236971d699f791ae351e8869b01f9f3946442f3df3cdf58fe5883749cc67354635deb9ca9d1d759730d277e4e247ded4c8f0a03c51e3da1abb328cb1faf3bf136cb14673f3c5d246cf864c6033da9586c69a7fa09a4c135c1e7333c4f531280d6e2f18a93a5cee69c2ab51fd5e31efa0e03da0474c991dbf56cd1a15bd96f968ddcd0f7d99793b8b017312168b5c0984809c06a4e3a2013d9973702c2651d19467bbee9096f99379d115f5cc2dbf526e5aad3fe7eb5179c32745d06017b1236e1efca2da579ea9ab76e6b40afa917ff0fb28b5deb7249616526eee68d3284dbbd5aaaadd4c6512dd4b18512f8821dea940d94ffacfe4d77c7b75bd0d9340b22d3b2e6cc9a2ef2ee162f15466ea3f8ddff36c00f16d943f0430f49ce10c562d17699c85bcf7e89898eb6d9a0058cf9fa76a6c39bbb0e57ba1bcb210bd764a67c0c346cd51cbba54edb15cf65bcefae1b142ba5eeb07ec53fd44e0da2eb92732639bf4f2fceb252778a9a7cd84f01b38e9837f703e5a5135759b68e06032e7602a0217609f4731572b190dda18073fff319cf85d9e64fa278ad64a7336bc901ea048f25ab138e42a95f91ba7f12080af508b0deb948494d6d00f31cb30a19b20cbf442c6f7cb7d0ed33e655e849bae01740a64612d58cfeae29df4790cc5a7695518ab649c9940dc5ca6ae0af9554addd6ca330e0bbe797d4f4fd7f75edaf023fb0ff32bbe2e41067d6baeabf334afc1fe9f354c9b873c09deb30cb7cf6fdea52b47c2e9743a63b93593657000339ad344ffd34ed0aba01e15c3bb9e624311423ca305d5059f9997025fb4891b40e965c029418462a07acf933b8b6c256e32b1041ab491f7e3999a881ccd498b4e586179a8ca32e5cae1b40c01e1f09aec25616dc73c4a0d5bcfe96648134cc2a711bc291ba353b283214c125da5bfd50cc7536be2e36b51643741f61022aba7105117e43ac793f5fe4c4049092de09c23498e1d80a4b726f172fd987c612f2a61913c000895891291e93d64a0587a1c1b9517df421ae1faa7945aeb56b00b0468ce2be9f21e4f473f9b7e75cf17da314b26de4591b9c3a50451f24f6444a3251e2c5f7da94fda170fa8042dc23c0fc2a4571edffb420fa43931e77fc46716b261eecfa054fca1a199d07a0ca381ce44298156a8efaab09a36bd7e6a2d15ea278422bb8315f200a4ea761612781dc11d5bf216a0ee960b2751cf5b318490f15764fb12a4701ba5fe8c229ecb7cb8ae56e27b70ca152d8729ce62799f7a9be148698bccccda01f8faf3d671a51959d0c30d0fd17f6fe9f41f6cd80efd6f53018dd0ed78952541cf733db73586d7eb5164ce43b4b2d92dc47f1a25c4eaf0d7b2d0b85b32129df0e2127727e799015dc16212c2bc3e186935d144e81457727b71825c1ac6b4d79fb946f5cf1e3035c9e6c795866f73dc4cd0882c6a3178917608fbb2fa7769537d4e4739db220281307545c03ef753c07047a6941e7b439321c1aa71a5cc29445c706873241385733e74dc59ca44e74bb8993be1752d20baae7a238e065720dcfdb56e14b40cce412574c517a71eca7641b12fe6f1f481c12310f5cd1cf1b6d63b3292635aad0e3e3c5f613609275a675a90e06246583131ecb9e1f0b5c06f9d64fe32c9ec783d5b19fe255aacc86fd1af0698948bd9d15aa37411ac72cffbc0f44b94993b6b4a89dc786fc081f29249b639b20cd840515320779fbd2fbc5d7d0b128e60ce32c6cbe1719ff519c9fa4fe7fe3de1618d30ac4d206874ceebd7e16c1bb8f290fb72fd32517e49af86a89743f11d7d37c52f52e171f718ac6baa3b6f42ced46db33ba671132b444118f70d0aa340b936749f63b05ad7d6fd3f00e94982d890d2831c9c0d3edc3f89840e43255717fccd0f6a367f42dcaa85b436059b00d8d760ebfc3794e0c64a6c4be9da9fa2bac006037113e54a92f27625c71a5158c0d7eb1eb7bdd0e6b54debfcecf9e5df6cc34bd9727655eec05005aa7b5608fc29b0dc52fcb2ff31e262465eaf1a4dff35f04857a553454082471530dd62d154f00faa9d51ee1cc0d003c313be92cc1b9d63f56df0da7a33dd6bd22663adefb5c5d4aba3bc0a0277591b2efad28a0534e1f1da6eac61ad29db2bc2e5a4fb48e2f1145306a7897c112d77464e5bc0d58b8890018e6bc6febf216cc145abe966b62ed5b3bd9d1aa3463f3bcd5f44d7ffee5cf39957a3125841cb877754b6e7ef1c1b67a1cf75fc24136d99933b57691e1bc7c0a429f5970e909af7053d5caefc6c4de71bfd45331d47d7631af99083d5242c4208d87c73409092c1c1d69e6629e7db95e30985a1882a0bd1eacae53761f8eddf522eb2d97e7a575b19144049694d5390d7d14db0ea31488b94edf533f044dd9fddfd0cab2d23bfe8b9673aadcfbc13e9fd1698cbc70b582965e0a61e13013ae1042c5e75ff118dedf57ae9f9c55e7ff81104ac2d3adc69e7922c8ebe3ecf170b2ddcd4a9c3e3670fdb9e97368937fdce6917c9c55fd28487f332b75302e0777ced25604afd8ebe9f47410f4f0c6a25c4fc4c17473e6e80a25e548f622219c306150411be9143046ff72adc4fea8d4e2b255f228583f837e45172a39ee52dfe7cf5d17bc31c8d873c856b1dc485d70d57bc172627e88cd94a7daed59f9f1aea84ad4a5027a4146083cec43400c5a3f999f5437eee866cd5d4d9b8e3a80a69a1120a826d36fb5f010810eab42fba3988bf626ecbbf185bbae0df285866a1814a21a04107cdf2c6dccd3fcaf29134c81b3d8bda35a18bf46d2b34a242da4f897d1aed6e297e155afdcf4f2cfaf876d4d82500bbea2f5bb45f79e9e274ced93122cbd1837a011bfa2c6f910d8397ba6780f45e298fd4daa645ae6e8bb8e435be2846250e6b0f06e2199ab7d09489a8f2f0221a3f137c0acd9182b205d4db6aa9cd1b32ec27927a1cd953c9c2027e17e8ed6ea9d20f1335eb5f3269c9b5e283cb7e299ad2c1d0ae5e23facaf56eeb81d74151839c5af8d54905cd8ae02cf24f0d680fe527dd25e709f89b8f29973c55ceef9d414a65f46de4502ee2129b33ef229792f19956d73051f34c2890a0d3c526d042e27f7f914969f895436854d34a81fa2de95806d950b253bf1e3cd754d2ee68661fe6752414ca2af6c6d04ec8b5610b2316074e75311eb52f01d2096bc12b1f6024720fb1a9212be79a34645cf164b32b54b29569aab310798e2a2bdd1c2cc2fa9c1f3364326386c15c864173db98075ef16bd4bdf79a8fff16a93887a149a7255cbed9321b5f0c7e7a5eefa78ae3d4f44e79b4138e98ba87fd9bfe993aeaa1de1fde19616ee4036c7f5780404e2ff41b4a7e7cd3f69dfb3bd001003f198199e740649821a233e6162c814970ccf8542f77e3e6588694e94c0f9a2f385c75d1645bfd6e1c9367ac57ef1e8bba5518d405a25208f73871544758bf6286c13d4ebdf2141ed9cf673644bfcc2e8601c3a2c6145e439c1fd1a57d00612cdaaa57d9b7440f7fef6529fcd16df3db776fbc7215b16f0d1a39754df9bafad0136caefa016794f5d4e107f28ee7e57b13d4623e29e391a80b11ab293bd24e631f967a2315991f72adc46494f0a1e690cd5f674d633ca3ed262b0e31c58b4f18763cf6d69239270c60b165c5c3a2588388101e639493853cef8c182e5bab7557667c6309d5b039a80fc8ee11a469716ad7cb5db573629adf355c9a53947903ef3ba8cf235244da5356793c4c69c688e635fe42c7bef6ab749f04bbcd9ee7c00bf163bc1b6f6e8b60f12618169c51e37699e22a900350838fe9386dbb7619f29da3a242867ed7b1653de297a3be110ea1e5514067e890b4e4cd38f261003a2db8b05d431525626f5618e6249e2f5e2c537ce71267bfde223467f95ec58bfa052f30455e59b45f16647bfe89a3300b562ebf350341ec9abd6b2626d5531b1f88b94039a5a520a96322f27409406da32721ada190a70c6da0f8c2601823b22c793a62bbc8cd6d4ab2c702f05604f795da17cdd7481aec9a879c3e7e6694c795acc445b3307f8807a337e510b700c88f10d248ca2f8e5d8845a252c3d8679fce954f87048d58519396ff1299e25caf1bbb77cad3b02e15bd19974bf0083c6213fe0f877fa567237cd0de8ffe103a48fcd66896d438b16ae8229eef89e0a014384f7db0838409b0e26ae4fdcd3bd93ace9a33ebd2965ed1fd53855cdbddd274bf124dbb66eb28a74d28d586011e098d82839d84a8b2728c0949c7ddaccf71aeca8d64b0f1b976c3bc4d3ec8cfa6b5b5aa86bf84491964fb06680d9cec53d1fcf06eddf0fd84c13400b9973a8e5c1a13e74d0ebb03dc6bba7eedff42c31a8740ced001cc057a48ec1ced8f5eec5ce991a607f0aa1f2edd7edc58cc00773e4fbff266ed847cd1498280905c7e4571f57cad10c099a8f15a6319b0af48903af3d317f22f68c3ee45277dfbf267b657c809855f62afee51f194f480bc2b20caa8e8ff3331b4c1a942673cc97948b0b6ccdfbb978620a6e33afba9b9c06ba82c6be5be543ce4f9dd0d61a3913266dd9b850986a227480e38f86b4ac1a0419821d0533ebdd5dbbbf5e8a2ab50aafe99274798fca6474cfd2eaa1f53c1c7d942cebdf04e8e750141c421e0176a3aeef6c36bc292402747db82bdc7464c3776358a1ccfa7472962c7d0983bad6ca6f0339012e20a91532f30646c51e8e586cf2df05d54409ffd6bfe1902ce29d406e5676249e66c224ce9de6c3a270f515588bcb1e8e497d538350978e23d9440d3cb891a6f5b1621252388bdbee440ecb68254998d14046651fa3e4e1103c63ca32352d1a797fa39a0d0f96afab3c776be527fda09f482c0c21e77bcbe3b46bb82ad8125c23dc2160108fcdc95dceed908f8ae457e618b7fdc3a50256b429fe09fd023a9f5fbf5909d0713873b95a745e3f53e453b549fd52a2bd666898c0149d33924f4d1eb0eb588a98be90aa6bc429c9b07d5895a970c2dc7f1655127ef3251c6ea7c17bac7b6244939f32e0903b65ac4cf96d7a3120ff0abcce4329f322b4904b10ec5eb6ada32fcf925a2958f32c981ce0504d1f4584dba1a590cb979be6b87ee377de0d8de24a61d70a60c17f1b2b2b5d8101473d1d33ea25530f7744d19242e7267926a565a814f6d74e9a6a2dcc01e5b165fc9f31123a749f2bf9dd72744df6eac7462122155d6aa0990f1c67e663dda117667fc05a54b415717a057d5aaaf696c", 0x1000, 0x7, 0x0, 0x1}, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x6, 0x3, r0, &(0x7f00000016c0)="4e6aa4c12b724c18852caa8884f24e29300b167c0dee25f860f559afb9919aac9a4d074ec1b30185197dc7fb7e0cbe75f404ccdcd01f406a4953ce504770358b4c51d4b544f21e2cd3aa2c61fbe0af9df9f25662d50e049b", 0x58, 0x6, 0x0, 0x3}]) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r11 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x105002, 0x26) ioctl$EXT4_IOC_MOVE_EXT(r10, 0xc028660f, &(0x7f0000000040)={0x0, r11, 0x7fff, 0x6, 0x0, 0x6f7350f6}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 324.277034][T31801] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 324.298261][T31828] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 324.301821][T31804] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 324.303648][T31829] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 324.477434][T31850] loop4: detected capacity change from 0 to 4101 [ 324.488016][T31853] loop3: detected capacity change from 0 to 4101 [ 324.492977][T31850] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 324.515600][T31850] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 324.526119][T31850] ext4_test_bit(bit=16, block=18) = 1 [ 324.531541][T31850] is_bad_inode(inode)=0 [ 324.535720][T31850] NEXT_ORPHAN(inode)=29447707 [ 324.540488][T31850] max_ino=32 [ 324.543687][T31850] i_nlink=144 [ 324.551831][T31853] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 324.563147][T31850] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 324.563753][T31853] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 324.586640][T31853] ext4_test_bit(bit=16, block=18) = 1 [ 324.592385][T31853] is_bad_inode(inode)=0 [ 324.597887][T31853] NEXT_ORPHAN(inode)=29447707 [ 324.603170][T31853] max_ino=32 [ 324.607949][T31853] i_nlink=144 [ 324.611668][T31853] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:39 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0xe, &(0x7f0000000080)) 20:05:39 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x6, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x4c, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:39 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpu.stat\x00', 0x26e1, 0x0) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r1, &(0x7f0000001240)=[{&(0x7f0000000000)="8e0ee80a8a081b4d309b336e", 0x2009}], 0x1) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x20, 0x4, 0x17, 0x0, 0x0, 0x3d, 0x80010, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xf48, 0x0, @perf_config_ext={0x7, 0x8}, 0x1, 0x3ff, 0x2fa, 0x3, 0x1dfb, 0x6e79, 0x100, 0x0, 0x8, 0x0, 0x8}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r4 = io_uring_setup(0x76eb, &(0x7f0000000100)={0x0, 0x6a40, 0x8, 0x2, 0x1e0, 0x0, r3}) r5 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r6 = creat(&(0x7f0000000100)='./file0/bus\x00', 0xbc9dc8fbd81cb5b7) fcntl$lock(r6, 0x7, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001540)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) ioctl$BTRFS_IOC_DEV_INFO(r6, 0xd000941e, &(0x7f0000002940)={r7, "4ef562ba8ef0c1d1d2623a139aba932e"}) ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f00000003c0)={r7, 0x81, 0x8, 0x1}) 20:05:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x183, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x60, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 325.081036][T31879] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 325.091269][T31876] loop4: detected capacity change from 0 to 4101 [ 325.107774][T31881] loop3: detected capacity change from 0 to 4101 [ 325.119979][T31876] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 325.125763][T31892] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 325.132873][T31876] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 325.150600][T31876] ext4_test_bit(bit=16, block=18) = 1 [ 325.151975][T31893] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'. [ 325.155992][T31876] is_bad_inode(inode)=0 [ 325.155999][T31876] NEXT_ORPHAN(inode)=29447707 [ 325.156005][T31876] max_ino=32 [ 325.177419][T31876] i_nlink=144 20:05:39 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 325.183178][T31876] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 325.192118][T31881] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 325.204015][T31881] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 325.214413][T31881] ext4_test_bit(bit=16, block=18) = 1 [ 325.219811][T31881] is_bad_inode(inode)=0 [ 325.224047][T31881] NEXT_ORPHAN(inode)=29447707 [ 325.228746][T31881] max_ino=32 20:05:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1c7, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x7, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 325.231941][T31881] i_nlink=144 [ 325.239064][T31900] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 325.250645][T31881] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 325.254200][T31903] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:39 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x4, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 325.288085][T31911] loop4: detected capacity change from 0 to 4101 [ 325.302754][T31911] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 325.325563][T31911] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 325.328140][T31918] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 325.335954][T31911] ext4_test_bit(bit=16, block=18) = 1 [ 325.350607][T31911] is_bad_inode(inode)=0 [ 325.354792][T31911] NEXT_ORPHAN(inode)=29447707 [ 325.359456][T31911] max_ino=32 [ 325.362648][T31911] i_nlink=144 [ 325.377607][T31911] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 325.385458][T31924] loop3: detected capacity change from 0 to 4101 [ 325.399947][T31924] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 325.419041][T31924] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 325.429509][T31924] ext4_test_bit(bit=16, block=18) = 1 [ 325.434901][T31924] is_bad_inode(inode)=0 [ 325.439046][T31924] NEXT_ORPHAN(inode)=29447707 [ 325.443697][T31924] max_ino=32 [ 325.446894][T31924] i_nlink=144 [ 325.451230][T31924] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:40 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0xf, &(0x7f0000000080)) 20:05:40 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x8, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x7, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:40 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYRES32=r1], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1d1, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:40 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x12, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0xb, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:40 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x9, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 325.948157][T31946] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 325.960478][T31948] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x25, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 326.020462][T31962] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 326.032587][T31965] loop3: detected capacity change from 0 to 4101 [ 326.057102][T31964] loop4: detected capacity change from 0 to 4101 20:05:40 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(r0, &(0x7f0000000000)='io.stat\x00', 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x30, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 326.073195][T31965] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 326.097072][T31964] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 326.107052][T31964] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 326.115417][T31979] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 326.117507][T31964] ext4_test_bit(bit=16, block=18) = 1 [ 326.133843][T31964] is_bad_inode(inode)=0 [ 326.138008][T31964] NEXT_ORPHAN(inode)=29447707 [ 326.139353][T31965] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 326.142671][T31964] max_ino=32 [ 326.142678][T31964] i_nlink=144 [ 326.159526][T31965] ext4_test_bit(bit=16, block=18) = 1 [ 326.164983][T31965] is_bad_inode(inode)=0 [ 326.169154][T31965] NEXT_ORPHAN(inode)=29447707 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x38, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 326.173815][T31965] max_ino=32 [ 326.177036][T31965] i_nlink=144 [ 326.181333][T31965] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 326.201827][T31964] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:40 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x10, &(0x7f0000000080)) 20:05:40 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xa, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:40 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x17, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1e0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:40 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r2 = fsmount(r1, 0x1, 0x4) fsetxattr$trusted_overlay_upper(r2, &(0x7f0000000000), &(0x7f0000000040)={0x0, 0xfb, 0x55, 0x4, 0x9, "bad0bdb5e16a86bf2aa749c5d36f8ec6", "c82e561788e509900bec4108efe7fc48c60565fcca7b0a78b6e6dc943786211fd3381f67e6711e359b9bd53252c4b377740e3fd1fbd6b83856e45197fa8ceca8"}, 0x55, 0x2) 20:05:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 326.816130][T32016] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 326.827572][T32017] loop3: detected capacity change from 0 to 4101 [ 326.831649][T32024] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 326.838341][T32019] loop4: detected capacity change from 0 to 4101 20:05:41 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xb, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 326.885566][T32019] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 326.906239][T32017] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:41 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000080)=0x10000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x25a200, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x420000, 0x0) ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000100)={0x3, 0x1, 0xcbd4, 0x8}) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x4, 0x9, 0x3}) 20:05:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 326.922149][T32039] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 326.948556][T32044] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 326.961717][T32017] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 326.973920][T32017] ext4_test_bit(bit=16, block=18) = 1 [ 326.977916][T32019] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 326.979583][T32017] is_bad_inode(inode)=0 [ 326.979590][T32017] NEXT_ORPHAN(inode)=29447707 [ 326.990032][T32019] ext4_test_bit(bit=16, block=18) = 1 [ 326.994171][T32017] max_ino=32 [ 326.998834][T32019] is_bad_inode(inode)=0 [ 327.004175][T32017] i_nlink=144 [ 327.015022][T32019] NEXT_ORPHAN(inode)=29447707 [ 327.019761][T32019] max_ino=32 [ 327.022946][T32019] i_nlink=144 20:05:41 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xc, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x25, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 327.027360][T32019] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 327.042376][T32017] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 327.086540][T32060] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 327.098324][T32062] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:41 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x12, &(0x7f0000000080)) 20:05:41 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1f0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x30, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:41 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x18, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:41 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:41 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xd, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x38, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 327.686420][T32079] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 327.698368][T32083] loop3: detected capacity change from 0 to 4101 [ 327.708745][T32082] loop4: detected capacity change from 0 to 4101 [ 327.716037][T32083] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 327.732314][T32083] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 327.743001][T32083] ext4_test_bit(bit=16, block=18) = 1 [ 327.748501][T32083] is_bad_inode(inode)=0 [ 327.749915][T32095] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 327.752766][T32083] NEXT_ORPHAN(inode)=29447707 [ 327.752776][T32083] max_ino=32 [ 327.752781][T32083] i_nlink=144 [ 327.753555][T32083] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:41 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:41 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xe, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 327.782381][T32082] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 327.834515][T32104] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 327.852738][T32106] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 327.865471][T32082] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 327.875894][T32082] ext4_test_bit(bit=16, block=18) = 1 20:05:42 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) sendfile(r2, r0, &(0x7f0000000040)=0x2cf, 0x5) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x19, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 327.881265][T32082] is_bad_inode(inode)=0 [ 327.885423][T32082] NEXT_ORPHAN(inode)=29447707 [ 327.890097][T32082] max_ino=32 [ 327.893280][T32082] i_nlink=144 [ 327.925715][T32082] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 327.943144][T32119] loop3: detected capacity change from 0 to 4101 [ 327.971146][T32119] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 327.983311][T32119] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 327.994025][T32119] ext4_test_bit(bit=16, block=18) = 1 [ 327.999552][T32119] is_bad_inode(inode)=0 [ 328.003703][T32119] NEXT_ORPHAN(inode)=29447707 [ 328.008392][T32119] max_ino=32 [ 328.011715][T32119] i_nlink=144 [ 328.015244][T32119] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:42 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x13, &(0x7f0000000080)) 20:05:42 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x2, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:42 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x10, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:42 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1fe, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:42 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) sendto$inet(r1, &(0x7f0000000100)="a5375e2e66016aeffb68518edf7fe8bf4770ae2bec34a4f54104906a03b002ec8458ea05616fa2efb1c6c9532c1bdc6d68078de8111ceae9f64c9487148a0fbb8e95500ae297fc3c27fbf70982c744a46b2d84ee55a47548e9d0af4ed3d1e7cdb6afe0d7fc0bf29aa05bf186a930e5e82854219d5fa955754d43387d8c46a8fc99931a31df6fe4e22e3046eb248f8d71be5851e284a5f212d5ec687b3c8e29a7a849c1885e7108", 0xa7, 0x4008100, &(0x7f00000001c0)={0x2, 0x4e23, @loopback}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:cert_t:s0\x00', 0x1c, 0x0) 20:05:42 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:42 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='memory.swap.current\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000001c0)='cgroup.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 328.539414][T32145] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 328.554320][T32148] loop3: detected capacity change from 0 to 4101 [ 328.564179][T32149] loop4: detected capacity change from 0 to 4101 20:05:42 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x3, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 328.582435][T32154] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 328.603434][T32149] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:42 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000100)={&(0x7f0000000000)=""/182, 0xb6}) write$binfmt_script(r0, &(0x7f0000000200)={'#! ', './file0', [{}, {0x20, 'memory.events\x00'}, {}, {0x20, 'memory.events\x00'}, {0x20, 'memory.events\x00'}, {0x20, 'memory.events\x00'}, {0x20, 'memory.events\x00'}], 0xa, "dc7b5683ee5f0af8f199ec579d530c9064281283e50db318bb0c5cbc9f77a7505aabefdc55390084fdfcfeda5ac8d3629786574b2bec646878ae744680a7b6e4d16aa3330146d0cd061ef99050bcd455cd47a35bbb0ae46ffaeacb79b25e8126248f76daa7a4676b56b8d16e3dc1"}, 0xc6) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:42 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x4, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:42 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x11, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 328.626361][T32148] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 328.644624][T32149] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 328.661763][T32149] ext4_test_bit(bit=16, block=18) = 1 [ 328.669085][T32149] is_bad_inode(inode)=0 [ 328.674799][T32149] NEXT_ORPHAN(inode)=29447707 [ 328.682289][T32149] max_ino=32 [ 328.688512][T32149] i_nlink=144 [ 328.704611][T32148] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 328.718052][T32149] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:42 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x204, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 328.720132][T32148] ext4_test_bit(bit=16, block=18) = 1 [ 328.745053][T32148] is_bad_inode(inode)=0 [ 328.753855][T32148] NEXT_ORPHAN(inode)=29447707 [ 328.759793][T32148] max_ino=32 [ 328.763724][T32148] i_nlink=144 [ 328.786835][T32185] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 328.799551][T32148] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 328.811555][T32186] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 328.891679][T32197] loop4: detected capacity change from 0 to 4101 [ 328.914567][T32197] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 328.931978][T32197] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 328.952411][T32197] ext4_test_bit(bit=16, block=18) = 1 [ 328.962164][T32197] is_bad_inode(inode)=0 [ 328.969233][T32197] NEXT_ORPHAN(inode)=29447707 [ 328.977245][T32197] max_ino=32 [ 328.983323][T32197] i_nlink=144 [ 328.989807][T32197] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 329.028468][T32204] ================================================================== [ 329.037111][T32204] BUG: KCSAN: data-race in copy_page_to_iter / ext4_put_super [ 329.044579][T32204] [ 329.046895][T32204] write to 0xffff88814592c460 of 4 bytes by task 1780 on cpu 1: [ 329.054674][T32204] ext4_put_super+0x32b/0x8e0 [ 329.059366][T32204] generic_shutdown_super+0xe1/0x230 [ 329.064821][T32204] kill_block_super+0x4a/0x90 [ 329.069486][T32204] deactivate_locked_super+0x65/0xd0 [ 329.074795][T32204] deactivate_super+0x85/0x90 [ 329.079491][T32204] cleanup_mnt+0x267/0x2d0 [ 329.083890][T32204] __cleanup_mnt+0x15/0x20 [ 329.088394][T32204] task_work_run+0xae/0x130 [ 329.092991][T32204] exit_to_user_mode_prepare+0x156/0x190 [ 329.098635][T32204] syscall_exit_to_user_mode+0x20/0x40 [ 329.104089][T32204] do_syscall_64+0x56/0x90 [ 329.108483][T32204] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 329.114356][T32204] [ 329.116660][T32204] read to 0xffff88814592c000 of 1377 bytes by task 32204 on cpu 0: [ 329.124537][T32204] copy_page_to_iter+0x320/0x860 [ 329.129453][T32204] filemap_read+0xf06/0x1230 [ 329.134106][T32204] generic_file_read_iter+0x75/0x2c0 [ 329.139368][T32204] blkdev_read_iter+0xb9/0xf0 [ 329.144037][T32204] vfs_read+0x565/0x5d0 [ 329.148182][T32204] ksys_read+0xce/0x180 [ 329.152332][T32204] __x64_sys_read+0x3e/0x50 [ 329.156809][T32204] do_syscall_64+0x4a/0x90 [ 329.161205][T32204] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 329.167163][T32204] [ 329.169481][T32204] Reported by Kernel Concurrency Sanitizer on: [ 329.175689][T32204] CPU: 0 PID: 32204 Comm: systemd-udevd Not tainted 5.13.0-rc1-syzkaller #0 [ 329.184336][T32204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.194456][T32204] ================================================================== 20:05:43 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x14, &(0x7f0000000080)) 20:05:43 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x5, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1b, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:43 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x12, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:43 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) fallocate(0xffffffffffffffff, 0x8, 0x1, 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:43 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x208, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:43 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x6, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 329.399887][T32217] loop3: detected capacity change from 0 to 4101 [ 329.404833][T32218] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 329.427702][T32220] loop4: detected capacity change from 0 to 4101 [ 329.434492][T32217] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:43 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x5) tkill(r2, 0x36) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x0, 0xd9, 0x8, 0x4, 0x0, 0x8, 0x7000, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1f, 0x2, @perf_config_ext={0x7e, 0x69d}, 0x1, 0xffffffff, 0x8001, 0x2, 0x7, 0xfffffffd, 0xfff, 0x0, 0x8, 0x0, 0x5e90eb26}, r2, 0x4, 0xffffffffffffffff, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e24, @remote}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x38}}, 0x3b4, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000000)='nr0\x00', 0x5, 0x0, 0x1}) [ 329.444759][T32217] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 329.455383][T32217] ext4_test_bit(bit=16, block=18) = 1 [ 329.460755][T32217] is_bad_inode(inode)=0 [ 329.464925][T32217] NEXT_ORPHAN(inode)=29447707 [ 329.469713][T32217] max_ino=32 [ 329.472904][T32217] i_nlink=144 [ 329.477481][T32217] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:43 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x25, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 329.491386][T32236] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 329.509397][T32220] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 329.536028][T32220] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 20:05:43 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1c, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:43 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x7, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 329.546412][T32220] ext4_test_bit(bit=16, block=18) = 1 [ 329.551841][T32220] is_bad_inode(inode)=0 [ 329.556026][T32220] NEXT_ORPHAN(inode)=29447707 [ 329.560717][T32220] max_ino=32 [ 329.563982][T32220] i_nlink=144 [ 329.566505][T32247] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 329.581175][T32220] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:43 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x22e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 329.584853][T32248] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 329.653860][T32262] loop3: detected capacity change from 0 to 4101 [ 329.665777][T32261] loop4: detected capacity change from 0 to 4101 [ 329.665798][T32262] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 329.682747][T32261] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 329.688647][T32262] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 329.700593][T32261] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 329.702632][T32262] ext4_test_bit(bit=16, block=18) = 1 [ 329.713079][T32261] ext4_test_bit(bit=16, block=18) = 1 [ 329.718449][T32262] is_bad_inode(inode)=0 [ 329.718457][T32262] NEXT_ORPHAN(inode)=29447707 [ 329.718498][T32262] max_ino=32 [ 329.718502][T32262] i_nlink=144 [ 329.723845][T32261] is_bad_inode(inode)=0 [ 329.723852][T32261] NEXT_ORPHAN(inode)=29447707 [ 329.728222][T32262] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 329.732667][T32261] max_ino=32 [ 329.732675][T32261] i_nlink=144 [ 329.771210][T32261] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:44 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) r0 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0xc) semop(r0, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r0, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000001c0)) r1 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r1, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r1, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r1, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000001c0)) semtimedop(r1, &(0x7f0000000100)=[{0x4, 0x80}, {0x0, 0x0, 0x800}, {0x4, 0x1, 0x800}, {0x2, 0xffff, 0x800}], 0x4, &(0x7f0000000180)={0x0, 0x989680}) semctl$GETZCNT(r0, 0x1, 0xf, &(0x7f0000000080)=""/18) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x9, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:44 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x27, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:44 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1d, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:44 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) socket$inet(0x2, 0x2, 0x7f) accept4$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000100)=0x14, 0x1000) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000440)=0xc) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x24b6422, &(0x7f0000000480)=ANY=[@ANYBLOB="7577643dbd718879ac7b9dc24d0d82a41cc6aa0342fd2d55b127dc983e89c084bb7a700795e0bc10bad1f7a24f82cd2122e89ce97cb57ebb02ccd603b198aab9e0ae462c8ecdc25ec57a9631c2cd75e52b108b0c68f32c175842535ad600ddaf1337ceb8844953c469a5d509ac954ea0f1b8b7339dc303691d67", @ANYRESHEX=r6]) r7 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000200)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@loopback, 0x4e21, 0x6, 0x4e21, 0x7c, 0xe, 0xa0, 0x80, 0x2c, r4, r6}, {0x2, 0x6fffffffffffffe, 0xffffffffffffffe0, 0x27, 0x57c, 0x6, 0xfffffffffffffffe, 0x10003}, {0x4, 0x5, 0x4, 0x4}, 0x400, 0x0, 0x1, 0x0, 0x2, 0x2}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4d2, 0x6c}, 0x2, @in=@multicast1, 0x3504, 0x0, 0x3, 0x0, 0x8, 0x4, 0x80000001}}, 0xe8) openat$cgroup(r3, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) 20:05:44 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x238, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x22, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 330.306245][T32289] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 330.310805][T32287] loop3: detected capacity change from 0 to 4101 [ 330.326885][T32288] loop4: detected capacity change from 0 to 4101 [ 330.328796][T32295] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:44 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x48, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 330.356754][T32287] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 330.360081][T32288] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 330.372691][T32287] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 330.386773][T32287] ext4_test_bit(bit=16, block=18) = 1 [ 330.392144][T32287] is_bad_inode(inode)=0 [ 330.396510][T32287] NEXT_ORPHAN(inode)=29447707 [ 330.401280][T32287] max_ino=32 [ 330.404483][T32287] i_nlink=144 [ 330.409497][T32288] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 330.419970][T32288] ext4_test_bit(bit=16, block=18) = 1 [ 330.425459][T32288] is_bad_inode(inode)=0 [ 330.429630][T32288] NEXT_ORPHAN(inode)=29447707 [ 330.434297][T32288] max_ino=32 [ 330.437526][T32288] i_nlink=144 [ 330.441305][T32288] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x4, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:44 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='devices.list\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:44 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x27c, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 330.441936][T32313] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 330.497026][T32321] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'. [ 330.502494][T32287] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 330.535881][T32330] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x7, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 330.549679][T32325] loop4: detected capacity change from 0 to 4101 [ 330.574307][T32325] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 330.594372][T32325] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 330.609627][T32325] ext4_test_bit(bit=16, block=18) = 1 [ 330.610929][T32318] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 330.610929][T32318] The task syz-executor.5 (32318) triggered the difference, watch for misbehavior. [ 330.617464][T32325] is_bad_inode(inode)=0 [ 330.617475][T32325] NEXT_ORPHAN(inode)=29447707 [ 330.617482][T32325] max_ino=32 [ 330.617487][T32325] i_nlink=144 [ 330.617701][T32325] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:45 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0xc00}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:45 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(r0, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0) 20:05:45 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x4c, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:45 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0xb, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:45 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x27e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:45 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) clone(0xc8a08000, &(0x7f0000000080)="5cd19f43b44f01d91fa62899e7dd9eab995f944a4c1e98a10452c838d313", &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="264e086b65dd47f3b6243f85fd8e0b78e4c505ec610c07a7a3255c61b0f9dec921b2fa2dffe4f18df363aa58dfc2a85c139baec91ba636c91463aa3fb6f8ce0a14aebb994a7aa4d514acee799d0b6bf94b71e968f4d17254c1868a3b339469c74f5bff57a4b28e307e2cf09f8b") 20:05:45 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x25, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 331.235478][T32362] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 331.247896][T32360] loop4: detected capacity change from 0 to 4101 [ 331.258994][T32366] loop3: detected capacity change from 0 to 4101 20:05:45 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='rdma.current\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 331.285267][T32360] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 331.316186][T32366] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:45 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x29, 0x4, 0x20, 0x6, 0x64, @private0, @remote, 0x40, 0x700, 0x101, 0x6}}) 20:05:45 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x60, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 331.320920][T32381] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 331.337967][T32366] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 331.348353][T32366] ext4_test_bit(bit=16, block=18) = 1 [ 331.353720][T32366] is_bad_inode(inode)=0 [ 331.357896][T32366] NEXT_ORPHAN(inode)=29447707 [ 331.359083][T32360] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 331.362557][T32366] max_ino=32 [ 331.362564][T32366] i_nlink=144 [ 331.379393][T32360] ext4_test_bit(bit=16, block=18) = 1 20:05:45 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x30, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 331.384784][T32360] is_bad_inode(inode)=0 [ 331.388927][T32360] NEXT_ORPHAN(inode)=29447707 [ 331.393597][T32360] max_ino=32 [ 331.396914][T32360] i_nlink=144 [ 331.400506][T32360] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 331.415769][T32366] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:45 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x22, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:45 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x27f, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:45 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x38, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:45 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0)={0x0, 0x0}) r3 = perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x1, 0x80, 0x3, 0x3f, 0x0, 0xe02, 0x100, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000340), 0x6}, 0x610, 0x1000, 0x80000000, 0x9, 0x5, 0x26f6, 0xfff7, 0x0, 0x8, 0x0, 0x7fffffff}, 0x0, 0x7, r1, 0xa) perf_event_open(&(0x7f00000002c0)={0x4, 0x80, 0x8e, 0xd3, 0x6, 0x5, 0x0, 0x84ad, 0x47420, 0x5, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8000, 0x2, @perf_bp={&(0x7f0000000280), 0x8}, 0x2000, 0x1, 0x8, 0x2, 0x1f8000000, 0x3f, 0xa0, 0x0, 0x5, 0x0, 0x2}, r2, 0xd, r3, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400000, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'tunl0\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='syztnl1\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="0000000700000a527fffffff42df004800660000ff2f9078ac1e01010000000001871e00000001020d22fede1e10a58aee380634070bea16e97d45c31f0da0441422d1ac1414aa000000030a0101000000003f00"]}) recvfrom(r4, &(0x7f0000000080)=""/37, 0x25, 0x2100, &(0x7f0000000200)=@xdp={0x2c, 0x4, r5, 0x1c}, 0x80) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0xff, @remote, 0x4e23, 0x2, 'lc\x00', 0x13, 0x2, 0x5b}, 0x2c) [ 331.431417][T32396] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 331.471839][T32410] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:45 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x68, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 331.515338][T32417] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'. [ 331.530716][T32418] loop3: detected capacity change from 0 to 4101 20:05:45 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x7, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 331.558549][T32427] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 331.570338][T32418] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 331.572791][T32430] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 331.596880][T32418] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 331.597132][T32428] loop4: detected capacity change from 0 to 4101 [ 331.607272][T32418] ext4_test_bit(bit=16, block=18) = 1 [ 331.619046][T32418] is_bad_inode(inode)=0 [ 331.623198][T32418] NEXT_ORPHAN(inode)=29447707 [ 331.627898][T32418] max_ino=32 [ 331.631081][T32418] i_nlink=144 [ 331.640556][T32418] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 331.641146][T32428] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 331.684210][T32428] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 331.694698][T32428] ext4_test_bit(bit=16, block=18) = 1 [ 331.700099][T32428] is_bad_inode(inode)=0 [ 331.704332][T32428] NEXT_ORPHAN(inode)=29447707 [ 331.709041][T32428] max_ino=32 [ 331.712309][T32428] i_nlink=144 [ 331.717417][T32428] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:46 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x6c, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:46 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='io.stat\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe0000002}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:46 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x25, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:46 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000100)=[0x81, 0xd84, 0x8]) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x0]) 20:05:46 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x280, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe0000004}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 332.164149][T32459] loop3: detected capacity change from 0 to 4101 [ 332.175223][T32464] loop4: detected capacity change from 0 to 4101 [ 332.175273][T32462] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 332.194994][T32459] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:46 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 332.208657][T32459] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 332.219074][T32459] ext4_test_bit(bit=16, block=18) = 1 [ 332.224435][T32459] is_bad_inode(inode)=0 [ 332.228613][T32459] NEXT_ORPHAN(inode)=29447707 [ 332.233277][T32459] max_ino=32 [ 332.236568][T32459] i_nlink=144 [ 332.241877][T32459] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 20:05:46 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2e, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 332.259933][T32464] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 332.268933][T32480] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 332.291562][T32464] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 332.302231][T32464] ext4_test_bit(bit=16, block=18) = 1 [ 332.307625][T32464] is_bad_inode(inode)=0 20:05:46 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) r0 = semget$private(0x0, 0x20000000102, 0x0) r1 = semget$private(0x0, 0x2, 0x88) semtimedop(r1, &(0x7f0000000040)=[{0x1, 0x2, 0x1800}, {0x1}], 0x2, 0x0) semop(r0, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r0, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)) r2 = semget$private(0x0, 0x3, 0x104) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000080)=[0x200, 0x1, 0x7ff, 0x3, 0x8, 0x306]) 20:05:46 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x74, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe0000006}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:46 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000000, 0x10, r0, 0x2b0e4000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 332.311763][T32464] NEXT_ORPHAN(inode)=29447707 [ 332.316524][T32464] max_ino=32 [ 332.319711][T32464] i_nlink=144 [ 332.327101][T32464] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 332.345913][T32492] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:46 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x296, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 332.365513][T32496] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 332.384184][T32502] loop3: detected capacity change from 0 to 4101 20:05:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe0000008}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:46 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 332.416356][T32502] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 332.426345][T32502] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 332.436743][T32502] ext4_test_bit(bit=16, block=18) = 1 [ 332.442189][T32502] is_bad_inode(inode)=0 [ 332.446394][T32502] NEXT_ORPHAN(inode)=29447707 [ 332.447641][T32518] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 332.451164][T32502] max_ino=32 20:05:46 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400008) r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='pids.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/rt_cache\x00') ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000080)={0x1, 0x0, [0x0]}) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000100)={0xffffffffffffffff, 0x1ff, 0x20, 0x4}) fcntl$dupfd(r1, 0x406, r4) r5 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000280)={'syz_tun\x00', &(0x7f0000000200)=ANY=[]}) preadv(r3, &(0x7f0000000500), 0x37d, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0x80045301, &(0x7f0000000040)) fcntl$getownex(r2, 0x10, &(0x7f0000000000)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f00000000c0)=0x0) fcntl$lock(r0, 0x25, &(0x7f0000000180)={0x2, 0x2, 0x400, 0x1, r6}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 332.451172][T32502] i_nlink=144 [ 332.477699][T32521] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 332.495419][T32522] loop4: detected capacity change from 0 to 4101 20:05:46 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xff, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:46 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x32, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe000000e}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 332.510168][T32502] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 332.543998][T32522] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 332.574050][T32538] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 332.591668][T32522] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 332.594252][T32541] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:46 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2d8, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 332.605780][T32522] ext4_test_bit(bit=16, block=18) = 1 [ 332.605796][T32522] is_bad_inode(inode)=0 [ 332.605801][T32522] NEXT_ORPHAN(inode)=29447707 [ 332.605807][T32522] max_ino=32 [ 332.605811][T32522] i_nlink=144 [ 332.695630][T32556] loop4: detected capacity change from 0 to 4101 [ 332.709529][T32559] loop3: detected capacity change from 0 to 4101 [ 332.731892][T32556] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 332.747169][T32559] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 332.749153][T32556] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 332.764942][T32559] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 332.775902][T32556] ext4_test_bit(bit=16, block=18) = 1 [ 332.775919][T32556] is_bad_inode(inode)=0 [ 332.775924][T32556] NEXT_ORPHAN(inode)=29447707 [ 332.789265][T32559] ext4_test_bit(bit=16, block=18) = 1 [ 332.795769][T32556] max_ino=32 [ 332.795777][T32556] i_nlink=144 [ 332.829408][T32559] is_bad_inode(inode)=0 [ 332.838286][T32559] NEXT_ORPHAN(inode)=29447707 [ 332.845417][T32559] max_ino=32 [ 332.850407][T32559] i_nlink=144 20:05:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:47 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000000)) 20:05:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe0000010}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:47 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x300, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:47 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) r0 = semget$private(0x0, 0x20000000102, 0x0) r1 = semget(0x2, 0x0, 0x24a) semtimedop(r1, &(0x7f0000000400)=[{0x2, 0xe, 0x1800}, {0x0, 0x200, 0x800}, {0x2, 0xfff, 0x800}, {0x3, 0x9}, {0x4, 0x9, 0x1800}, {0x0, 0x1000, 0x1800}], 0x6, &(0x7f0000000440)={0x77359400}) semtimedop(r0, &(0x7f0000000380)=[{0x0, 0xd3}, {0x2, 0x8, 0x800}, {0x4, 0x800, 0x800}, {0x2, 0x200, 0x1800}, {0x1, 0x7, 0x1800}], 0x5, &(0x7f00000003c0)) clone(0x100a03a00, &(0x7f0000000180)="2f0fc83d3881a8e356cab02532f2a1de05b466d374ccb986f03760ca05201c4f78e256dfa21dac31cd2e6f149e72090f8fe60d9a64eab16ed2de229c356c6600a58943c2fb405b66c413043563ce6fde03038ab039c34f22515bf0b843d5907d15122b25bb9e89745dcc6692d4041b6ead06ee4b1b5de620ecdd5f4a42c292dd4d207fe3cde3111855b201d68779946d0781bdb69fa13c382d2f22792de976c99e6e762fa412f406513d88693223375ff718fa2df7605d6249c1098e8a02ece85590139e8a555ed03bbb978d", &(0x7f0000000100), &(0x7f0000000280), &(0x7f00000002c0)="07edde37197f87bf71bc99780aa966462165ac0804434192b55ea19b24d9db426f2612f42f89e20b098a5499e5ff90934e24d019b26fa9b148fa39d8952685c816712fc5d4a92cbdf3bbe7ead1d8f3c18875f026b2bdffd001e5981d47d90918288e9f8a602198083a0ac68fd2751e0d2b4e8bcf66ffa0251061") semtimedop(r0, &(0x7f0000000340)=[{0x2, 0x80, 0x1000}, {0x1, 0x100, 0x1000}], 0x2, 0x0) semop(r0, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r0, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000001c0)) semop(r0, &(0x7f0000000080)=[{0x3, 0x1, 0x800}, {0x0, 0x2, 0x1000}, {0x2, 0x3, 0x800}, {0x2, 0x8, 0x1800}, {0x3, 0x2}], 0x5) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:47 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x48, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 333.350656][T32596] loop4: detected capacity change from 0 to 4101 [ 333.351863][T32591] loop3: detected capacity change from 0 to 4101 [ 333.366395][T32594] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.373543][T32596] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 333.388959][T32596] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 20:05:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1=0xe0000500}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 333.399326][T32596] ext4_test_bit(bit=16, block=18) = 1 [ 333.404795][T32596] is_bad_inode(inode)=0 [ 333.409041][T32596] NEXT_ORPHAN(inode)=29447707 [ 333.411391][T32607] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.413696][T32596] max_ino=32 [ 333.413703][T32596] i_nlink=144 [ 333.437258][T32591] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended 20:05:47 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x210800, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='freezer.self_freezing\x00', 0x26e1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b665770173fbd1883303b6ac4749393ad08f139a68f00"}, 0xd8) bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f00000001c0)={0x2c, r5, 0x88cea81548ac8d2f, 0x0, 0x0, {0x2}, [@ETHTOOL_A_WOL_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}}, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x40, r5, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xcbce4559b40cfa88}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40080}, 0x50) r6 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) recvmmsg(r3, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000004ac0)=""/102389, 0x18ff5}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) write$binfmt_elf64(r3, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r6], 0xc63b9e35) sendmsg$TIPC_NL_MEDIA_GET(r2, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)={0x38c, r6, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_NET={0x64, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x145fc831}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x20}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xf48}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x352}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xff}]}, @TIPC_NLA_NODE={0x27c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "8a3f9685a4eb0743af27442b60951118d51329fbd6f091a7e3cef720d24a"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ID={0xa7, 0x3, "71f536bd9455cf64a4479d3084d08267afd3fa202f4a06588d4e46f2b136f40a7cce66df2afdc6fb78871fb4a3d197984edfa88295337d69317dc046146e1714f4fcd481fc8e896eaca2c8454bd1d2a14a87c59d66ece13d66c6fb7e6a29974a314cf6fdad59570e02e962ed4f5a983b3f5eeb93159dfb960f6cf20fa89de4c953bb9e2999a5aff7ace0b70ed73ff1d2e71ebb7507f2938e3320a0455d20302a77728f"}, @TIPC_NLA_NODE_ADDR={0x0, 0x1, 0x1}, @TIPC_NLA_NODE_ID={0x7f, 0x3, "b39fbff484d0e4d2d91202e9be7686cf68358c3e9129abd549e67be721a2bac8aad2cb8649145820166692dba820ae725df6ca594d11e2c0f6529e5e11956d40c962d93d81eae737b7a09c12e1eef72e4de7a8aa8c4100be50daa7488ae04a222e10e159086e0fe88ebfc478919622f44abba57098f1fbccac5359"}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}]}, @TIPC_NLA_LINK={0x40, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0xfffffffffffffc42, 0x4, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}]}]}, 0x38c}, 0x1, 0x0, 0x0, 0x8040}, 0x4c045) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400009) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:47 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x402, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x2, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x4, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 333.471912][T32591] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 333.482386][T32591] ext4_test_bit(bit=16, block=18) = 1 [ 333.487785][T32591] is_bad_inode(inode)=0 [ 333.492452][T32591] NEXT_ORPHAN(inode)=29447707 [ 333.497136][T32591] max_ino=32 [ 333.500329][T32591] i_nlink=144 20:05:47 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4a, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x3, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) [ 333.531136][T32620] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.531690][T32621] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'. [ 333.554899][T32622] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.608535][T32636] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.609566][T32634] loop4: detected capacity change from 0 to 4101 [ 333.628743][T32637] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x4, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x4, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 333.655620][T32634] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 333.663261][T32645] loop3: detected capacity change from 0 to 4101 [ 333.671227][T32634] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 333.685548][T32634] ext4_test_bit(bit=16, block=18) = 1 [ 333.691776][T32634] is_bad_inode(inode)=0 [ 333.695972][T32634] NEXT_ORPHAN(inode)=29447707 [ 333.700640][T32634] max_ino=32 [ 333.703969][T32634] i_nlink=144 [ 333.715192][T32645] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 333.721387][T32652] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.725785][T32645] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 333.747755][T32645] ext4_test_bit(bit=16, block=18) = 1 [ 333.753216][T32645] is_bad_inode(inode)=0 [ 333.757393][T32645] NEXT_ORPHAN(inode)=29447707 [ 333.758219][T32655] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 333.762479][T32645] max_ino=32 [ 333.762487][T32645] i_nlink=144 20:05:48 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$IPC_RMID(0x0, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x5, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4c, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 334.204253][T32675] loop3: detected capacity change from 0 to 4101 [ 334.224022][T32675] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 334.233694][T32675] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 334.244211][T32675] ext4_test_bit(bit=16, block=18) = 1 [ 334.249602][T32675] is_bad_inode(inode)=0 [ 334.253764][T32675] NEXT_ORPHAN(inode)=29447707 [ 334.258460][T32675] max_ino=32 [ 334.261648][T32675] i_nlink=144 20:05:48 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0, 0x0) openat$cgroup_ro(r2, &(0x7f0000000000)='freezer.parent_freezing\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:48 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x406, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:48 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x5, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:48 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) r0 = semget$private(0x0, 0x4, 0x742) semctl$GETPID(r0, 0x0, 0xb, &(0x7f0000000100)=""/241) semop(0x0, &(0x7f0000000040)=[{}], 0x1) r1 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r1, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r1, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r1, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000001c0)) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000200)) 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x6, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x60}}, 0x0) 20:05:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x56, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0xf}}, 0x0) 20:05:48 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x6, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 334.436643][T32700] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 334.449630][T32699] loop4: detected capacity change from 0 to 4101 [ 334.453508][T32708] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 334.456430][T32702] loop3: detected capacity change from 0 to 4101 [ 334.497462][T32699] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 334.508272][T32702] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 334.517520][T32699] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 334.529881][T32699] ext4_test_bit(bit=16, block=18) = 1 20:05:48 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r2 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x980, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x10}}, 0x0) [ 334.535753][T32720] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 334.536106][T32699] is_bad_inode(inode)=0 [ 334.552090][T32702] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 334.553900][T32699] NEXT_ORPHAN(inode)=29447707 [ 334.553909][T32699] max_ino=32 [ 334.553914][T32699] i_nlink=144 [ 334.582032][T32702] ext4_test_bit(bit=16, block=18) = 1 [ 334.589882][T32702] is_bad_inode(inode)=0 20:05:48 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x5) tkill(r0, 0x36) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x10001) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x14}}, 0x0) 20:05:48 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x410, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 334.595869][T32702] NEXT_ORPHAN(inode)=29447707 [ 334.603592][T32702] max_ino=32 [ 334.609616][T32702] i_nlink=144 20:05:48 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) ioctl(r2, 0x6e3a, &(0x7f0000000000)="53ea735727003bc169424d79b77635e69f0f8992b0b479f3eb5ec36c62174a863e6dc5fa1905b3ae00faa6e530a03b399c827a5ef97e9aa0f2dd68dbec2de506c688cb70fd6fe71ec1745a1ef7f58844d848a8d208360f29dc40b2f1aff191311edc86fab3264cd2ff312be59f70d67a59eac05612179acebd7662113120bafcc59cdb439275ca0d835eeb249f2f") getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) 20:05:48 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x60, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:48 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x7, 0x3, 0xfff, 0x3, 0x0, 0x3d47, 0x1ff, 0x9]) [ 334.659799][T32735] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0xc0}}, 0x0) 20:05:48 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7, 0x1000}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000080)=[{0x0, 0x2, 0x1000}, {0x1, 0x7f3, 0x1000}, {0x0, 0x1}, {0x5, 0xfff7, 0x1000}, {0x0, 0x2, 0x1800}, {0x2, 0x400}, {0x4, 0xfffd, 0x800}], 0x7) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) [ 334.717964][T32750] loop4: detected capacity change from 0 to 4101 [ 334.753557][T32750] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:48 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x7, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 334.772937][T32750] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 334.785969][T32750] ext4_test_bit(bit=16, block=18) = 1 [ 334.794992][T32750] is_bad_inode(inode)=0 [ 334.801083][T32750] NEXT_ORPHAN(inode)=29447707 [ 334.808080][T32750] max_ino=32 [ 334.812851][T32750] i_nlink=144 20:05:48 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xeff7, 0x3000}, {0x0, 0xf203, 0x800}], 0x2, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) semop(0x0, &(0x7f0000000040)=[{}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0xec0}}, 0x0) 20:05:48 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x500, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) [ 334.819995][T32767] loop3: detected capacity change from 0 to 4101 20:05:49 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x220000, 0x100) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x7ff]}, 0x8, 0x180000) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000040)=0x3) [ 334.864388][T32767] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 334.869587][ T314] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 334.893543][T32767] EXT4-fs error (device loop3): ext4_orphan_get:1413: comm syz-executor.3: bad orphan inode 17 [ 334.914949][T32767] ext4_test_bit(bit=16, block=18) = 1 [ 334.923925][T32767] is_bad_inode(inode)=0 [ 334.930633][T32767] NEXT_ORPHAN(inode)=29447707 [ 334.935646][ T324] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x4 ref_ctr_offset(new): 0x8 [ 334.938890][T32767] max_ino=32 20:05:49 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$GETZCNT(0x0, 0x3, 0xf, &(0x7f0000000100)=""/149) r0 = semget(0x1, 0x1, 0x7ea7fa1b6f57be9c) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000000c0)=[0x7, 0x92df, 0x400]) semctl$SETALL(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000080)=[0xe7, 0x3]) semop(0x0, &(0x7f0000000040)=[{0x0, 0xdfff, 0x1800}], 0x58) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:49 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x33fe0}}, 0x0) [ 334.961933][T32767] i_nlink=144 20:05:49 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x8, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 335.006621][ T328] loop4: detected capacity change from 0 to 4101 [ 335.034958][ T328] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended 20:05:49 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x68, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000011", 0x9, 0x4e0}, {0x0, 0x0, 0x100560}, {&(0x7f00000000c0)="020000001200000022", 0x9, 0x800}, {&(0x7f0000012100)="ffff01", 0x3, 0x9000}, {&(0x7f0000012e00)="ed41000000080000d0f4655fd2f4655fd2f4655f000000000000040004", 0x1d, 0x11080}, {&(0x7f0000000b40)="ed41000000080000d2f479e40ce1985a655fd2f4655fd2f4655f00000000000002000400000000000800030004000af301000400000000000000000000000100000020000000000000000000000000000000000000000000000000000000003ad464bc000000000000000000000000000000000000000000000000ed8100001a040000d2f4655fd2f4655fd2f4655f00000000000001000400000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000831f2e05010000000000000000000000000000000000000000000000ffa1000026000000d2f4655fd2f4655fd2f4655f3a92c7a8267989ff0000000000000000010000002f746d702f73797a2d696d61676567656e38333031384ee032382f66696c65302f66696c653000000000000000000000000000000000000000000000790726b3000100000000000000000000000000000000000000000000ed8100000a000000d2f4655fd2f4655fd2f4655f00000000000001000800000000000800010000000af301000400000000000000000000889c11e4a900010000002500000000000000000000000000000000000000005d4b7afa1a6474110000000000000000000000a32dcc02210000000000000000000000000000000000000000000000ed81000028230000d2f4655fd2f4655fd2f4655f0000000000000200140000000000b0358f250800010000000af301000400000000000000000000000500000026000000000000000000000000000000000000000000000000000000008ae01bcd000000000000000000000000000000000000000000000000ed84c2d8a224ff3ec8838b6127cc85349a34621a6f69ac24279af7111a1b56c101ae2c90", 0x29d, 0x1157e}], 0x0, &(0x7f0000000080)) 20:05:49 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0xeff7}], 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000000c0)=[0x1]) r0 = semget(0x2, 0x4, 0x20) semctl$IPC_RMID(r0, 0x0, 0x0) semop(0x0, &(0x7f0000000040)=[{}], 0x1) r1 = semget$private(0x0, 0x20000000102, 0x0) semtimedop(r1, &(0x7f0000000040)=[{0x1, 0x2}, {0x1}], 0x2, 0x0) semop(r1, &(0x7f0000000140)=[{0x0, 0x4}], 0x1) semop(r1, &(0x7f0000000000)=[{}, {}], 0x2) semctl$SETALL(r1, 0x0, 0x11, &(0x7f00000001c0)) semctl$IPC_RMID(r1, 0x0, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)) 20:05:49 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="06696f202d637075202b696f202b6d656d6f7279202b7264696120"], 0x1b) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) [ 335.046120][ T328] EXT4-fs error (device loop4): ext4_orphan_get:1413: comm syz-executor.4: bad orphan inode 17 [ 335.058503][ T328] ext4_test_bit(bit=16, block=18) = 1 [ 335.064233][ T328] is_bad_inode(inode)=0 [ 335.068925][ T328] NEXT_ORPHAN(inode)=29447707 [ 335.075150][ T328] max_ino=32 [ 335.078812][ T328] i_nlink=144 20:05:49 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)={0x60, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:klogd_exec_t:s0\x00'}]}, 0x200007a0}}, 0x0) 20:05:49 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000300)=0x1f, 0x6) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x9, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 20:05:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x510, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000000000000100000001000000004000000040000020000000d2f4655fd2f4655f0100ffff