8207e8e1f15c93472b047966bd113e197e1ab0b06215d61a4a2d13ed24ec0eb110500b2704430b883cb10a51de1b2c71388d2208bbf59bb1d54730eb7d62fa71ffc213d72e9e9e0daf069646483e796a3d21cc92573a9c40759d3978ea3ad32f158ec50fbb3430d502821da7611fc993bde9107ebde48846533ac2b621a6c981ecfdfdca18808659d285be35d5337166334d0968fc4b6e3689f908c20accf3711b6470509ae6439702a98529946301be130c27febf54cd71f17c130a6a604a96d3e4ee9c7cbe85e92e0f60fb5ed914ac49772b2beed302136f7e0c78e4f9195218865f5d0bdfdfbd69a5d4f47503dd1394d17f38f9bbec32e52437ef98d88438d58690296a015387acfa91a5994d6b300e190619e862519af6889a5673ce8510951fdee17a0dfc4e66c4d93cbf3038d1bbc8b766ba35ba85e14dd70c78d5c240de327bc3edf34e0f6229884d679f64cdf2d76c5f3f6637a3c5d6fc4c3c0d0a40c15bbe3e5e7a2a3664ed0716e2666f974a3f604e8df3716e0c7d4e7faa074bde2722716a40ee6b2bce0b9d25c7e81810d7fca10ff3f300648613ab2e71c056cf3dc7aa6f0125d06dddfbf400a9194fff100cc30ea0360dcd52fae3bdc89c11bd6d76ad1d018876b3cff4e07dffcac3c2e9dae613023b3f1bc671b8b06e0bc604604ad5e9f6abf488d05f2b6de7027a8f6df64501e2953c8b730c2b4449b7e25275410484fd1a73cddcba360a4dcecd82ff43ef8dd6b2fe29deeebe178498d2a66dcf10083b6b4028e0f1f38f1dedb88c55637650a473cb4ee3e98da0dbed990005dbede51a7c6ead387c55400f795eaf35a01cb06c0444a102e5cc3ab832d4e6d5ebc95dabd2ad62b84f4db96d7a16785b720c20443494646378ca2bf2f1177fe755567481997bbe1f16cf2c8ac678846b593b3d5fdc904062fee71a88b26a07d2fbd3cf9e91f0af7b2c59f36ceb2a93e0fa59f1a99d76460b0764de3b8c38557dd51c7e42d11b105f70a244dd923fcf968df55af199dec9fe82bb0224b95cb0c0e7a4fe93889511a184b79df3df62094169a3d22564d28e81d911263aea8385e3de46dfe8362c4f24f835cfb74b65f56ead4fc3e9ba8c7539efc4907a88559167edd06c3c5cac2c293fea1cf099352c1d98fb0edb4d8eaf96fd6ad888273fc112a4b08220842124f4c8edf2b4b8f13de18514d7a0f6af43c1605bfe2883a23425d5d986c1cf8be1aba48b65781372e30fec05a1c00d7d93fb42a5b177e29abb983a63862e3072fb393cb5795c3bd2d3489ebc10aa4c2f5cfbf61347f25d0756c6d71d29209ddc0269fb4c5eb9ed806cef4f5b0325d645c68677689600673bfbffaf38b87bd3d3eb23021e57449b137294de239a71c44f278dade04c5c196056f217e836495cc59cd59bb872fa3cda24ad71e7a8f1a3fd1b254cb3296e4a9eafc0fbc8b50805c2a07a75e9ca3f7ad99392a6ece715f6038f4a08a60e5bc908d37c1bba515c507e5c6a1a6db46b3e5b4f7c4df0e2977b7862add1f04828c69d9566f382e1aadfc65efeb26b51daf2b6adc757b6a3176d1f9421200d37aa971b768ef60a01f214b48c0e077aa9bce606a1781563a039cfe96ad069cc0ffe5ac9e0b21ff4411d00265e85eed1b3af306ee01f0e8b1809e98f66e4b6dd8166f53bd8af2683d68d08f957c9513622b140fc4d06d397892d654eeee83625f4918ed46648a8ad06e5d338fe15c420c61016ef877dfbcf7ced00383753ed3e11485c1b0ad7fb52b533ed726e3e5cca7b12d49dcbb03d553812d9ad289bbcb631356444bd207141863ae25368378f30101498ee8f9a1afd72527e4bcdb7ef54154667d04778af252fc8311652ffec5d73908b98af516176abfb2b2a6cef152c827db7ff2c37214c946b2c8d19f7557fe4278acfeeff1ac5a8568d6e48381fd8963c6e88aa7c0e37aed943ac349c66efb483109c7a13ceb9e3bc8e89ee6bc2a7e52212877e9f5871a00cd5ec12aaca86cc993376e789ad1ecf8eabbfcd5bf0b759eaef017194df90bb9c2b1e842fd2b9923a68231d6db40e24cd3c5ccac8254f6eb663852222d06a5958b956fa8363ab9e180461d4424e5a7d0453673440bb85a8b8aac277c1d181edbd600b616419669a5d1b2f53a9940bfcf1633a7e545194ccc82a2b54a2dd5675d5eeec0723d81b602eb5c123fc7b84775c70b8d9dfa02530874084de2ec2d3694626597edfd63698b069ea65259c4996e40758a400e038b99cf0e28ac74997b008b0b7fff8979826cf47ec9cae1eca3e385847b266aa8ede3eb62a90eac7cfcdbe193de8ce21da080106022b4168f54d94dcd2f64d42654b8d9be40895ce1006442adaf408c98713238d6203cc803b191b854899f49b02af8336c8eddb0c8ec9af54fabe7fb742925c918cc8d95b72a828abcf4fa43d1a643945dea20367c6003981b85ac232cf0c54cd14fd3786709419421437545f73a9f8d1f513f4368f777d3ab1fd13127f24d9279ae1865ce98bd74cc6e028419add8f98f3de8a2d6a9905fabb03cf9a84561db46722383a5683eb24ddc43d49dcacfef31c19dca9726a4a957ece9df076355776d7f2d9ee4fb0697e5dbd6c0de78ee4db64c25078517d84566596f0db5b5b8e2acc92b81c71ba99a5d943bcaed8cd8b04051d0defa4f5208bb08f3196baa3671d35c4abd83a124bf9e6e5c81247207fd15d7aca7698cd8eab3fd2e2aab5f5d7163b457a0c7a0b216e97ba19355c04db12a999251924964598af4fff648f2a3a5325c7f8a0b4d5471dad32ce585d7f00e53c08d700fa4bfbd4e06ba693f19d74c5cff270cd5b828eb370241d7a27e12edc3bb445b9268d7a0554cef1eb1c1cdd6fb97eb113061e133cf81dedda7c5a03eaa93fb1170885b6e5d0e6c2d1e3d535b2b66192984227c552b583291ef93ac992d69a029283af3d421f6137d8e7e4b160d76e68271686cda1c9cf8a13993ee029fe99d46bdc0d2064efc1c6d29834aa143f0e566c7542d0ced4c9f895981375b97f6f701e82579975acfd2bc81ef7835c37f18892670175e965903f66d741f3fbfb54978f4170489578b6bc0ebaf78a6a467317041d8cc4e75f30b31b5452f6b9a0f28f11bc72bbe96e9051a15c1b5cb7bf47b7ef575cee8d4b05ea7e32bde064e4108fc87e62fe74f67b5498606e7503008d61dc5e9f28decb3dae0bef7f2968de55c090d39fbd69b778fda48d4b7e90d0083470d24202c29f495a048aaf53965d947b4fdcb5731deb77d5206cc8fb80a3728b23cf213186257513dd461d1b0464b9c958987bb98dbd77b5e82b4e07ee801e107336ace1517973b0bb72d0c6a684cb94e79e93b18f9eece1f93872567b0b74e6bdf7a359e755181351a027ddadf2b92bb0f57b3d9bc2a4548cfba5d7dcdbb799c6a27d8c7749ea4708650dfaaf7604ab0b0ca196e4b7f380a59c2eb8cbeed542e73fbafe9642d4b4938dafd2ff2c96eb6881a1e33a8e401c1e76e27db35c690f00cc5628953d1b4f2a6ee71f51c4cd376cd477e8af1c8caca521a9db16399ff8b9daba6cd56ace9d9bb8e04fc28dcb03fa99dd3a58a1ade86401b68564ae48623aac050e4523c0ae49a9586e183a0511590717daa2028eade92ec502896e5645202523c32040a9d022af6dae27898a83756fcaf611e1cc19157abae2eb06d58724db173f29a1daf1edd95a2a3392c5d74700a0a246107b6edcc85040702545deab05b1c0b99d8cb75e534c5d0faabc9bff33ae992ade27f9f736d5da840f85417de8caddf31eebb34dc7c548be66de4a2d75efbfabd871c33eed266ec20dde3bb191ca5360b4421729e48c48a765b3311ee4602fee6819a75cd827c4020d730350bb5260b7f486e5a431ec9bfd12cc77915865cbd59268e35e11e23357535d5f9e6e5a615e4f4be373e71595d67ac11f3a3a135fd59c16cd4893434a8645a4cf21776eb4999964c93cb6f86036572d5a2ebd67ee6cd575620a64f6101d6ff1e468b5f5a525a7fd0ce0a70f29e699ee1eb39313a8c99ba54240912470aeb4fb56d2048899b15f8fd7f884a413b130c7765ab48880e6a29f7f8f3947eb0a4bd746a9890363318f7a7ff97c2bf6ae149085bb5078cfac3162ad14174edd007225e06b107524ceaff205300441ea4f4dd8ede9e992488b6ad4c3ee9bcfa3c8cc875170ca6731391f993d460fa3cce38da2b5ca554359f24d963b5fac3af7542c4c7128c23e4784f68b7b4774a5d5b", 0x1000}], 0x4, &(0x7f00000014c0)=[{0xb0, 0x102, 0x7ff, "977a4bc931a0ee4dd15bfd961586c1c81a95bfe685c40054f1951dff18f92afe184abcda85ee538b9a2aa40ba4af86642672d310d50c35aa932d9a583302f24bbcc9f662e1674d5fd2b8814afd0e17447e4ea975ec8e0aea4b1a244922e9a8225638682a7e97dfff9138829410b20d0f6fe79b8f5e0af4ee14b6f37e3d9af1a08c1f9a2f2125fb2dda4a750e928e79750250f5d304db163b575b03"}, {0x108, 0x109, 0x1ff, "3a9104601955c81c566568af5ab50361697069ab9078feaf73ce114c4fdc90118bbfa566cb29d38b5f3369e93de62217cad51a48e65f5965023e2296c4dcb7c160cf77ef4f48e9bf94aa210c84bb4d76b5925ace072a22d4f39d54c0ca70cb3a9ec1d0f1fa6cb9692c82055feda08f9be80b59783084e7ecade9f7787bffa269365f35b68f9d60beb474747ecdc9cbf051721cc41ad9272bc785fda2091c8a324129db9cf49b51ccb21de9906f7867c40bb9f846b72b1b324cbab423a35cd1341fce40d85c889443058a024a5ccd20cddc5852a4571d45e6b673c9338da7d4f63d87ab038749ad21f406fef53c1bf7a4e2fb"}, {0x70, 0x118, 0x200, "64366896d62bd2e0aade8653f33031d53de97ed34b598423670f2742b51d1d7afe8dfd7e69662b19c240ea86db89b1fa251820f6e89c5ebebd523b04f0dd54d676594ae3ccc1477e2118cfe3882bf27ae444bb23e5a2c090bdd6909ccd7f"}, {0x18, 0x102, 0x2, "6f4178e77ae29f69"}, {0x60, 0x0, 0xffffa835, "7b77fa4703ae7a04ec4c917f23bbe6c323d52054d7085a39996c8a610f34f6393b915aecb068a1dad37991248486333990e296db1a1476ef6cda0a3ced632c68b2c20f66b59566b68e5b3d"}, {0x38, 0x0, 0x3, "26b5eb3ff056b2935b5046dcd04a20ac6807fd5e4906a4a90d2846da0899dd7e8a6b220336"}, {0x10, 0x5, 0x400}, {0xd0, 0x10a, 0x10001, "204dbb88cd34bfbc1dafc8b53c7ab756df693630767f0ede447c276feca1b371e7a4c60b63cc0a200aaad7f652f26b6bf62fed3833548bf9c3e230edb2b0a5e6a2fb33660b6d1e292536a16c1ed5c083fff789ad143cf84c273416962b102b4b22f320b7e2108a33c9bf2f7b96b068bb3a47026f88e70ea38961991111d9c9c2eb4ba5f78262de7d88008de1b4a6804a88e2564af5ba5502bdf6ded0a243c370e2fd9c651722daf40401aed17adbe567e9d894736970698c565352"}, {0x70, 0x17, 0x867a, "6b7bdc50146707cfce14a69c3b721e84cc173871316b2f0acb4ff693cb1ea86608179f8856ee15c74e6bda3e6874106fe034a8bad518e022ed99d42cfe891ec25b17a9e2fe8d58370a18ebcf969295cd5badfdae1de7e949426beb51"}], 0x428}, 0x0, 0x40080}, 0x65de) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) [ 1049.440617] FAULT_INJECTION: forcing a failure. [ 1049.440617] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.441886] CPU: 0 PID: 7077 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1049.442618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.443496] Call Trace: [ 1049.443809] dump_stack+0x107/0x167 [ 1049.444219] should_fail.cold+0x5/0xa [ 1049.444627] ? create_object.isra.0+0x3a/0xa20 [ 1049.445122] should_failslab+0x5/0x20 [ 1049.445530] kmem_cache_alloc+0x5b/0x310 [ 1049.445961] create_object.isra.0+0x3a/0xa20 [ 1049.446429] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.446979] kmem_cache_alloc_node+0x169/0x330 [ 1049.447470] __alloc_skb+0x6d/0x5b0 [ 1049.447872] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 1049.448418] ? ip6_mtu+0x130/0x3d0 [ 1049.448800] ? udpv6_destroy_sock+0x230/0x230 [ 1049.449288] ? lock_acquire+0x197/0x470 [ 1049.449718] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 1049.450211] ? lock_release+0x680/0x680 [ 1049.450642] ip6_append_data+0x1e7/0x330 [ 1049.451080] ? udpv6_destroy_sock+0x230/0x230 [ 1049.451556] ? udpv6_destroy_sock+0x230/0x230 [ 1049.452054] udpv6_sendmsg+0x1a45/0x2af0 [ 1049.452493] ? udpv6_destroy_sock+0x230/0x230 [ 1049.452976] ? udp_v6_push_pending_frames+0x360/0x360 [ 1049.453545] ? lock_acquire+0x197/0x470 [ 1049.453972] ? find_held_lock+0x2c/0x110 [ 1049.454413] ? __might_fault+0xd3/0x180 [ 1049.454841] ? lock_downgrade+0x6d0/0x6d0 [ 1049.455282] ? lock_downgrade+0x6d0/0x6d0 [ 1049.455747] ? sock_has_perm+0x1ea/0x280 [ 1049.456183] ? selinux_socket_post_create+0x7f0/0x7f0 [ 1049.456735] ? _copy_from_user+0xfb/0x1b0 [ 1049.457186] ? __import_iovec+0x458/0x590 [ 1049.457630] ? udp_v6_push_pending_frames+0x360/0x360 [ 1049.458193] inet6_sendmsg+0x105/0x140 [ 1049.458606] ? inet6_compat_ioctl+0x320/0x320 [ 1049.459089] __sock_sendmsg+0xf2/0x190 [ 1049.459498] ____sys_sendmsg+0x334/0x870 [ 1049.459940] ? sock_write_iter+0x3d0/0x3d0 [ 1049.460389] ? do_recvmmsg+0x6d0/0x6d0 [ 1049.460802] ? __lock_acquire+0x1657/0x5b00 [ 1049.461275] ___sys_sendmsg+0xf3/0x170 [ 1049.461686] ? sendmsg_copy_msghdr+0x160/0x160 [ 1049.462173] ? lock_downgrade+0x6d0/0x6d0 [ 1049.462615] ? lock_acquire+0x197/0x470 [ 1049.463043] ? find_held_lock+0x2c/0x110 [ 1049.463476] ? __might_fault+0xd3/0x180 [ 1049.463912] ? lock_downgrade+0x6d0/0x6d0 [ 1049.464368] __sys_sendmmsg+0x195/0x470 [ 1049.464792] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1049.465255] ? lock_downgrade+0x6d0/0x6d0 [ 1049.465707] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1049.466224] ? wait_for_completion_io+0x270/0x270 [ 1049.466741] ? rcu_read_lock_any_held+0x75/0xa0 [ 1049.467235] ? vfs_write+0x354/0xa70 [ 1049.467636] ? fput_many+0x2f/0x1a0 [ 1049.468031] ? ksys_write+0x1a9/0x260 [ 1049.468439] ? __ia32_sys_read+0xb0/0xb0 [ 1049.468875] __x64_sys_sendmmsg+0x99/0x100 [ 1049.469328] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1049.469881] do_syscall_64+0x33/0x40 [ 1049.470279] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1049.470839] RIP: 0033:0x7f714576fb19 [ 1049.471250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.473216] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1049.474021] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1049.474769] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1049.475510] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1049.476267] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1049.477018] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 20:09:05 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x321, 0x0, 0x8800000) 20:09:05 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 19) 20:09:05 executing program 2: ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001500)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'}) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000001980)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001940)={&(0x7f0000001840)={0x100, 0x13, 0x4, 0x70bd2a, 0x25dfdbfe, {0x6, 0x5c, 0x4, 0x8, {0x4e22, 0x4e23, [0xffffffff, 0x9, 0x7fff, 0x3], [0x2, 0x5, 0x1, 0x6], 0x0, [0x7ff, 0x6]}, 0x7c89, 0x9}, [@INET_DIAG_REQ_BYTECODE={0xb1, 0x1, "a2aa87d59c9b9f00a76e165e8678516bdc6c94eca59e1585a16b3ca9a44698832a2eca60d993e2080519f3a5ec86cf4a58c9434774d8c2d7a17574d4e464d4fe10b912199eb339ff041c25f886382331e00b281d94816e53c9b81fdf8250f5f4c84bde0e977af734c69d360d21205d7b18a397fe1679883a213b961dcfcb2b67bef19ccb2bce9be5848d6480ef00c8a1261cb845d192d90f6984c568a1d51d568093f09d6041aa1066f470029d"}]}, 0x100}, 0x1, 0x0, 0x0, 0x4000}, 0x40400c1) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), r1) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r2) sendmsg$NLBL_MGMT_C_REMOVE(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)={0x30, r3, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @dev}]}, 0x30}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000740), r4) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)={0x14, r6, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r2, &(0x7f0000001b00)={&(0x7f00000019c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a00)={0xa0, r6, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:public_content_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}]}, 0xa0}, 0x1, 0x0, 0x0, 0x42}, 0x4000) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r7, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$sock(r7, &(0x7f0000001780)=[{{&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000100)="ea9ba86554254807c4449e3897cc7cce29f5bcc808808c85479dbc69cece7bbcaffaa8fe6002b1271a276dafd0989f4ab0802c9684e05c7d6d364695a5990f12f8e5b2e867c0cbd2fa468e34ca065826ce34b40c93486ce7731260b73e3e5ed50f88c3eba09ffe0f7ed91488196f6e100c2272c4008319bb929d890670bebe28d50cea4586613c8bd01620ac5ebf969909027d2c681f0d1397ab78b19803d375150317fb46e28b6910cbcf2a23435a2b39be37b4a7d2b546bd2e8f4c7b20f34247d321bc7c4f74d0d39962d70fd147c8d395ae1b98f6e90c202f26c2d4dc44fad4feaa", 0xe3}, {&(0x7f0000000200)="02ed85819bbab312d97c21e52ed3e0c09a3444b613e0908418603b21103e35deffec231b35751478d4f419b3b5b1bb469e188c0c51590926f36a826abb0f935e797fa20089b4c17a5335db94939535a8d50d476108072d2635b21cfb3acb25c5f8ccb38796ec1312b66f61c08cb6f7a234fd01d59a3b4cf9bc65e1338e301247a98a7efc2962a8b3f14893b9f4de1fb66c096b3fc7cad9adf2db9061b9c695accb33317b8e21fb877e4f15e5d9f283b150b68adf", 0xb4}], 0x2, &(0x7f0000000300)=[@timestamping={{0x14, 0x1, 0x25, 0x206}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @mark={{0x14}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}], 0x90}}, {{&(0x7f00000003c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000440)="c465693ca967b666241ff2b6be34a7269db1fc5a0a6581611690132154315e0c6eea1b88141df0a03e5ace4fd0900c4d8b7e94740c71", 0x36}, {&(0x7f0000000480)="c0605634b0ee2bff78da50e779e6cd1696e84c427713d416a96b1e9e77db630236b5668b59649c391a5b9223bf4cd2b661a19b6a10fd61f8b92805e42210085956901ce0e2d5a6e702879ed1f5a10a0925e0db3faaf8419f0d3108c8c7e65b9dfb97b09fccf0283b65f831236fa1433bb754e0d1de8731d9ee986279f7a25cbdf73ea7f12a3869781134bb0a9a7735c7ce41b34e844afc19140537504073e0ccbec9ea1f80164b614ce2a0e8b86e431546e52444e39bb05a45373d37b0e404754946653cbffa2b81a1ce7c582dcce473a4e8e98e33ca5b5771c329d24370b8e3518712c3d2cb529f4e49ff2d807b857811d6f6acbe4129dc990e5fe24056afd8f202a004174e3bdcd8f9b4674fb9f77fba3db0ca0583878dd788ab97b04c7b7c312edf354f9843fbd97e4762984bda0e21136a6878dfe537f4ce6e6c9fe132018a4261369e54b474d949ac1e455e3119978c6e1bcc05f0db5c17ff73c60f54c0bbe0267a57370592f91657fb334a5016ad8ff62a1e6ff1b2ef277284594b36d7d1ecfdb6de25e83ae01cbe982b149e96881c039fbeddbfff6424477179fb37c17ec5e4e74b8520975460fff4b621a66ffdd01193a9ff1375c4f49592304b2838f4669c904d4fda78251fe52f124145be3bdef3306ff175baa39c55fba842b2be66279a3945beaa97886adece7f5b22ef850420b5fdd361f500d82c5ee8d3d6cafd57aa138304fe48aa61ae37c443dbf5ba140708930ee8999b72fdaa40d7185a060ce5aa103c48edf71332134d17719b6ee7ed13dd7535f4f83388ade4fa626a2143689bc7854dd0537ce28b5c401f8dcfd912f243ece032094d551e42a25cf179edc11f0af80569b6acff79599425eba807239d8d2c4daefe17b5ced7964d86cc131a4f8ebaa90b0e824a32d12b0198786d570db43f1ea262e601e0a8336df427a5fde67464c4c28603f63d1383055da25a048ee08d242ec85c29c7da11bfa207ae70dd84d23a786ef61805337387df8dd5377a177e28c9108798ddd26efe3dfce3d01d69d96a86ef5ea7ef72dd0a80ff19751e8442d7be9dc0bb1e416028e0b87023a1cb4935add8a0c1e4cd2be91daf219b8dae345f4480e8985f1cc8b8243b1f51c703bf8f8a6818ca2a77254bbc42ef9b18746c93bab021e6758406fbc32380abbfdf2f14843ef76108296a72734118ef26dcf062e6deb25f23e20c18119070de29407ec8b82bbdb5a4d83a21162e2ab8c6a39286dcf16244b0c5d510571a873d7236d028272c467a4e1ab2a46e9a377c932f73f29dd97deeea13042d8bdadaa3f56269b4f7eb0f04463fda4d058096c1caeb654021da8677bc4c6844c03ec8d45cc5e5201d4520585c112a286c32fdd88e4d76842a9fe07a71506a4a58cc8a8b169f00b908e6ce20c3f27005875a00828efa29d8ceab37d020eba99f8946e401c1a3a4d92b1f9cb57140e8cf25b1c903cca1debefaa26e32f130f563dd834bb2e9dd89ac84636618aba06186f4022f50c0b879793226bd13736d29e3b1e3dd29e0d61e031c248eef65d1a6f580c74435a8924025145d6a5649dcff3570cbec2b732adb390d488de92366bd01d325977971382918642b2968f67cf094282314d4c802eb7f7df0247592c737707e3f079a1ae86cc5205ab5f45f487c1cc6b102d243197c434519bc084b2b3292fc65eccde7e1429bbd45412d46e99cccc6f241b5cbc2f1cef6cedaffd0507154ecc86166628913941e34faef2ff35eb1f4804d4d6749f68292acea124c9d5202c3c623984055bea21beee7afc9f75f642c2c57e7f7f3bfec5fd2a174e3a4f10741e34b72e24ec7d3a28849638f82008ad7d321a7889edb572cf0ba736665b8d5f0b2bbc6c9680553bd0cfb43ea1a9f9f83d7d34cb99922006990cdad855078a9e3cb59fbae23aedda0dde0ad30c5f987aef0eae501f2c8edfdb51e4f2475c51de591677ad9a78a1fb9f5e1ec05ec1fe23df2775f7c30c8b3807cf653df1bc7acd718bf2c483496a6309ed699f998c2fa93ffeac7794afcf00318bcbe1dc9bbf05edea129af347c6322f878e0eb574443226c43160d65aafbc77bfbe605800ab3faf1ab08585d48cec058128ac5a561c96e7406d49c33b23ac165ae4809e298cd4b2bfde07cda3c935c0f9bd52650cadddc9e6919faa90ab58e2af22defa34465e5c3ed21d35c33e0c6e6495ec14ce8b24509b8a738c86ee518c2e0a674baaa6dbcd4abb0f5ff2306f70d6b2cc4d0b011a27b3ed166ca210d398b2cbf355a2026f984596247e272f1aca160ee992fef01f0c7cd1a9e52fcdafc3c9251ee18951e3878f4b787e0b0c28f6ce7107f1ad9a2a03144515762540e83200d8c8d677213e46c423717f6aafbda3e9069c109ff798fb4419f036638b2cbbe8e3c6ba08e43c2d7349359b96f114e6d6f069a1dfe2bbc4b0915548a6e89abafe29c46a9581769bae5b54f367e0f26f0e4f162f61533d60fc5740b44dcc6bee4cea451fc16e008760e21bd08f8d29576590d9086ff5e7e4efe41faf91e82ad1918e60158e2c742c96b50fa3d44c8fbcf5839178b6f0b572778b9e4c42b2aafa1e51aaf33a0d57ba6701a314b5c8d1a12b21099d36b9fee0a2212f9eb81b5b3e220b7ca16d374d7c5137e27246d3dfc203bf5b795bf4c53516b505507ced2c44d1544938b3631e53b3aaf6966269f6245a022d3eea36df259207d566238ddb24adf4e7537f0c9545cf70dba5cb5121a7f63f8a62c06f6eab8b9fbd13af6148ba7ec15b939b2e345e8afefc2b244d88fab6cbf0264273d34acbd368521a76cc76dbc937b5f3ae4bd24c5e3bcdeaa287f8d9ce888658b9509e01962e617eafe8b1c44c40d2aa2ec4b953b0da9a1eb0c65957ec73d13f7a9dff33d886bb9f9fbeb513477d74c775d3d2078ad76775d417a26f9033e459c053486e078b6a5380c43f6b55eba223e6afd032fd0162c92eb83c22baabf10fc0e49817b0d4ee3851ef3c85bbcf231a0b7cbebea9eed367fddc44eb8460895f4af1240de0e2731dafb67ef4e2a98fcfaa40f40733ead89e795b80dacd6907c3d7b3b9de37277d84b3e6243ec14dc7e5b60419d0a157c79692fea1d77a41f25489245922d5dd8db6aee9e463f9952c653007a441a00de432ca2b5ec968645a93ba2aa12034e42bf8c401421fd5ad7988360b52864441636e437d8af7d3cae5401db1501751c4611ec2e488d19294ffb7970024c1831589012c43d1c8505cd0ca432a18d353f74e154b6cbf3d1e968cc56ba8114869742dacb48695a57cf95d67733a84635cc38e40008f15cc340ad965c06bf193b30af35b45efc28e81854cf551579c2773a15f3f251d051667ca7d5f0048558a2381646b61b944dd6eb42f1901f06c92de5980cb82df6dd35b99eeb5c37797d91d94b6cfad5cbbf2965b6080852cb88fa5703d8b497369d275c0a3151b822abb814bed4666551145485e8481d496a64b00401fd2e1c120bd541bbf2991f58591154824518670fd93cf62e1113a651e5957007ac15f0f0cb3129117bda20dde5c16cb4695eee86b444d0497b0575bad6a6baa74e139681b8fdf2749e1e56370c0f2f79fb2407aeab85c05656f16428bb48e96c4fa59e6c29323f3f80efe91a517df8f1b8b9e46238b2d44e90098a673f4a0cb9e94792b526edd32ed0ba34576e2af2aae30c80968d444ba6382c66e6d87c21479a34407b40ecf543f6bca1abb5cf21dc000057e64f19a4909f7fd0f7c2e00ef21042a16cc9c5ae37b94fcd3f7e76a35cf54d3254f0e173fe3bf090bd59f6487e84783ecc811de387f4730555fa59108495c437596148e76c06409b3a9eb906f844f2592eacd046b78800e83555029e3a81dbf36bca51ddd6afa1ac60366738865c4180565d04d5f329b623e7c52442f9ef42cefe9da2c2a54ff716bdc157394400a7c03272c9204fa4db4713c4ec2234107efeb4f85d1c18bc3063e8656ae70be3eac24eed45d887a9576ca942bc262d98f25a8b02af77e97a239afb1e9fc0b87df9ce065f928a6cd2f0bfb3cb8361429d20204132629b2730abcf36cd8a70049711540eb0b794471fa82fb3ff0ad5b25a5e715c0146ba02e7285e2fe0f4440231b6cc4bb7398170e75901e47e5923e8be58abfbc4985a84afedf714754aaf885dfe3e8f17308e0a5b41afaaf989a67d33e27566b59972b3dd0aecc7cd356e0476e79488c0def0bc5d0ac5f3ddd6cf4cae5f87a60598133848a806b2633a9baaf2aed2d1a083f0c833e71b2af210b3a580310c407fc3baddfc7b81ace11c271bae87786c25f9acf3f70719c176d5160daa65f8d586f8b1696cee45abc4c8ed20632d9109893a180eb2dc88bcfabaec2d244afa9c8ae474ea9b50a9513eb2c4d34389e325bd2cc1f2c49b017fbd8a5429166c7f834a30dc057248aa955a862bb05633a2d83f25d63a4686e3dc45fd046c289ebf0094700dea3984d0ebfbe8762557f9ca9b8e40853af2d043afacd9e6fcbc151904fd8c87117a72c0402f8a120c2f510ed1e997c72a3fe445653e67f59295de94ccd363d6c636c22888261bd140b2735eb553aadd68707eb5a297ee126e04cecde3a1646f8f3c2e0287d4ebc9df8e50cc516bb3d0cd8715e88529069790f82502c2b213822bb8c3a575203b8f371ebefe8d5e634aaf5001d17c05f2a0bddfe5e0dab40c66b2349242b77a7ccd5a000494a4a5cdb03a6955249bae62026efc57985b5b6711c8b05e3dbf243240486ea5a157a05fd79da0bf386e7681acb415118780c87fd210e9da59c2d7f6cf54d0d79ef24d6a7f80e1ba5b6f817dba3c2f55e79b365b3e936aaa6f49462d09e856ebecad466cf8b742a52d13a721160f18b285cd4b052aff5d8ccc624f6c9164f68a1b789788f95a0239268cc491cdaf2d4f93413485bff7d60e1a12f0ae6c8da4eaec448368aaf66e66752792fcce2c9f23d05ffb0dadc591cead9596dbf14325d11a851d23d557e93d1380e1f7d487383a4c90eac6377fba7f2a5dd0d88ff58e37b519f3401dde6c686e9efec7b9c21a9325b327d01728ba3dc99eb273f617a4746ea0b9a5c9c3bdf9851f8e4ac97cba87aa993cb805f8e2700787d6490df51dce2838df4b2f44afcb8830cfd8d8c17a7ae5211b5b3dd319216b198b9d9c5b3b8e7dad797473c918039ccf97ee0479b9c9ac25ebffd4ec6f276520376f9d1e69c05f71d54e6af170f3666903325a2e3250877791ba569407ebf76bc66cf45998fbd842fa0cf8ee9a5e0c8aeca396a7d0750e65a8738d6ba2acce8012ef4124e3cf28d2660bbf057ebaea5f10f51a942b63ea80b59052e37a3f517010092125266abf5ea081489f96d57e5a6f7dd8ad583fd51811a4344fc9aa7e420bf30304d8460c3628b1f07763ffe568c5c66a24d32303897dc90654a094f195bad0086b357849785e043887a66fdf608dc4e2fbe671580f05283406f2c0815a0b572a58cd86d8164c0d858d0dcaf5318d6dda061b2091da4c6176e8085540a96b5e0ff67f79084385650b8ed5ea9e700c2c5a7c401b6832badf27a75b5abb174b6549047e4e6e52f29b393d4193c214823ade9a75011bbad8e6171a50aeb28b9c447bc9d3d4a828d66957f7533f596ded7320096b207ca0c2cc1ce2c9f321e480bbf7677f6f685bd027f46e25fe1c50fdcd2b707acb6a5e2ea59f2ab0ed03318d19dd7180181131edad489588a753f992261839d8ab380a64ca81a62c6237cdc700e1ce3874b76da00afe3788f03642d4d9a331546b8741bbe8a9c7857e12d6", 0x1000}, {&(0x7f0000001480)="0e0ebf6787f127c075bb16bc849188fda78f06d845860cc9ca565405763c7e0708cd00f67532da7f1e4405406251dfdf62921917c2dc848c400d3728c6091d62693dd13a841a6a40e35176f33f7125212a8aa4", 0x53}, {&(0x7f0000001500)}, {&(0x7f0000001540)="cb9e8950e40343fef0aebc22d784a3e4a1e179496115e1038b29e7ab0af8931cad491a985e9030fb699d39fb05082bc7e6d9df82637405f543b8f5c384143d7119bf59e50a8ace5c98e9cdf514359534e565c3b8d28535b1302c95535aa41363958b1e53bf9beb9530d93c40ad9896101d17570763e74710c2078fa2eb44414f807f1319658680b035b0ee32165db91b0539ec24705da8b24446da5fe02e76a1e45770493215fe86007d3eee4c7bee278170de23cb32c67f72f9401d18440b3ab50c87cc8d", 0xc5}, {&(0x7f0000001640)="124e6578c6ceab5fa0d4ae74f3152b6047a218081a672a49c8c2484c5555e3b7a99f4f", 0x23}], 0x6, &(0x7f0000001700)=[@txtime={{0x18, 0x1, 0x3d, 0x100000001}}, @timestamping={{0x14}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x6}}], 0x60}}], 0x2, 0x20040011) [ 1049.553505] FAULT_INJECTION: forcing a failure. [ 1049.553505] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.554752] CPU: 0 PID: 7085 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1049.555486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.556400] Call Trace: [ 1049.556696] dump_stack+0x107/0x167 [ 1049.557092] should_fail.cold+0x5/0xa [ 1049.557512] ? jbd2__journal_start+0x190/0x7e0 [ 1049.558014] should_failslab+0x5/0x20 [ 1049.558425] kmem_cache_alloc+0x5b/0x310 [ 1049.558868] jbd2__journal_start+0x190/0x7e0 [ 1049.559340] __ext4_journal_start_sb+0x214/0x390 [ 1049.559875] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1049.560451] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1049.560977] ? down_write_killable+0x180/0x180 [ 1049.561481] ext4_fallocate+0x415/0x3860 [ 1049.561921] ? __x64_sys_fallocate+0xcf/0x140 [ 1049.562410] ? lock_release+0x680/0x680 [ 1049.562853] ? ext4_ext_truncate+0x250/0x250 [ 1049.563329] ? ext4_ext_truncate+0x250/0x250 [ 1049.563816] vfs_fallocate+0x48f/0xd00 [ 1049.564246] __x64_sys_fallocate+0xcf/0x140 [ 1049.564721] do_syscall_64+0x33/0x40 [ 1049.565132] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1049.565677] RIP: 0033:0x7f6d60f48b19 [ 1049.566074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.568042] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1049.568762] Unsupported ieee802154 address type: 0 [ 1049.568851] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1049.568866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1049.571417] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1049.572186] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1049.572948] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:09:05 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 20) [ 1049.581883] FAULT_INJECTION: forcing a failure. [ 1049.581883] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.583110] CPU: 0 PID: 7090 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1049.583856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.584747] Call Trace: [ 1049.585044] dump_stack+0x107/0x167 [ 1049.585433] should_fail.cold+0x5/0xa [ 1049.585845] ? create_object.isra.0+0x3a/0xa20 [ 1049.586346] should_failslab+0x5/0x20 [ 1049.586751] kmem_cache_alloc+0x5b/0x310 [ 1049.587186] create_object.isra.0+0x3a/0xa20 [ 1049.587657] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.588230] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1049.588466] Unsupported ieee802154 address type: 0 [ 1049.588775] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 1049.588791] __alloc_skb+0xb1/0x5b0 [ 1049.588809] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 1049.591285] ? ip6_mtu+0x130/0x3d0 [ 1049.591677] ? udpv6_destroy_sock+0x230/0x230 [ 1049.592163] ? lock_acquire+0x197/0x470 [ 1049.592604] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 1049.593107] ? lock_release+0x680/0x680 [ 1049.593537] ip6_append_data+0x1e7/0x330 [ 1049.593975] ? udpv6_destroy_sock+0x230/0x230 [ 1049.594451] ? udpv6_destroy_sock+0x230/0x230 [ 1049.594933] udpv6_sendmsg+0x1a45/0x2af0 [ 1049.595364] ? udpv6_destroy_sock+0x230/0x230 [ 1049.595857] ? udp_v6_push_pending_frames+0x360/0x360 [ 1049.596414] ? lock_acquire+0x197/0x470 [ 1049.596842] ? find_held_lock+0x2c/0x110 [ 1049.597272] ? __might_fault+0xd3/0x180 [ 1049.597701] ? lock_downgrade+0x6d0/0x6d0 [ 1049.598145] ? lock_downgrade+0x6d0/0x6d0 [ 1049.598596] ? sock_has_perm+0x1ea/0x280 [ 1049.599033] ? selinux_socket_post_create+0x7f0/0x7f0 [ 1049.599590] ? _copy_from_user+0xfb/0x1b0 [ 1049.600058] ? __import_iovec+0x458/0x590 [ 1049.600504] ? udp_v6_push_pending_frames+0x360/0x360 [ 1049.601047] inet6_sendmsg+0x105/0x140 [ 1049.601470] ? inet6_compat_ioctl+0x320/0x320 [ 1049.601947] __sock_sendmsg+0xf2/0x190 [ 1049.602368] ____sys_sendmsg+0x334/0x870 [ 1049.602808] ? sock_write_iter+0x3d0/0x3d0 [ 1049.603263] ? do_recvmmsg+0x6d0/0x6d0 [ 1049.603691] ? __lock_acquire+0x1657/0x5b00 [ 1049.604153] ___sys_sendmsg+0xf3/0x170 [ 1049.604570] ? sendmsg_copy_msghdr+0x160/0x160 [ 1049.605062] ? lock_downgrade+0x6d0/0x6d0 [ 1049.605505] ? lock_acquire+0x197/0x470 [ 1049.605932] ? find_held_lock+0x2c/0x110 [ 1049.606361] ? __might_fault+0xd3/0x180 [ 1049.606786] ? lock_downgrade+0x6d0/0x6d0 [ 1049.607234] __sys_sendmmsg+0x195/0x470 [ 1049.607663] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1049.608130] ? lock_downgrade+0x6d0/0x6d0 [ 1049.608577] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1049.609093] ? wait_for_completion_io+0x270/0x270 [ 1049.609602] ? rcu_read_lock_any_held+0x75/0xa0 [ 1049.610104] ? vfs_write+0x354/0xa70 [ 1049.610500] ? fput_many+0x2f/0x1a0 [ 1049.610890] ? ksys_write+0x1a9/0x260 [ 1049.611295] ? __ia32_sys_read+0xb0/0xb0 [ 1049.611734] __x64_sys_sendmmsg+0x99/0x100 [ 1049.612183] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1049.612727] do_syscall_64+0x33/0x40 [ 1049.613123] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1049.613656] RIP: 0033:0x7f714576fb19 [ 1049.614059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.616009] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1049.616811] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1049.617559] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1049.618310] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1049.619063] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1049.619818] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 20:09:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0xa, 0x0, 0x4022812, r0, 0x0) 20:09:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) 20:09:06 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0302}}}, 0x14) setsockopt$WPAN_WANTACK(r0, 0x0, 0x0, &(0x7f0000000040), 0x4) 20:09:06 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x500, 0x0, 0x8800000) 20:09:06 executing program 1: io_uring_enter(0xffffffffffffffff, 0x136d, 0x7907, 0xa05412346562ac18, &(0x7f0000000040)={[0x10000]}, 0x8) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0xd, 0xdb7b) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0202}}}, 0x5) 20:09:06 executing program 2: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0xb) [ 1049.667929] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1049.669637] ref_ctr increment failed for inode: 0x3e75 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000734ef98e 20:09:06 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 20) 20:09:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) [ 1049.721206] Unsupported ieee802154 address type: 0 [ 1049.744176] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1049.745932] ref_ctr increment failed for inode: 0x3e75 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000734ef98e [ 1049.770405] FAULT_INJECTION: forcing a failure. [ 1049.770405] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.771817] CPU: 0 PID: 7112 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1049.772559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.773437] Call Trace: [ 1049.773721] dump_stack+0x107/0x167 [ 1049.774113] should_fail.cold+0x5/0xa [ 1049.774523] ? create_object.isra.0+0x3a/0xa20 [ 1049.775024] should_failslab+0x5/0x20 [ 1049.775429] kmem_cache_alloc+0x5b/0x310 [ 1049.775880] ? lock_chain_count+0x20/0x20 [ 1049.776333] create_object.isra.0+0x3a/0xa20 [ 1049.776826] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.777372] __kmalloc+0x16e/0x390 [ 1049.777759] ext4_find_extent+0xa3d/0xd30 [ 1049.778207] ext4_ext_map_blocks+0x1c8/0x5850 [ 1049.778702] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1049.779256] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1049.779844] ? ext4_ext_release+0x10/0x10 [ 1049.780293] ? ext4_map_blocks+0x5e0/0x1940 [ 1049.780759] ? lock_release+0x680/0x680 [ 1049.781184] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1049.781685] ? lock_downgrade+0x6d0/0x6d0 [ 1049.782146] ? down_write+0xe0/0x160 [ 1049.782544] ? down_write_killable+0x180/0x180 [ 1049.783034] ext4_map_blocks+0x652/0x1940 [ 1049.783481] ? kmem_cache_alloc+0x2a6/0x310 [ 1049.783952] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1049.784440] ? jbd2__journal_start+0xf3/0x7e0 [ 1049.784923] ? __ext4_journal_start_sb+0x214/0x390 [ 1049.785442] ? __ext4_journal_start_sb+0x1db/0x390 [ 1049.785971] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1049.786537] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1049.787056] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1049.787638] ext4_fallocate+0x415/0x3860 [ 1049.788088] ? __x64_sys_fallocate+0xcf/0x140 [ 1049.788577] ? lock_release+0x680/0x680 [ 1049.789012] ? ext4_ext_truncate+0x250/0x250 [ 1049.789485] ? ext4_ext_truncate+0x250/0x250 [ 1049.789954] vfs_fallocate+0x48f/0xd00 [ 1049.790376] __x64_sys_fallocate+0xcf/0x140 [ 1049.790838] do_syscall_64+0x33/0x40 [ 1049.791235] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1049.791787] RIP: 0033:0x7f6d60f48b19 [ 1049.792190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.794110] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1049.794915] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1049.795677] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1049.796441] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1049.797193] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1049.797952] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:09:19 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 21) 20:09:19 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 21) 20:09:19 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) 20:09:19 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x600, 0x0, 0x8800000) 20:09:19 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f0000000040), &(0x7f00000000c0)=0x4) connect$802154_dgram(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x2, 0xaaa0}}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) r4 = dup2(r0, r2) bind$802154_dgram(r4, &(0x7f00000002c0)={0x24, @short={0x2, 0x1, 0x555f}}, 0x14) execveat(r3, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000140)='.-*\x00'], &(0x7f0000000280)=[&(0x7f00000001c0)='H\x00', &(0x7f0000000200)='^@\r\x00', &(0x7f0000000240)='%0##\x00'], 0x800) 20:09:19 executing program 2: kexec_load(0x89c, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) kexec_load(0xffffffffffffffb1, 0x8, &(0x7f0000000880)=[{&(0x7f00000002c0)="3a33984d26a625016cdc3ca902ebf0b0db634164bac347ea7ebbbd4868efd967537a5e2fb3dccf36f54a29cf61430b948e3649a51512e26c900bf07806f04013c82b1ebc8846f5425198ef8c45945890ee90c3d09deb5d37a37fc5562bda237685a1206a8718dcef3d9a99353250f0fa50b99c8fe7fe6d053c9e137dbd49fd9d1f", 0x81, 0xffffffff, 0x4}, {&(0x7f0000000380)="cc6c5df2be1afa554a2b4877cec59a408653eb6c077f0d2675adf169255978f9d6cf763018a89adc914c7709f0fb2acd98cd06f8caa30fc4b4c0f2ff08e535568e4a41c16077bb415578831c9453a9bb791775dbeac7b40ec78135b6606780fc4397ba74a95ccc5dc5595da9731baf6684db7ef375a253e2ea3062120892dee6d7480a79a9451e8e9ad03f0e86c0b68c6c44a16bbe19193d7940e3627d9ea687e946f75e0909144effee48e21aaa2fadc7d59f71b5661246df08b2fdb2c0c22009dea8c1daf68ff76b560ebf57e6acff779138e53e99c3705c72c2f482fe7c6494400af062b60d741dadf8fe1dcbc3dd", 0xf0, 0x3, 0x21f}, {&(0x7f0000000480)="d6796aa3f258687e8f19027624b4704c767f4fef8939", 0x16, 0x80000000, 0x7ff}, {&(0x7f00000004c0)="e9d22c4ee0b55fdeefc473764daae93307f27f7a47381a61d2021d6b18de5ef3133a6d35bc233be87320e7cc9aada65400e98a75f0a75126b5c1dd31f55d1dd0a7b3edd126de8a9872af5fdb43ad4c51e35a0769e7c3405fc6e5de62156ab5751657395c45983808e3ac626b6ac27198d642c805398c7c9ff96366ee31cb9eaac35bdbbad7f606814c63210d37db597eb182525bb8fb536c0bd1b57927c2bd58b6b21d9031c23e7ad5a4ad0d7da24412410f009db4f9d8324a6959d19daf53f47a4af85c0a5bdb2e7f3debed55cce8ba691f1592dcaa12f822ce7e0fcf72d726d4e14b9b3fe464b153bde9", 0xeb, 0x6, 0x9}, {&(0x7f0000000980)="530e1441b5e1cf103e7f4d0a327fe2ceb0cd87315eda4992e2a20b545a442acff2fa7725f7c46648fba3cf97d97de74d75b8754fc06769b5fd64cedd138942e6c32f5cda24d898060b99121be3e0bf1bf0c8f47a5b1eb748498ad8", 0x5b, 0x4, 0x1000}, {&(0x7f0000000640)="247d698cf4e3fa343b494fc20fabfae370ad", 0x12, 0x8, 0x200}, {&(0x7f0000000680)="b40432f94efd095bb21098334c0c2267494079948b0fe982582bbce2b3e31e51cf95cd280e4fb0201158fddf27801cfd0341b0ce5906007b62245083688294e5c5adbdbb862e8f378538e6b90b1fe53ee151bfb3946436d54b3e3eac1ee372d79cc347c373346491caf3f512cdfe2cd6a51148db3bf4917a4896616414800a11f535f4a807a4e830db691365faedb559604823bee6cda3db5591a55085aec36f899dd204c261ce62d8c8f11743e8d40d56d337d858f451518eb0ba9c8c2639d20ca755cd4d6c2c8cb80a789fa951a3278890442ea6a07aed0dddccfbf4a0777ab734325c0576a2c9a6b2bfb8314275029b452b6fe9063c1b14", 0xf9, 0x3, 0x4}, {&(0x7f0000000780)="acef23214cedfe58f9957c67a009041b83c3eeb0acd8c559117e01808519e82d825d36c70cf09e6c418f26cb9e2079282f77367460701fe2bd899686b278570708b64b98b36a08fde6d3ec56565e8300838b671bb424314a20f950b1dc8c151b8e4e3b2cdccd8ba1cd2c1b4d301b75c916ceec5fe537ffc6c84625ee94fec8fbf9cb2653b8c26c061221fdac55077604a9a459e1080eb47cbecc8a64ac55c26eb643d7feb68311e23b73038f574406f21a543d7975d1eabf9652b847e57ca81923f43435b53f037886933dc604dbb86abe12f188e0c71eba558a20b36508dd4e612583499edb64fe", 0xe8, 0x9}], 0x150000) 20:09:19 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @short}, 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) setsockopt$WPAN_SECURITY_LEVEL(r2, 0x0, 0x2, &(0x7f0000000040)=0xffffffffffffffff, 0x4) 20:09:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x63, 0x0, 0x4022812, r0, 0x0) [ 1063.595278] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1063.597043] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000075bf34b9 [ 1063.605719] FAULT_INJECTION: forcing a failure. [ 1063.605719] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.606618] Unsupported ieee802154 address type: 0 [ 1063.608117] CPU: 1 PID: 7136 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1063.610391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1063.612026] Call Trace: [ 1063.612549] dump_stack+0x107/0x167 [ 1063.613288] should_fail.cold+0x5/0xa [ 1063.614117] ? create_object.isra.0+0x3a/0xa20 [ 1063.615140] should_failslab+0x5/0x20 [ 1063.615499] Unsupported ieee802154 address type: 0 [ 1063.615916] kmem_cache_alloc+0x5b/0x310 [ 1063.615950] create_object.isra.0+0x3a/0xa20 [ 1063.618577] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1063.619609] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1063.620629] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 1063.621670] __alloc_skb+0xb1/0x5b0 [ 1063.622403] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 1063.623439] ? ip6_mtu+0x130/0x3d0 [ 1063.624152] ? udpv6_destroy_sock+0x230/0x230 [ 1063.625074] ? lock_acquire+0x197/0x470 [ 1063.625861] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 1063.626807] ? lock_release+0x680/0x680 [ 1063.627594] ip6_append_data+0x1e7/0x330 [ 1063.628438] ? udpv6_destroy_sock+0x230/0x230 [ 1063.629323] ? udpv6_destroy_sock+0x230/0x230 [ 1063.630236] udpv6_sendmsg+0x1a45/0x2af0 [ 1063.631076] ? udpv6_destroy_sock+0x230/0x230 [ 1063.631982] ? udp_v6_push_pending_frames+0x360/0x360 [ 1063.633040] ? lock_acquire+0x197/0x470 [ 1063.633842] ? find_held_lock+0x2c/0x110 [ 1063.634645] ? __might_fault+0xd3/0x180 [ 1063.635459] ? lock_downgrade+0x6d0/0x6d0 [ 1063.636310] ? lock_downgrade+0x6d0/0x6d0 [ 1063.637169] ? sock_has_perm+0x1ea/0x280 [ 1063.637969] ? selinux_socket_post_create+0x7f0/0x7f0 [ 1063.639018] ? _copy_from_user+0xfb/0x1b0 [ 1063.639867] ? __import_iovec+0x458/0x590 [ 1063.640713] ? udp_v6_push_pending_frames+0x360/0x360 [ 1063.641757] inet6_sendmsg+0x105/0x140 [ 1063.642563] ? inet6_compat_ioctl+0x320/0x320 [ 1063.643446] __sock_sendmsg+0xf2/0x190 [ 1063.644241] ____sys_sendmsg+0x334/0x870 [ 1063.645043] ? sock_write_iter+0x3d0/0x3d0 [ 1063.645906] ? do_recvmmsg+0x6d0/0x6d0 [ 1063.646687] ? __lock_acquire+0x1657/0x5b00 [ 1063.647586] ___sys_sendmsg+0xf3/0x170 [ 1063.648374] ? sendmsg_copy_msghdr+0x160/0x160 [ 1063.649301] ? lock_downgrade+0x6d0/0x6d0 [ 1063.650121] ? lock_acquire+0x197/0x470 [ 1063.650964] ? find_held_lock+0x2c/0x110 [ 1063.651788] ? __might_fault+0xd3/0x180 [ 1063.652600] ? lock_downgrade+0x6d0/0x6d0 [ 1063.653457] __sys_sendmmsg+0x195/0x470 [ 1063.654264] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1063.655133] ? lock_downgrade+0x6d0/0x6d0 [ 1063.655996] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1063.656671] Unsupported ieee802154 address type: 0 [ 1063.656967] ? wait_for_completion_io+0x270/0x270 [ 1063.656989] ? rcu_read_lock_any_held+0x75/0xa0 [ 1063.657014] ? vfs_write+0x354/0xa70 [ 1063.660604] ? fput_many+0x2f/0x1a0 [ 1063.661336] ? ksys_write+0x1a9/0x260 [ 1063.662103] ? __ia32_sys_read+0xb0/0xb0 [ 1063.662928] __x64_sys_sendmmsg+0x99/0x100 [ 1063.663779] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1063.664826] do_syscall_64+0x33/0x40 [ 1063.665579] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1063.666611] RIP: 0033:0x7f714576fb19 20:09:20 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xa01, 0x0, 0x8800000) [ 1063.667362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1063.672139] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1063.673959] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1063.675654] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1063.677357] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1063.679052] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1063.680712] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1063.694048] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1063.695649] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000075bf34b9 20:09:20 executing program 2: kexec_load(0x89c, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) kexec_load(0xffffffffffffffb1, 0x8, &(0x7f0000000880)=[{&(0x7f00000002c0)="3a33984d26a625016cdc3ca902ebf0b0db634164bac347ea7ebbbd4868efd967537a5e2fb3dccf36f54a29cf61430b948e3649a51512e26c900bf07806f04013c82b1ebc8846f5425198ef8c45945890ee90c3d09deb5d37a37fc5562bda237685a1206a8718dcef3d9a99353250f0fa50b99c8fe7fe6d053c9e137dbd49fd9d1f", 0x81, 0xffffffff, 0x4}, {&(0x7f0000000380)="cc6c5df2be1afa554a2b4877cec59a408653eb6c077f0d2675adf169255978f9d6cf763018a89adc914c7709f0fb2acd98cd06f8caa30fc4b4c0f2ff08e535568e4a41c16077bb415578831c9453a9bb791775dbeac7b40ec78135b6606780fc4397ba74a95ccc5dc5595da9731baf6684db7ef375a253e2ea3062120892dee6d7480a79a9451e8e9ad03f0e86c0b68c6c44a16bbe19193d7940e3627d9ea687e946f75e0909144effee48e21aaa2fadc7d59f71b5661246df08b2fdb2c0c22009dea8c1daf68ff76b560ebf57e6acff779138e53e99c3705c72c2f482fe7c6494400af062b60d741dadf8fe1dcbc3dd", 0xf0, 0x3, 0x21f}, {&(0x7f0000000480)="d6796aa3f258687e8f19027624b4704c767f4fef8939", 0x16, 0x80000000, 0x7ff}, {&(0x7f00000004c0)="e9d22c4ee0b55fdeefc473764daae93307f27f7a47381a61d2021d6b18de5ef3133a6d35bc233be87320e7cc9aada65400e98a75f0a75126b5c1dd31f55d1dd0a7b3edd126de8a9872af5fdb43ad4c51e35a0769e7c3405fc6e5de62156ab5751657395c45983808e3ac626b6ac27198d642c805398c7c9ff96366ee31cb9eaac35bdbbad7f606814c63210d37db597eb182525bb8fb536c0bd1b57927c2bd58b6b21d9031c23e7ad5a4ad0d7da24412410f009db4f9d8324a6959d19daf53f47a4af85c0a5bdb2e7f3debed55cce8ba691f1592dcaa12f822ce7e0fcf72d726d4e14b9b3fe464b153bde9", 0xeb, 0x6, 0x9}, {&(0x7f0000000980)="530e1441b5e1cf103e7f4d0a327fe2ceb0cd87315eda4992e2a20b545a442acff2fa7725f7c46648fba3cf97d97de74d75b8754fc06769b5fd64cedd138942e6c32f5cda24d898060b99121be3e0bf1bf0c8f47a5b1eb748498ad8", 0x5b, 0x4, 0x1000}, {&(0x7f0000000640)="247d698cf4e3fa343b494fc20fabfae370ad", 0x12, 0x8, 0x200}, {&(0x7f0000000680)="b40432f94efd095bb21098334c0c2267494079948b0fe982582bbce2b3e31e51cf95cd280e4fb0201158fddf27801cfd0341b0ce5906007b62245083688294e5c5adbdbb862e8f378538e6b90b1fe53ee151bfb3946436d54b3e3eac1ee372d79cc347c373346491caf3f512cdfe2cd6a51148db3bf4917a4896616414800a11f535f4a807a4e830db691365faedb559604823bee6cda3db5591a55085aec36f899dd204c261ce62d8c8f11743e8d40d56d337d858f451518eb0ba9c8c2639d20ca755cd4d6c2c8cb80a789fa951a3278890442ea6a07aed0dddccfbf4a0777ab734325c0576a2c9a6b2bfb8314275029b452b6fe9063c1b14", 0xf9, 0x3, 0x4}, {&(0x7f0000000780)="acef23214cedfe58f9957c67a009041b83c3eeb0acd8c559117e01808519e82d825d36c70cf09e6c418f26cb9e2079282f77367460701fe2bd899686b278570708b64b98b36a08fde6d3ec56565e8300838b671bb424314a20f950b1dc8c151b8e4e3b2cdccd8ba1cd2c1b4d301b75c916ceec5fe537ffc6c84625ee94fec8fbf9cb2653b8c26c061221fdac55077604a9a459e1080eb47cbecc8a64ac55c26eb643d7feb68311e23b73038f574406f21a543d7975d1eabf9652b847e57ca81923f43435b53f037886933dc604dbb86abe12f188e0c71eba558a20b36508dd4e612583499edb64fe", 0xe8, 0x9}], 0x150000) 20:09:20 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) connect$802154_dgram(r2, &(0x7f0000000100)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) recvmsg$unix(r2, &(0x7f0000001200)={&(0x7f0000000000), 0x6e, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/20, 0x14}, {&(0x7f0000000100)}, {&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/69, 0x45}], 0x4}, 0x0) [ 1063.781168] Unsupported ieee802154 address type: 0 [ 1063.787189] FAULT_INJECTION: forcing a failure. [ 1063.787189] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.790495] CPU: 0 PID: 7132 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1063.791915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1063.793631] Call Trace: [ 1063.794170] dump_stack+0x107/0x167 [ 1063.794917] should_fail.cold+0x5/0xa [ 1063.795689] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1063.796620] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1063.797552] should_failslab+0x5/0x20 [ 1063.798323] kmem_cache_alloc+0x5b/0x310 [ 1063.799153] ext4_mb_new_blocks+0x64d/0x45b0 [ 1063.800082] ? trace_hardirqs_on+0x5b/0x180 [ 1063.800962] ? ext4_cache_extents+0x148/0x2d0 [ 1063.801871] ? ext4_discard_preallocations+0xd80/0xd80 [ 1063.802938] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1063.803920] ext4_ext_map_blocks+0x1d68/0x5850 [ 1063.804868] ? lock_chain_count+0x20/0x20 [ 1063.805712] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1063.806622] ? _raw_spin_unlock_irq+0x27/0x30 [ 1063.807532] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1063.808448] ? finish_task_switch+0x126/0x5d0 [ 1063.809352] ? ext4_ext_release+0x10/0x10 [ 1063.810198] ? ext4_map_blocks+0x5e0/0x1940 [ 1063.811085] ? mark_held_locks+0x9e/0xe0 [ 1063.811930] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1063.812987] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1063.814077] ? trace_hardirqs_on+0x5b/0x180 [ 1063.814980] ? down_write+0xe0/0x160 [ 1063.815743] ext4_map_blocks+0x652/0x1940 [ 1063.816603] ? kmem_cache_alloc+0x2a6/0x310 [ 1063.817483] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1063.818404] ? jbd2__journal_start+0xf3/0x7e0 [ 1063.819324] ? __ext4_journal_start_sb+0x214/0x390 [ 1063.820372] ? __ext4_journal_start_sb+0x1db/0x390 [ 1063.821377] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1063.822459] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1063.823452] ? down_write_killable+0x180/0x180 [ 1063.824401] ext4_fallocate+0x415/0x3860 [ 1063.825217] ? __x64_sys_fallocate+0xcf/0x140 [ 1063.826136] ? lock_release+0x680/0x680 [ 1063.826955] ? ext4_ext_truncate+0x250/0x250 [ 1063.827864] ? ext4_ext_truncate+0x250/0x250 [ 1063.828773] vfs_fallocate+0x48f/0xd00 [ 1063.829585] __x64_sys_fallocate+0xcf/0x140 [ 1063.830472] do_syscall_64+0x33/0x40 [ 1063.830529] Unsupported ieee802154 address type: 0 [ 1063.831223] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1063.831236] RIP: 0033:0x7f6d60f48b19 [ 1063.831256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1063.831275] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1063.839331] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1063.840791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1063.842240] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1063.843682] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1063.845152] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:09:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) 20:09:32 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 22) 20:09:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0xa00, 0x0, 0x4022812, r0, 0x0) 20:09:32 executing program 2: kexec_load(0x89c, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) kexec_load(0xffffffffffffffb1, 0x8, &(0x7f0000000880)=[{&(0x7f00000002c0)="3a33984d26a625016cdc3ca902ebf0b0db634164bac347ea7ebbbd4868efd967537a5e2fb3dccf36f54a29cf61430b948e3649a51512e26c900bf07806f04013c82b1ebc8846f5425198ef8c45945890ee90c3d09deb5d37a37fc5562bda237685a1206a8718dcef3d9a99353250f0fa50b99c8fe7fe6d053c9e137dbd49fd9d1f", 0x81, 0xffffffff, 0x4}, {&(0x7f0000000380)="cc6c5df2be1afa554a2b4877cec59a408653eb6c077f0d2675adf169255978f9d6cf763018a89adc914c7709f0fb2acd98cd06f8caa30fc4b4c0f2ff08e535568e4a41c16077bb415578831c9453a9bb791775dbeac7b40ec78135b6606780fc4397ba74a95ccc5dc5595da9731baf6684db7ef375a253e2ea3062120892dee6d7480a79a9451e8e9ad03f0e86c0b68c6c44a16bbe19193d7940e3627d9ea687e946f75e0909144effee48e21aaa2fadc7d59f71b5661246df08b2fdb2c0c22009dea8c1daf68ff76b560ebf57e6acff779138e53e99c3705c72c2f482fe7c6494400af062b60d741dadf8fe1dcbc3dd", 0xf0, 0x3, 0x21f}, {&(0x7f0000000480)="d6796aa3f258687e8f19027624b4704c767f4fef8939", 0x16, 0x80000000, 0x7ff}, {&(0x7f00000004c0)="e9d22c4ee0b55fdeefc473764daae93307f27f7a47381a61d2021d6b18de5ef3133a6d35bc233be87320e7cc9aada65400e98a75f0a75126b5c1dd31f55d1dd0a7b3edd126de8a9872af5fdb43ad4c51e35a0769e7c3405fc6e5de62156ab5751657395c45983808e3ac626b6ac27198d642c805398c7c9ff96366ee31cb9eaac35bdbbad7f606814c63210d37db597eb182525bb8fb536c0bd1b57927c2bd58b6b21d9031c23e7ad5a4ad0d7da24412410f009db4f9d8324a6959d19daf53f47a4af85c0a5bdb2e7f3debed55cce8ba691f1592dcaa12f822ce7e0fcf72d726d4e14b9b3fe464b153bde9", 0xeb, 0x6, 0x9}, {&(0x7f0000000980)="530e1441b5e1cf103e7f4d0a327fe2ceb0cd87315eda4992e2a20b545a442acff2fa7725f7c46648fba3cf97d97de74d75b8754fc06769b5fd64cedd138942e6c32f5cda24d898060b99121be3e0bf1bf0c8f47a5b1eb748498ad8", 0x5b, 0x4, 0x1000}, {&(0x7f0000000640)="247d698cf4e3fa343b494fc20fabfae370ad", 0x12, 0x8, 0x200}, {&(0x7f0000000680)="b40432f94efd095bb21098334c0c2267494079948b0fe982582bbce2b3e31e51cf95cd280e4fb0201158fddf27801cfd0341b0ce5906007b62245083688294e5c5adbdbb862e8f378538e6b90b1fe53ee151bfb3946436d54b3e3eac1ee372d79cc347c373346491caf3f512cdfe2cd6a51148db3bf4917a4896616414800a11f535f4a807a4e830db691365faedb559604823bee6cda3db5591a55085aec36f899dd204c261ce62d8c8f11743e8d40d56d337d858f451518eb0ba9c8c2639d20ca755cd4d6c2c8cb80a789fa951a3278890442ea6a07aed0dddccfbf4a0777ab734325c0576a2c9a6b2bfb8314275029b452b6fe9063c1b14", 0xf9, 0x3, 0x4}, {&(0x7f0000000780)="acef23214cedfe58f9957c67a009041b83c3eeb0acd8c559117e01808519e82d825d36c70cf09e6c418f26cb9e2079282f77367460701fe2bd899686b278570708b64b98b36a08fde6d3ec56565e8300838b671bb424314a20f950b1dc8c151b8e4e3b2cdccd8ba1cd2c1b4d301b75c916ceec5fe537ffc6c84625ee94fec8fbf9cb2653b8c26c061221fdac55077604a9a459e1080eb47cbecc8a64ac55c26eb643d7feb68311e23b73038f574406f21a543d7975d1eabf9652b847e57ca81923f43435b53f037886933dc604dbb86abe12f188e0c71eba558a20b36508dd4e612583499edb64fe", 0xe8, 0x9}], 0x150000) 20:09:32 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) 20:09:32 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 22) 20:09:32 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xb01, 0x0, 0x8800000) 20:09:32 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f0000000040), &(0x7f00000000c0)=0x4) connect$802154_dgram(r0, &(0x7f0000000300)={0x24, @short={0x2, 0x2, 0xaaa0}}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) r4 = dup2(r0, r2) bind$802154_dgram(r4, &(0x7f00000002c0)={0x24, @short={0x2, 0x1, 0x555f}}, 0x14) execveat(r3, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000140)='.-*\x00'], &(0x7f0000000280)=[&(0x7f00000001c0)='H\x00', &(0x7f0000000200)='^@\r\x00', &(0x7f0000000240)='%0##\x00'], 0x800) 20:09:32 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x66, 0x0, 0x40, 0x0, 0x0, 0x7dc3, 0x8380, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0xffffffff, 0x0, @perf_config_ext={0xff, 0x2}, 0x2804, 0x2, 0x401, 0xb, 0x4, 0x8, 0x20, 0x0, 0xfffffff9, 0x0, 0x941}, 0xffffffffffffffff, 0xb, r3, 0x2) dup2(r0, r1) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) connect$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0202}}}, 0x14) [ 1076.372607] FAULT_INJECTION: forcing a failure. [ 1076.372607] name failslab, interval 1, probability 0, space 0, times 0 [ 1076.373882] CPU: 0 PID: 7168 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1076.374623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1076.375534] Call Trace: [ 1076.375822] dump_stack+0x107/0x167 [ 1076.376231] should_fail.cold+0x5/0xa [ 1076.376653] ? create_object.isra.0+0x3a/0xa20 [ 1076.377136] should_failslab+0x5/0x20 [ 1076.377554] kmem_cache_alloc+0x5b/0x310 [ 1076.377996] create_object.isra.0+0x3a/0xa20 [ 1076.378467] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1076.379028] kmem_cache_alloc+0x159/0x310 [ 1076.379471] ext4_mb_new_blocks+0x64d/0x45b0 [ 1076.379568] Unsupported ieee802154 address type: 0 [ 1076.379964] ? trace_hardirqs_on+0x5b/0x180 [ 1076.379995] ? ext4_cache_extents+0x148/0x2d0 [ 1076.380016] ? ext4_discard_preallocations+0xd80/0xd80 [ 1076.382558] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1076.383086] ext4_ext_map_blocks+0x1d68/0x5850 [ 1076.383603] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1076.384183] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1076.384770] ? ext4_ext_release+0x10/0x10 [ 1076.385240] ? ext4_map_blocks+0x5e0/0x1940 [ 1076.385726] ? lock_release+0x680/0x680 [ 1076.386170] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1076.386697] ? lock_downgrade+0x6d0/0x6d0 [ 1076.387171] ? down_write_killable+0x180/0x180 [ 1076.387678] ext4_map_blocks+0x652/0x1940 [ 1076.388154] ? kmem_cache_alloc+0x2a6/0x310 [ 1076.388646] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1076.389150] ? jbd2__journal_start+0xf3/0x7e0 [ 1076.389645] ? __ext4_journal_start_sb+0x214/0x390 [ 1076.390193] ? __ext4_journal_start_sb+0x1db/0x390 [ 1076.390741] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1076.391336] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1076.391875] ? down_write_killable+0x180/0x180 [ 1076.392442] ext4_fallocate+0x415/0x3860 [ 1076.392889] ? __x64_sys_fallocate+0xcf/0x140 [ 1076.393370] Unsupported ieee802154 address type: 0 [ 1076.393914] ? lock_release+0x680/0x680 [ 1076.394361] ? ext4_ext_truncate+0x250/0x250 [ 1076.394851] ? ext4_ext_truncate+0x250/0x250 [ 1076.395335] vfs_fallocate+0x48f/0xd00 [ 1076.395773] __x64_sys_fallocate+0xcf/0x140 [ 1076.396267] do_syscall_64+0x33/0x40 [ 1076.396696] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1076.397271] RIP: 0033:0x7f6d60f48b19 [ 1076.397679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1076.399740] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1076.400618] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1076.401382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1076.402168] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.402969] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1076.403717] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1076.411948] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1076.412011] FAULT_INJECTION: forcing a failure. [ 1076.412011] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1076.412880] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000045cedc6f [ 1076.415193] CPU: 1 PID: 7167 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1076.416890] Unsupported ieee802154 address type: 0 [ 1076.417669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1076.417676] Call Trace: [ 1076.417702] dump_stack+0x107/0x167 [ 1076.421361] should_fail.cold+0x5/0xa [ 1076.422022] Unsupported ieee802154 address type: 0 [ 1076.422147] _copy_from_iter_full+0x201/0xa60 [ 1076.423673] ? __virt_addr_valid+0x128/0x350 [ 1076.424586] ? __check_object_size+0x319/0x440 [ 1076.425517] udplite_getfrag+0x4e/0x90 [ 1076.426307] __ip6_append_data.isra.0+0x1ebc/0x3a70 [ 1076.427323] ? ip6_mtu+0x130/0x3d0 [ 1076.428049] ? udpv6_destroy_sock+0x230/0x230 [ 1076.428963] ? lock_acquire+0x197/0x470 [ 1076.429766] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 1076.430703] ? lock_release+0x680/0x680 [ 1076.431519] ip6_append_data+0x1e7/0x330 [ 1076.432358] ? udpv6_destroy_sock+0x230/0x230 [ 1076.433269] ? udpv6_destroy_sock+0x230/0x230 [ 1076.434188] udpv6_sendmsg+0x1a45/0x2af0 [ 1076.435023] ? udpv6_destroy_sock+0x230/0x230 [ 1076.435948] ? udp_v6_push_pending_frames+0x360/0x360 [ 1076.437018] ? lock_acquire+0x197/0x470 [ 1076.437832] ? find_held_lock+0x2c/0x110 [ 1076.438674] ? __might_fault+0xd3/0x180 [ 1076.439491] ? lock_downgrade+0x6d0/0x6d0 [ 1076.440374] ? lock_downgrade+0x6d0/0x6d0 [ 1076.441230] ? sock_has_perm+0x1ea/0x280 [ 1076.442066] ? selinux_socket_post_create+0x7f0/0x7f0 [ 1076.443134] ? _copy_from_user+0xfb/0x1b0 [ 1076.444003] ? __import_iovec+0x458/0x590 [ 1076.444857] ? udp_v6_push_pending_frames+0x360/0x360 [ 1076.445912] inet6_sendmsg+0x105/0x140 [ 1076.446700] ? inet6_compat_ioctl+0x320/0x320 [ 1076.447612] __sock_sendmsg+0xf2/0x190 [ 1076.448412] ____sys_sendmsg+0x334/0x870 [ 1076.449241] ? sock_write_iter+0x3d0/0x3d0 [ 1076.450098] ? do_recvmmsg+0x6d0/0x6d0 [ 1076.450886] ? find_held_lock+0x2c/0x110 [ 1076.451727] ___sys_sendmsg+0xf3/0x170 [ 1076.452536] ? sendmsg_copy_msghdr+0x160/0x160 [ 1076.453463] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1076.454528] ? trace_hardirqs_on+0x5b/0x180 [ 1076.455397] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1076.456329] ? finish_task_switch+0x126/0x5d0 [ 1076.457225] ? finish_task_switch+0xef/0x5d0 [ 1076.458124] ? __switch_to+0x572/0xf70 [ 1076.458913] ? __switch_to_asm+0x3a/0x60 [ 1076.459723] ? __switch_to_asm+0x34/0x60 [ 1076.460562] ? __schedule+0x82c/0x1ea0 [ 1076.461353] ? io_schedule_timeout+0x140/0x140 [ 1076.462285] __sys_sendmmsg+0x195/0x470 [ 1076.463095] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1076.463960] ? lock_downgrade+0x6d0/0x6d0 [ 1076.464824] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1076.465795] ? wait_for_completion_io+0x270/0x270 [ 1076.466784] ? rcu_read_lock_any_held+0x75/0xa0 [ 1076.467716] ? vfs_write+0x354/0xa70 [ 1076.468498] ? fput_many+0x2f/0x1a0 [ 1076.469241] ? ksys_write+0x1a9/0x260 [ 1076.470022] ? __ia32_sys_read+0xb0/0xb0 [ 1076.470865] __x64_sys_sendmmsg+0x99/0x100 [ 1076.471731] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1076.472798] do_syscall_64+0x33/0x40 [ 1076.473554] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1076.474599] RIP: 0033:0x7f714576fb19 [ 1076.475363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1076.479098] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1076.480644] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1076.482076] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1076.483506] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.484942] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1076.486371] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1076.516395] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1076.517330] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000045cedc6f [ 1076.523365] Unsupported ieee802154 address type: 0 20:09:32 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 23) 20:09:32 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) sendto(r0, &(0x7f0000000000)="914364907b627c9e", 0x8, 0x0, 0x0, 0x0) 20:09:32 executing program 2: kexec_load(0x89c, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:09:32 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xc00, 0x0, 0x8800000) [ 1076.537742] FAULT_INJECTION: forcing a failure. [ 1076.537742] name failslab, interval 1, probability 0, space 0, times 0 [ 1076.539341] CPU: 0 PID: 7179 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1076.540066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1076.540944] Call Trace: [ 1076.541229] dump_stack+0x107/0x167 [ 1076.541626] should_fail.cold+0x5/0xa [ 1076.542031] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1076.542530] should_failslab+0x5/0x20 [ 1076.542932] kmem_cache_alloc+0x5b/0x310 [ 1076.543380] ext4_mb_new_blocks+0x209f/0x45b0 [ 1076.543868] ? trace_hardirqs_on+0x5b/0x180 [ 1076.544349] ? ext4_cache_extents+0x148/0x2d0 [ 1076.544825] ? ext4_discard_preallocations+0xd80/0xd80 [ 1076.545381] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1076.545892] ext4_ext_map_blocks+0x1d68/0x5850 [ 1076.546386] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1076.546942] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1076.547514] ? ext4_ext_release+0x10/0x10 [ 1076.547976] ? ext4_map_blocks+0x5e0/0x1940 [ 1076.548455] ? lock_release+0x680/0x680 [ 1076.548893] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1076.549408] ? lock_downgrade+0x6d0/0x6d0 [ 1076.549875] ? down_write_killable+0x180/0x180 [ 1076.550383] ext4_map_blocks+0x652/0x1940 [ 1076.550834] ? kmem_cache_alloc+0x2a6/0x310 [ 1076.551309] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1076.551806] ? jbd2__journal_start+0xf3/0x7e0 [ 1076.552115] Unsupported ieee802154 address type: 0 [ 1076.552320] ? __ext4_journal_start_sb+0x214/0x390 [ 1076.553849] ? __ext4_journal_start_sb+0x1db/0x390 [ 1076.554404] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1076.554988] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1076.555528] ? down_write_killable+0x180/0x180 [ 1076.556052] ext4_fallocate+0x415/0x3860 [ 1076.556500] ? __x64_sys_fallocate+0xcf/0x140 [ 1076.556997] ? lock_release+0x680/0x680 [ 1076.557435] ? ext4_ext_truncate+0x250/0x250 [ 1076.557923] ? ext4_ext_truncate+0x250/0x250 [ 1076.558406] vfs_fallocate+0x48f/0xd00 [ 1076.558839] __x64_sys_fallocate+0xcf/0x140 [ 1076.559318] do_syscall_64+0x33/0x40 [ 1076.559732] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1076.560302] RIP: 0033:0x7f6d60f48b19 [ 1076.560714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1076.562739] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1076.563578] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1076.564361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1076.565150] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.565937] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1076.566701] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:09:32 executing program 2: kexec_load(0x89c, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) 20:09:32 executing program 7: epoll_create(0xa21) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @none={0x0, 0x1}}, 0x14) 20:09:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r2, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x16c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0xeaa2d76ee3793931, 0x30, 0x4, 0x6, 0x16, 0x4, 0x4, 0x2, 0x5, 0x4, 0x1b, 0x41]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x6c, 0x5c, 0x60, 0x3]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x2}, {0x6, 0x3}, {0x7}, {0x6, 0xa}, {0x5, 0x8}, {0x1}, {0x1, 0x7}, {0x7, 0x7}, {0x1, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x3, 0x6}, {0x1, 0x7}, {0x1, 0x5}, {0x5}, {0x3, 0x7}, {0x4, 0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x5}, {0x5, 0x5}, {0x7, 0xa}, {0x0, 0x6}, {0x4, 0x3}, {0x1, 0x9}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x8}, {0x0, 0x6}, {0x4}, {0x7, 0x9}, {0x3, 0x8}, {0x5, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x6}, {0x0, 0x2}, {0x1, 0x5}, {0x2, 0x4}, {0x4, 0x6}, {0x6, 0xa}, {0x1, 0x8}, {0x0, 0x9}, {0x6, 0x5}, {0x6, 0x8}, {0x1, 0x8}, {0x2, 0x5}, {0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x2, 0x3}, {0x6}, {0x1, 0x9}, {0x7, 0x7}, {0x4, 0x9}, {0x2, 0x5}, {0x7, 0x1}, {0x2, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0x1}, {0x0, 0x2}, {0x0, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x1, 0xa}, {0x1, 0x5}, {0x4, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x2}, {0x6, 0x1}, {}, {0x7, 0x2}, {0x7, 0x1}, {0x1, 0x7}, {0x4, 0xa}, {0x1, 0x9}, {0x7, 0xa}, {0x1, 0x5}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x1, 0x5}, {0x4, 0x3}, {0x4, 0x5}, {0x3, 0x1}, {0x3, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x0, 0x8}, {0x0, 0x8}, {0x4, 0x7}, {0x1, 0x2}, {0x6, 0x7}, {0x4, 0x7}, {0x2, 0x9}, {0x3, 0x5}, {0x3, 0x9}, {0x5, 0x2}, {0x3, 0xa}, {0x0, 0x1f}, {0x2, 0xa}, {0x7, 0x3}, {0x1}, {0x5}, {0x1, 0x3}, {0x6, 0x9}, {0x5, 0x7}, {0x6, 0x3}, {0x3, 0x4}, {0x5, 0x9}, {0x6, 0x1}, {0x0, 0x9}, {0x0, 0x2}, {0x7, 0xa}, {0x1, 0x8}, {0x1, 0x7}, {}, {0x0, 0x3}, {0x3, 0x5}, {0x4, 0x4}, {0x5, 0x9}, {0x5, 0x8}, {0x2, 0x2}, {0x2, 0x2}, {0x0, 0x6}, {0x2, 0x2}, {0x2, 0x2}, {0x5, 0x6}, {0x1, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xb8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0xc, 0x6, 0x24, 0xc, 0xc, 0x30, 0x2, 0x60, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x80, 0x100, 0x3f, 0x9, 0x9, 0x4, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x51, 0x2, [{0x7, 0xc}, {0x2, 0x8}, {0x2, 0xa}, {0x5, 0x8}, {0x0, 0x4}, {0x4, 0x4}, {0x7, 0x5}, {0x3, 0x3}, {0x6, 0x1}, {0x5, 0x2}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x6}, {0x3, 0x8}, {0x0, 0x8}, {0x1, 0x5}, {0x4, 0x2}, {0x6}, {0x0, 0x1}, {0x6, 0x3}, {0x6, 0xa}, {0x2}, {0x0, 0x2}, {0x3, 0x3}, {0x4, 0xa}, {0x7}, {0x0, 0x2}, {0x5, 0x5}, {0x2, 0x2}, {0x5, 0x2}, {0x1, 0x8}, {0x4, 0x6}, {0x0, 0x4}, {0x5, 0x6}, {0x1, 0x9}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x7}, {0x4, 0x3}, {0x0, 0x7}, {0x6, 0x2}, {0x4, 0x8}, {0x1, 0x5}, {0x2, 0x9}, {0x0, 0x2}, {0x0, 0x8}, {0x2, 0x5}, {0x4, 0x8}, {0x0, 0x4}, {0x0, 0x8}, {0x2, 0x5}, {0x2, 0x9}, {0x7}, {0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x7}, {0x1, 0x3}, {0x6, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x3, 0x5}, {0x0, 0x5}, {0x3, 0x6}, {0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x6, 0x8}, {0x0, 0x7}, {0x7, 0xa}, {0x1}, {0x0, 0x6}, {0x5, 0x7}, {0x7, 0x2}, {0x7, 0x9}]}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x7, 0x3}, {0x4, 0x7}, {0x1, 0x6}, {0x6, 0x5}, {0x5, 0x6}, {0x0, 0x8}, {0x0, 0x4}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x6}, {0x4, 0x7}, {0x7, 0xa}, {0x5, 0x7}, {0x4}, {0x2, 0x3}, {0x3, 0x8}, {0x0, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xb6, 0x7, 0x40, 0x401, 0x6, 0x81]}}]}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40}, 0x0) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r4, &(0x7f0000000000)={0x24, @short}, 0x14) 20:09:32 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) 20:09:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x2000, 0x0, 0x4022812, r0, 0x0) [ 1076.688104] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1076.689768] ref_ctr increment failed for inode: 0x3e85 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b9474556 [ 1076.715575] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1076.716823] ref_ctr increment failed for inode: 0x3e85 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b9474556 20:09:44 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xd00, 0x0, 0x8800000) 20:09:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x2300, 0x0, 0x4022812, r0, 0x0) 20:09:44 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 24) 20:09:44 executing program 2: kexec_load(0x89c, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) 20:09:44 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) getsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000040), &(0x7f00000000c0)=0x4) 20:09:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r2, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x16c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0xeaa2d76ee3793931, 0x30, 0x4, 0x6, 0x16, 0x4, 0x4, 0x2, 0x5, 0x4, 0x1b, 0x41]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x6c, 0x5c, 0x60, 0x3]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x2}, {0x6, 0x3}, {0x7}, {0x6, 0xa}, {0x5, 0x8}, {0x1}, {0x1, 0x7}, {0x7, 0x7}, {0x1, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x3, 0x6}, {0x1, 0x7}, {0x1, 0x5}, {0x5}, {0x3, 0x7}, {0x4, 0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x5}, {0x5, 0x5}, {0x7, 0xa}, {0x0, 0x6}, {0x4, 0x3}, {0x1, 0x9}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x8}, {0x0, 0x6}, {0x4}, {0x7, 0x9}, {0x3, 0x8}, {0x5, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x6}, {0x0, 0x2}, {0x1, 0x5}, {0x2, 0x4}, {0x4, 0x6}, {0x6, 0xa}, {0x1, 0x8}, {0x0, 0x9}, {0x6, 0x5}, {0x6, 0x8}, {0x1, 0x8}, {0x2, 0x5}, {0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x2, 0x3}, {0x6}, {0x1, 0x9}, {0x7, 0x7}, {0x4, 0x9}, {0x2, 0x5}, {0x7, 0x1}, {0x2, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0x1}, {0x0, 0x2}, {0x0, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x1, 0xa}, {0x1, 0x5}, {0x4, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x2}, {0x6, 0x1}, {}, {0x7, 0x2}, {0x7, 0x1}, {0x1, 0x7}, {0x4, 0xa}, {0x1, 0x9}, {0x7, 0xa}, {0x1, 0x5}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x1, 0x5}, {0x4, 0x3}, {0x4, 0x5}, {0x3, 0x1}, {0x3, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x0, 0x8}, {0x0, 0x8}, {0x4, 0x7}, {0x1, 0x2}, {0x6, 0x7}, {0x4, 0x7}, {0x2, 0x9}, {0x3, 0x5}, {0x3, 0x9}, {0x5, 0x2}, {0x3, 0xa}, {0x0, 0x1f}, {0x2, 0xa}, {0x7, 0x3}, {0x1}, {0x5}, {0x1, 0x3}, {0x6, 0x9}, {0x5, 0x7}, {0x6, 0x3}, {0x3, 0x4}, {0x5, 0x9}, {0x6, 0x1}, {0x0, 0x9}, {0x0, 0x2}, {0x7, 0xa}, {0x1, 0x8}, {0x1, 0x7}, {}, {0x0, 0x3}, {0x3, 0x5}, {0x4, 0x4}, {0x5, 0x9}, {0x5, 0x8}, {0x2, 0x2}, {0x2, 0x2}, {0x0, 0x6}, {0x2, 0x2}, {0x2, 0x2}, {0x5, 0x6}, {0x1, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xb8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0xc, 0x6, 0x24, 0xc, 0xc, 0x30, 0x2, 0x60, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x80, 0x100, 0x3f, 0x9, 0x9, 0x4, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x51, 0x2, [{0x7, 0xc}, {0x2, 0x8}, {0x2, 0xa}, {0x5, 0x8}, {0x0, 0x4}, {0x4, 0x4}, {0x7, 0x5}, {0x3, 0x3}, {0x6, 0x1}, {0x5, 0x2}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x6}, {0x3, 0x8}, {0x0, 0x8}, {0x1, 0x5}, {0x4, 0x2}, {0x6}, {0x0, 0x1}, {0x6, 0x3}, {0x6, 0xa}, {0x2}, {0x0, 0x2}, {0x3, 0x3}, {0x4, 0xa}, {0x7}, {0x0, 0x2}, {0x5, 0x5}, {0x2, 0x2}, {0x5, 0x2}, {0x1, 0x8}, {0x4, 0x6}, {0x0, 0x4}, {0x5, 0x6}, {0x1, 0x9}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x7}, {0x4, 0x3}, {0x0, 0x7}, {0x6, 0x2}, {0x4, 0x8}, {0x1, 0x5}, {0x2, 0x9}, {0x0, 0x2}, {0x0, 0x8}, {0x2, 0x5}, {0x4, 0x8}, {0x0, 0x4}, {0x0, 0x8}, {0x2, 0x5}, {0x2, 0x9}, {0x7}, {0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x7}, {0x1, 0x3}, {0x6, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x3, 0x5}, {0x0, 0x5}, {0x3, 0x6}, {0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x6, 0x8}, {0x0, 0x7}, {0x7, 0xa}, {0x1}, {0x0, 0x6}, {0x5, 0x7}, {0x7, 0x2}, {0x7, 0x9}]}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x7, 0x3}, {0x4, 0x7}, {0x1, 0x6}, {0x6, 0x5}, {0x5, 0x6}, {0x0, 0x8}, {0x0, 0x4}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x6}, {0x4, 0x7}, {0x7, 0xa}, {0x5, 0x7}, {0x4}, {0x2, 0x3}, {0x3, 0x8}, {0x0, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xb6, 0x7, 0x40, 0x401, 0x6, 0x81]}}]}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40}, 0x0) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r4, &(0x7f0000000000)={0x24, @short}, 0x14) 20:09:44 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 23) 20:09:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) [ 1088.306256] FAULT_INJECTION: forcing a failure. [ 1088.306256] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.307533] CPU: 1 PID: 7212 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1088.308290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1088.309208] Call Trace: [ 1088.309501] dump_stack+0x107/0x167 [ 1088.309906] should_fail.cold+0x5/0xa [ 1088.310325] ? create_object.isra.0+0x3a/0xa20 [ 1088.310836] should_failslab+0x5/0x20 [ 1088.311251] kmem_cache_alloc+0x5b/0x310 [ 1088.311698] create_object.isra.0+0x3a/0xa20 [ 1088.312185] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1088.312748] kmem_cache_alloc+0x159/0x310 [ 1088.313216] ext4_mb_new_blocks+0x209f/0x45b0 [ 1088.313709] ? trace_hardirqs_on+0x5b/0x180 [ 1088.314187] ? ext4_cache_extents+0x148/0x2d0 [ 1088.314681] ? ext4_discard_preallocations+0xd80/0xd80 [ 1088.315249] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1088.315764] ext4_ext_map_blocks+0x1d68/0x5850 [ 1088.316277] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1088.316841] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1088.317404] ? ext4_ext_release+0x10/0x10 [ 1088.317873] ? ext4_map_blocks+0x5e0/0x1940 [ 1088.318358] ? lock_release+0x680/0x680 [ 1088.318808] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1088.319333] ? lock_downgrade+0x6d0/0x6d0 [ 1088.319819] ? down_write_killable+0x180/0x180 [ 1088.320351] ext4_map_blocks+0x652/0x1940 [ 1088.320824] ? kmem_cache_alloc+0x2a6/0x310 [ 1088.321311] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1088.321808] ? jbd2__journal_start+0xf3/0x7e0 [ 1088.322317] ? __ext4_journal_start_sb+0x214/0x390 [ 1088.322872] ? __ext4_journal_start_sb+0x1db/0x390 [ 1088.323426] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1088.323998] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1088.324551] ? down_write_killable+0x180/0x180 [ 1088.325075] ext4_fallocate+0x415/0x3860 [ 1088.325533] ? __x64_sys_fallocate+0xcf/0x140 [ 1088.326039] ? lock_release+0x680/0x680 [ 1088.326489] ? ext4_ext_truncate+0x250/0x250 [ 1088.326994] ? ext4_ext_truncate+0x250/0x250 [ 1088.327491] vfs_fallocate+0x48f/0xd00 [ 1088.327937] __x64_sys_fallocate+0xcf/0x140 [ 1088.328447] do_syscall_64+0x33/0x40 [ 1088.328875] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1088.329428] RIP: 0033:0x7f6d60f48b19 [ 1088.329857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.331951] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1088.332828] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1088.333645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1088.334415] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1088.335216] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1088.335987] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1088.341421] Unsupported ieee802154 address type: 0 [ 1088.344396] Unsupported ieee802154 address type: 0 [ 1088.355044] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1088.356819] ref_ctr increment failed for inode: 0x3e78 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000037a60a5b [ 1088.361250] FAULT_INJECTION: forcing a failure. [ 1088.361250] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1088.363645] CPU: 0 PID: 7222 Comm: syz-executor.6 Not tainted 5.10.204 #1 20:09:44 executing program 2: kexec_load(0x0, 0x3, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}, {&(0x7f0000000180)="93bb3160811c7a98fd6624cfd28ee930fd5a4d1dd5b1126390c167d1ad5c88155bf92d6fed10c6260d42a291ac5f86288020dfe665571809be2829fd3566fbad31a449dd4ba1a4b832d8030a72d0c2173cf9fe73c3b008b929e65e0c1a657b05683b6a46660331999763c3b9f1b54dd780995ad88cdb9950cbc91ec01bfee1ceba54e02d7a3f316521f01ca0bdb88d416900a36f9054", 0x96, 0x9, 0x9}], 0x3e0000) [ 1088.365054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1088.366818] Call Trace: [ 1088.367349] dump_stack+0x107/0x167 [ 1088.368089] should_fail.cold+0x5/0xa [ 1088.368873] _copy_from_user+0x2e/0x1b0 [ 1088.369673] iovec_from_user+0x141/0x400 [ 1088.370490] __import_iovec+0x67/0x590 [ 1088.371267] ? __ia32_sys_shutdown+0x80/0x80 [ 1088.372158] import_iovec+0x83/0xb0 [ 1088.372914] sendmsg_copy_msghdr+0x131/0x160 [ 1088.373817] ? do_recvmmsg+0x6d0/0x6d0 [ 1088.374629] ? __lock_acquire+0x1657/0x5b00 [ 1088.375527] ___sys_sendmsg+0xc6/0x170 [ 1088.376336] ? sendmsg_copy_msghdr+0x160/0x160 [ 1088.377270] ? lock_downgrade+0x6d0/0x6d0 [ 1088.378120] ? lock_acquire+0x197/0x470 [ 1088.378942] ? find_held_lock+0x2c/0x110 [ 1088.379785] ? __might_fault+0xd3/0x180 [ 1088.380606] ? lock_downgrade+0x6d0/0x6d0 [ 1088.381468] __sys_sendmmsg+0x195/0x470 [ 1088.382291] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1088.383174] ? lock_downgrade+0x6d0/0x6d0 [ 1088.384048] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1088.385048] ? wait_for_completion_io+0x270/0x270 [ 1088.386042] ? rcu_read_lock_any_held+0x75/0xa0 [ 1088.387000] ? vfs_write+0x354/0xa70 [ 1088.387768] ? fput_many+0x2f/0x1a0 [ 1088.388530] ? ksys_write+0x1a9/0x260 [ 1088.389321] ? __ia32_sys_read+0xb0/0xb0 [ 1088.390164] __x64_sys_sendmmsg+0x99/0x100 [ 1088.391033] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1088.392099] do_syscall_64+0x33/0x40 [ 1088.392871] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1088.393917] RIP: 0033:0x7f714576fb19 [ 1088.394679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.398484] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1088.400204] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1088.401652] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1088.403117] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1088.404587] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1088.406051] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 20:09:44 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 25) 20:09:44 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000140)='.pending_reads\x00', 0x40000, 0x8) connect$802154_dgram(r1, &(0x7f0000000180)={0x24, @short={0x2, 0x2, 0x1}}, 0x14) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r2, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f00000000c0)={{r2}, 0x7, &(0x7f0000000040)=[0x78, 0x8, 0x0, 0x1, 0x7, 0xd9a, 0x6ab], 0x40, 0x1, [0x31, 0x9, 0x135, 0x8001]}) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @none={0x0, 0x2}}, 0x14) [ 1088.421095] FAULT_INJECTION: forcing a failure. [ 1088.421095] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.422418] CPU: 1 PID: 7227 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1088.423181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1088.424096] Call Trace: [ 1088.424411] dump_stack+0x107/0x167 [ 1088.424819] should_fail.cold+0x5/0xa [ 1088.425242] ? jbd2__journal_start+0x190/0x7e0 [ 1088.425746] should_failslab+0x5/0x20 [ 1088.426171] kmem_cache_alloc+0x5b/0x310 [ 1088.426619] jbd2__journal_start+0x190/0x7e0 [ 1088.427110] __ext4_journal_start_sb+0x214/0x390 [ 1088.427633] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1088.428241] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1088.428777] ? down_write_killable+0x180/0x180 [ 1088.429285] ext4_fallocate+0x415/0x3860 [ 1088.429735] ? __x64_sys_fallocate+0xcf/0x140 [ 1088.430234] ? lock_release+0x680/0x680 [ 1088.430670] ? ext4_ext_truncate+0x250/0x250 [ 1088.431175] ? ext4_ext_truncate+0x250/0x250 [ 1088.431657] vfs_fallocate+0x48f/0xd00 [ 1088.432100] __x64_sys_fallocate+0xcf/0x140 [ 1088.432586] do_syscall_64+0x33/0x40 [ 1088.432993] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1088.433549] RIP: 0033:0x7f6d60f48b19 [ 1088.433948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.435980] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1088.436825] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1088.437608] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1088.438388] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1088.439155] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1088.439925] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1088.453557] Unsupported ieee802154 address type: 0 20:09:44 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x3e0000) [ 1088.459526] Unsupported ieee802154 address type: 0 [ 1088.463512] Unsupported ieee802154 address type: 0 20:09:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r2, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x16c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0xeaa2d76ee3793931, 0x30, 0x4, 0x6, 0x16, 0x4, 0x4, 0x2, 0x5, 0x4, 0x1b, 0x41]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x6c, 0x5c, 0x60, 0x3]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x2}, {0x6, 0x3}, {0x7}, {0x6, 0xa}, {0x5, 0x8}, {0x1}, {0x1, 0x7}, {0x7, 0x7}, {0x1, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x3, 0x6}, {0x1, 0x7}, {0x1, 0x5}, {0x5}, {0x3, 0x7}, {0x4, 0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x5}, {0x5, 0x5}, {0x7, 0xa}, {0x0, 0x6}, {0x4, 0x3}, {0x1, 0x9}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x8}, {0x0, 0x6}, {0x4}, {0x7, 0x9}, {0x3, 0x8}, {0x5, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x6}, {0x0, 0x2}, {0x1, 0x5}, {0x2, 0x4}, {0x4, 0x6}, {0x6, 0xa}, {0x1, 0x8}, {0x0, 0x9}, {0x6, 0x5}, {0x6, 0x8}, {0x1, 0x8}, {0x2, 0x5}, {0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x2, 0x3}, {0x6}, {0x1, 0x9}, {0x7, 0x7}, {0x4, 0x9}, {0x2, 0x5}, {0x7, 0x1}, {0x2, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0x1}, {0x0, 0x2}, {0x0, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x1, 0xa}, {0x1, 0x5}, {0x4, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x2}, {0x6, 0x1}, {}, {0x7, 0x2}, {0x7, 0x1}, {0x1, 0x7}, {0x4, 0xa}, {0x1, 0x9}, {0x7, 0xa}, {0x1, 0x5}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x1, 0x5}, {0x4, 0x3}, {0x4, 0x5}, {0x3, 0x1}, {0x3, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x0, 0x8}, {0x0, 0x8}, {0x4, 0x7}, {0x1, 0x2}, {0x6, 0x7}, {0x4, 0x7}, {0x2, 0x9}, {0x3, 0x5}, {0x3, 0x9}, {0x5, 0x2}, {0x3, 0xa}, {0x0, 0x1f}, {0x2, 0xa}, {0x7, 0x3}, {0x1}, {0x5}, {0x1, 0x3}, {0x6, 0x9}, {0x5, 0x7}, {0x6, 0x3}, {0x3, 0x4}, {0x5, 0x9}, {0x6, 0x1}, {0x0, 0x9}, {0x0, 0x2}, {0x7, 0xa}, {0x1, 0x8}, {0x1, 0x7}, {}, {0x0, 0x3}, {0x3, 0x5}, {0x4, 0x4}, {0x5, 0x9}, {0x5, 0x8}, {0x2, 0x2}, {0x2, 0x2}, {0x0, 0x6}, {0x2, 0x2}, {0x2, 0x2}, {0x5, 0x6}, {0x1, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xb8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0xc, 0x6, 0x24, 0xc, 0xc, 0x30, 0x2, 0x60, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x80, 0x100, 0x3f, 0x9, 0x9, 0x4, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x51, 0x2, [{0x7, 0xc}, {0x2, 0x8}, {0x2, 0xa}, {0x5, 0x8}, {0x0, 0x4}, {0x4, 0x4}, {0x7, 0x5}, {0x3, 0x3}, {0x6, 0x1}, {0x5, 0x2}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x6}, {0x3, 0x8}, {0x0, 0x8}, {0x1, 0x5}, {0x4, 0x2}, {0x6}, {0x0, 0x1}, {0x6, 0x3}, {0x6, 0xa}, {0x2}, {0x0, 0x2}, {0x3, 0x3}, {0x4, 0xa}, {0x7}, {0x0, 0x2}, {0x5, 0x5}, {0x2, 0x2}, {0x5, 0x2}, {0x1, 0x8}, {0x4, 0x6}, {0x0, 0x4}, {0x5, 0x6}, {0x1, 0x9}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x7}, {0x4, 0x3}, {0x0, 0x7}, {0x6, 0x2}, {0x4, 0x8}, {0x1, 0x5}, {0x2, 0x9}, {0x0, 0x2}, {0x0, 0x8}, {0x2, 0x5}, {0x4, 0x8}, {0x0, 0x4}, {0x0, 0x8}, {0x2, 0x5}, {0x2, 0x9}, {0x7}, {0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x7}, {0x1, 0x3}, {0x6, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x3, 0x5}, {0x0, 0x5}, {0x3, 0x6}, {0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x6, 0x8}, {0x0, 0x7}, {0x7, 0xa}, {0x1}, {0x0, 0x6}, {0x5, 0x7}, {0x7, 0x2}, {0x7, 0x9}]}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x7, 0x3}, {0x4, 0x7}, {0x1, 0x6}, {0x6, 0x5}, {0x5, 0x6}, {0x0, 0x8}, {0x0, 0x4}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x6}, {0x4, 0x7}, {0x7, 0xa}, {0x5, 0x7}, {0x4}, {0x2, 0x3}, {0x3, 0x8}, {0x0, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xb6, 0x7, 0x40, 0x401, 0x6, 0x81]}}]}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40}, 0x0) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r4, &(0x7f0000000000)={0x24, @short}, 0x14) [ 1088.479296] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1088.481120] ref_ctr increment failed for inode: 0x3e78 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000037a60a5b 20:09:44 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x1200, 0x0, 0x8800000) 20:09:58 executing program 7: msgget$private(0x0, 0x48b) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:09:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x2500, 0x0, 0x4022812, r0, 0x0) 20:09:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 24) 20:09:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x17ff, 0x0, 0x8800000) 20:09:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r2, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x16c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0xeaa2d76ee3793931, 0x30, 0x4, 0x6, 0x16, 0x4, 0x4, 0x2, 0x5, 0x4, 0x1b, 0x41]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x6c, 0x5c, 0x60, 0x3]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x2}, {0x6, 0x3}, {0x7}, {0x6, 0xa}, {0x5, 0x8}, {0x1}, {0x1, 0x7}, {0x7, 0x7}, {0x1, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x3, 0x6}, {0x1, 0x7}, {0x1, 0x5}, {0x5}, {0x3, 0x7}, {0x4, 0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x5}, {0x5, 0x5}, {0x7, 0xa}, {0x0, 0x6}, {0x4, 0x3}, {0x1, 0x9}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x8}, {0x0, 0x6}, {0x4}, {0x7, 0x9}, {0x3, 0x8}, {0x5, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x6}, {0x0, 0x2}, {0x1, 0x5}, {0x2, 0x4}, {0x4, 0x6}, {0x6, 0xa}, {0x1, 0x8}, {0x0, 0x9}, {0x6, 0x5}, {0x6, 0x8}, {0x1, 0x8}, {0x2, 0x5}, {0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x2, 0x3}, {0x6}, {0x1, 0x9}, {0x7, 0x7}, {0x4, 0x9}, {0x2, 0x5}, {0x7, 0x1}, {0x2, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0x1}, {0x0, 0x2}, {0x0, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x1, 0xa}, {0x1, 0x5}, {0x4, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x2}, {0x6, 0x1}, {}, {0x7, 0x2}, {0x7, 0x1}, {0x1, 0x7}, {0x4, 0xa}, {0x1, 0x9}, {0x7, 0xa}, {0x1, 0x5}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x1, 0x5}, {0x4, 0x3}, {0x4, 0x5}, {0x3, 0x1}, {0x3, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x0, 0x8}, {0x0, 0x8}, {0x4, 0x7}, {0x1, 0x2}, {0x6, 0x7}, {0x4, 0x7}, {0x2, 0x9}, {0x3, 0x5}, {0x3, 0x9}, {0x5, 0x2}, {0x3, 0xa}, {0x0, 0x1f}, {0x2, 0xa}, {0x7, 0x3}, {0x1}, {0x5}, {0x1, 0x3}, {0x6, 0x9}, {0x5, 0x7}, {0x6, 0x3}, {0x3, 0x4}, {0x5, 0x9}, {0x6, 0x1}, {0x0, 0x9}, {0x0, 0x2}, {0x7, 0xa}, {0x1, 0x8}, {0x1, 0x7}, {}, {0x0, 0x3}, {0x3, 0x5}, {0x4, 0x4}, {0x5, 0x9}, {0x5, 0x8}, {0x2, 0x2}, {0x2, 0x2}, {0x0, 0x6}, {0x2, 0x2}, {0x2, 0x2}, {0x5, 0x6}, {0x1, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xb8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0xc, 0x6, 0x24, 0xc, 0xc, 0x30, 0x2, 0x60, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x80, 0x100, 0x3f, 0x9, 0x9, 0x4, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x51, 0x2, [{0x7, 0xc}, {0x2, 0x8}, {0x2, 0xa}, {0x5, 0x8}, {0x0, 0x4}, {0x4, 0x4}, {0x7, 0x5}, {0x3, 0x3}, {0x6, 0x1}, {0x5, 0x2}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x6}, {0x3, 0x8}, {0x0, 0x8}, {0x1, 0x5}, {0x4, 0x2}, {0x6}, {0x0, 0x1}, {0x6, 0x3}, {0x6, 0xa}, {0x2}, {0x0, 0x2}, {0x3, 0x3}, {0x4, 0xa}, {0x7}, {0x0, 0x2}, {0x5, 0x5}, {0x2, 0x2}, {0x5, 0x2}, {0x1, 0x8}, {0x4, 0x6}, {0x0, 0x4}, {0x5, 0x6}, {0x1, 0x9}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x7}, {0x4, 0x3}, {0x0, 0x7}, {0x6, 0x2}, {0x4, 0x8}, {0x1, 0x5}, {0x2, 0x9}, {0x0, 0x2}, {0x0, 0x8}, {0x2, 0x5}, {0x4, 0x8}, {0x0, 0x4}, {0x0, 0x8}, {0x2, 0x5}, {0x2, 0x9}, {0x7}, {0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x7}, {0x1, 0x3}, {0x6, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x3, 0x5}, {0x0, 0x5}, {0x3, 0x6}, {0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x6, 0x8}, {0x0, 0x7}, {0x7, 0xa}, {0x1}, {0x0, 0x6}, {0x5, 0x7}, {0x7, 0x2}, {0x7, 0x9}]}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x7, 0x3}, {0x4, 0x7}, {0x1, 0x6}, {0x6, 0x5}, {0x5, 0x6}, {0x0, 0x8}, {0x0, 0x4}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x6}, {0x4, 0x7}, {0x7, 0xa}, {0x5, 0x7}, {0x4}, {0x2, 0x3}, {0x3, 0x8}, {0x0, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xb6, 0x7, 0x40, 0x401, 0x6, 0x81]}}]}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40}, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) 20:09:58 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 26) 20:09:58 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x3e0000) 20:09:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) [ 1102.332899] FAULT_INJECTION: forcing a failure. [ 1102.332899] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1102.336648] CPU: 0 PID: 7257 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1102.338072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1102.339768] Call Trace: [ 1102.340316] dump_stack+0x107/0x167 [ 1102.340749] FAULT_INJECTION: forcing a failure. [ 1102.340749] name failslab, interval 1, probability 0, space 0, times 0 [ 1102.341061] should_fail.cold+0x5/0xa [ 1102.341086] _copy_from_user+0x2e/0x1b0 [ 1102.343953] iovec_from_user+0x141/0x400 [ 1102.344802] __import_iovec+0x67/0x590 [ 1102.345596] ? __ia32_sys_shutdown+0x80/0x80 [ 1102.346494] import_iovec+0x83/0xb0 [ 1102.347236] sendmsg_copy_msghdr+0x131/0x160 [ 1102.348127] ? do_recvmmsg+0x6d0/0x6d0 [ 1102.348939] ? __lock_acquire+0x1657/0x5b00 [ 1102.349831] ___sys_sendmsg+0xc6/0x170 [ 1102.350623] ? sendmsg_copy_msghdr+0x160/0x160 [ 1102.351554] ? lock_downgrade+0x6d0/0x6d0 [ 1102.352406] ? lock_acquire+0x197/0x470 [ 1102.353211] ? find_held_lock+0x2c/0x110 [ 1102.354041] ? __might_fault+0xd3/0x180 [ 1102.354851] ? lock_downgrade+0x6d0/0x6d0 [ 1102.355708] __sys_sendmmsg+0x195/0x470 [ 1102.356541] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1102.357419] ? lock_downgrade+0x6d0/0x6d0 [ 1102.358284] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1102.359269] ? wait_for_completion_io+0x270/0x270 [ 1102.360246] ? rcu_read_lock_any_held+0x75/0xa0 [ 1102.361200] ? vfs_write+0x354/0xa70 [ 1102.361961] ? fput_many+0x2f/0x1a0 [ 1102.362706] ? ksys_write+0x1a9/0x260 [ 1102.363482] ? __ia32_sys_read+0xb0/0xb0 [ 1102.364329] __x64_sys_sendmmsg+0x99/0x100 [ 1102.365189] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1102.366238] do_syscall_64+0x33/0x40 [ 1102.366993] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1102.368036] RIP: 0033:0x7f714576fb19 [ 1102.368804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1102.372567] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1102.374119] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1102.375572] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1102.377032] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.378487] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1102.379939] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1102.381412] CPU: 1 PID: 7256 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1102.382195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1102.383111] Call Trace: [ 1102.383417] dump_stack+0x107/0x167 [ 1102.383829] should_fail.cold+0x5/0xa [ 1102.384268] ? create_object.isra.0+0x3a/0xa20 [ 1102.384776] should_failslab+0x5/0x20 [ 1102.385205] kmem_cache_alloc+0x5b/0x310 [ 1102.385659] create_object.isra.0+0x3a/0xa20 [ 1102.386151] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1102.386724] kmem_cache_alloc+0x159/0x310 [ 1102.387197] jbd2__journal_start+0x190/0x7e0 [ 1102.387690] __ext4_journal_start_sb+0x214/0x390 [ 1102.388255] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1102.388882] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1102.389449] ? down_write_killable+0x180/0x180 [ 1102.389965] ext4_fallocate+0x415/0x3860 [ 1102.390420] ? __x64_sys_fallocate+0xcf/0x140 [ 1102.390941] ? lock_release+0x680/0x680 [ 1102.391384] ? ext4_ext_truncate+0x250/0x250 [ 1102.391890] ? ext4_ext_truncate+0x250/0x250 [ 1102.392384] vfs_fallocate+0x48f/0xd00 [ 1102.392826] __x64_sys_fallocate+0xcf/0x140 [ 1102.393315] do_syscall_64+0x33/0x40 [ 1102.393749] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1102.393855] Unsupported ieee802154 address type: 0 [ 1102.394324] RIP: 0033:0x7f6d60f48b19 [ 1102.394343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1102.397850] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1102.398704] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1102.399397] Unsupported ieee802154 address type: 0 [ 1102.399520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1102.399535] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.402111] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1102.402901] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1102.407963] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1102.408914] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003a1c68b3 20:09:58 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x3e0000) [ 1102.440669] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1102.441589] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003a1c68b3 20:09:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x2b00, 0x0, 0x4022812, r0, 0x0) 20:09:58 executing program 2: kexec_load(0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}, {&(0x7f00000000c0)="8d893e75acd168f4ab3da1a9840d8a8054f1905ad7b483b5f9f8e4c1e15e1efa6d8f0a8eaae49b231e12edcf81604c84ca0ae27e1c6d31cd26456ca7cf4a1a199d95f9aed7d26f2461cc6ebef61fb9e339a7f6aed5f2d370148b5103382638b91d946ac095a2ed05d108c082328eaaf8ff90eb7beccd90d5395c09440359bb21a5553963a4c541e569fa14", 0x8b, 0x0, 0x3ff}], 0x3e0000) 20:09:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x0) 20:09:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x1800, 0x0, 0x8800000) 20:09:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r2, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x16c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0xeaa2d76ee3793931, 0x30, 0x4, 0x6, 0x16, 0x4, 0x4, 0x2, 0x5, 0x4, 0x1b, 0x41]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x6c, 0x5c, 0x60, 0x3]}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x2}, {0x6, 0x3}, {0x7}, {0x6, 0xa}, {0x5, 0x8}, {0x1}, {0x1, 0x7}, {0x7, 0x7}, {0x1, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x3, 0x6}, {0x1, 0x7}, {0x1, 0x5}, {0x5}, {0x3, 0x7}, {0x4, 0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x5}, {0x5, 0x5}, {0x7, 0xa}, {0x0, 0x6}, {0x4, 0x3}, {0x1, 0x9}, {0x4, 0x4}, {0x1, 0xa}, {0x2, 0x8}, {0x0, 0x6}, {0x4}, {0x7, 0x9}, {0x3, 0x8}, {0x5, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x6}, {0x0, 0x2}, {0x1, 0x5}, {0x2, 0x4}, {0x4, 0x6}, {0x6, 0xa}, {0x1, 0x8}, {0x0, 0x9}, {0x6, 0x5}, {0x6, 0x8}, {0x1, 0x8}, {0x2, 0x5}, {0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x2, 0x3}, {0x6}, {0x1, 0x9}, {0x7, 0x7}, {0x4, 0x9}, {0x2, 0x5}, {0x7, 0x1}, {0x2, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0x1}, {0x0, 0x2}, {0x0, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x1, 0xa}, {0x1, 0x5}, {0x4, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x2}, {0x6, 0x1}, {}, {0x7, 0x2}, {0x7, 0x1}, {0x1, 0x7}, {0x4, 0xa}, {0x1, 0x9}, {0x7, 0xa}, {0x1, 0x5}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x1, 0x5}, {0x4, 0x3}, {0x4, 0x5}, {0x3, 0x1}, {0x3, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x0, 0x8}, {0x0, 0x8}, {0x4, 0x7}, {0x1, 0x2}, {0x6, 0x7}, {0x4, 0x7}, {0x2, 0x9}, {0x3, 0x5}, {0x3, 0x9}, {0x5, 0x2}, {0x3, 0xa}, {0x0, 0x1f}, {0x2, 0xa}, {0x7, 0x3}, {0x1}, {0x5}, {0x1, 0x3}, {0x6, 0x9}, {0x5, 0x7}, {0x6, 0x3}, {0x3, 0x4}, {0x5, 0x9}, {0x6, 0x1}, {0x0, 0x9}, {0x0, 0x2}, {0x7, 0xa}, {0x1, 0x8}, {0x1, 0x7}, {}, {0x0, 0x3}, {0x3, 0x5}, {0x4, 0x4}, {0x5, 0x9}, {0x5, 0x8}, {0x2, 0x2}, {0x2, 0x2}, {0x0, 0x6}, {0x2, 0x2}, {0x2, 0x2}, {0x5, 0x6}, {0x1, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0xb8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0xc, 0x6, 0x24, 0xc, 0xc, 0x30, 0x2, 0x60, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x80, 0x100, 0x3f, 0x9, 0x9, 0x4, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x51, 0x2, [{0x7, 0xc}, {0x2, 0x8}, {0x2, 0xa}, {0x5, 0x8}, {0x0, 0x4}, {0x4, 0x4}, {0x7, 0x5}, {0x3, 0x3}, {0x6, 0x1}, {0x5, 0x2}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x6}, {0x3, 0x8}, {0x0, 0x8}, {0x1, 0x5}, {0x4, 0x2}, {0x6}, {0x0, 0x1}, {0x6, 0x3}, {0x6, 0xa}, {0x2}, {0x0, 0x2}, {0x3, 0x3}, {0x4, 0xa}, {0x7}, {0x0, 0x2}, {0x5, 0x5}, {0x2, 0x2}, {0x5, 0x2}, {0x1, 0x8}, {0x4, 0x6}, {0x0, 0x4}, {0x5, 0x6}, {0x1, 0x9}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x7}, {0x4, 0x3}, {0x0, 0x7}, {0x6, 0x2}, {0x4, 0x8}, {0x1, 0x5}, {0x2, 0x9}, {0x0, 0x2}, {0x0, 0x8}, {0x2, 0x5}, {0x4, 0x8}, {0x0, 0x4}, {0x0, 0x8}, {0x2, 0x5}, {0x2, 0x9}, {0x7}, {0x1}, {0x7, 0x1}, {0x3, 0x1}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x7}, {0x1, 0x3}, {0x6, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x3, 0x5}, {0x0, 0x5}, {0x3, 0x6}, {0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x6, 0x8}, {0x0, 0x7}, {0x7, 0xa}, {0x1}, {0x0, 0x6}, {0x5, 0x7}, {0x7, 0x2}, {0x7, 0x9}]}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x7, 0x3}, {0x4, 0x7}, {0x1, 0x6}, {0x6, 0x5}, {0x5, 0x6}, {0x0, 0x8}, {0x0, 0x4}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x6}, {0x4, 0x7}, {0x7, 0xa}, {0x5, 0x7}, {0x4}, {0x2, 0x3}, {0x3, 0x8}, {0x0, 0x3}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xb6, 0x7, 0x40, 0x401, 0x6, 0x81]}}]}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40}, 0x0) 20:09:58 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) sendmmsg$sock(r1, &(0x7f0000000600)=[{{&(0x7f0000000240)=@hci={0x1f, 0x1, 0x1}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000480)="1a31b40925148b6568ecb71686462deddb3da5cc8ed8f935bbb5deed6350d2134be872743bc7b97e2d69bb87cef6acb94d606768b2c132da77209ab02e05df7bd01cb51fce250eb549d36ad33748c67d5ec355c79d05e371a52bfa93f571599b0b7e5a851aca06f938bcf8c9a23fe42284e92767fc44c8fd4a20f6a63f31ef5259fa4455754f602ff2ce91724d5f9b5649348393", 0x94}, {&(0x7f0000000300)="51240d15883d3a3bafdc2921b9d5f8465e6a0204bb204971353998bc4ee0e39d4df87d8f08e63c21c4a66ec83e06b0", 0x2f}], 0x2, &(0x7f0000000540)=[@txtime={{0x18, 0x1, 0x3d, 0x1f}}, @txtime={{0x18, 0x1, 0x3d, 0x100000000000000}}, @txtime={{0x18, 0x1, 0x3d, 0x71b}}, @timestamping={{0x14, 0x1, 0x25, 0x80}}, @txtime={{0x18, 0x1, 0x3d, 0x3f}}, @mark={{0x14, 0x1, 0x24, 0x412}}, @timestamping={{0x14, 0x1, 0x25, 0xffff}}], 0xa8}}], 0x1, 0x20000000) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000680)=ANY=[@ANYBLOB="bba2498425a49cc4004172843be05a29ddc76e74200e307485c165c3d975a4999fdfb5fbe1f62048c5cd6412dcf42b0cbf441718209d725ab8aef25e9b9f70c27effdfe6fee9fbe452f9d75e589b8f4548eca421eb30ae83e250a6d04ca82214a799cae6288e0f6b2d11ad9c2d9a71ada4b6eef941dbd7f1aed69c6fe2e788a6845a704cff7bebdde05a47279d285f35c2dd3843c642615e468af2b59b1ab0af153a78d38c419a64e03f6f51aebe7e2c500729", @ANYRES16=r5, @ANYBLOB="010000000000000000005700000008000300", @ANYRES32=r6, @ANYBLOB="0600950000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x94, r2, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xb6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfff}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16e9}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2a1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xa6c}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}], @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x1d, 0x24, [{0x1, 0x1}, {0x6c, 0x1}, {0x1f, 0x1}, {0x48}, {0x4}, {0x9}, {0x6}, {0x48, 0x1}, {0x6c}, {0x6c}, {0x5, 0x1}, {0x48}, {0x18}, {0x12}, {0x18, 0x1}, {0x30}, {0x60, 0x1}, {0x16}, {0x9, 0x1}, {0x16}, {0x4}, {0x6, 0x1}, {0x1b}, {0x48, 0x1}, {0x30, 0x1}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x404c880}, 0x8000) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14) connect$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14) [ 1102.511380] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1102.512349] ref_ctr increment failed for inode: 0x3e77 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000000ead85d3 20:09:58 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{&(0x7f0000000000)="7b7d406d4ce6e210e60606dab45bd22c4cf6e27b2094f5f6a8074ac84f4d35226b3b21a70e1c7ffa620cc6275f7fb37e8431118eea92ee62516703c7310cac00face3cb231649bfcb6be662710abf122955d853ac69954db4b9d36a984a5c4f127c37d291ffd7f58d407660570a1a91473b5b155f459c1cbb5e4", 0x7a, 0x20, 0x80}], 0x3e0000) [ 1102.550706] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1102.551572] ref_ctr increment failed for inode: 0x3e77 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000000ead85d3 20:09:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:09:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x2d00, 0x0, 0x4022812, r0, 0x0) [ 1102.616619] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1102.617514] ref_ctr increment failed for inode: 0x3e72 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000007f143c0b [ 1102.625284] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1102.626222] ref_ctr increment failed for inode: 0x3e72 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000007f143c0b 20:10:11 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x1fff, 0x0, 0x8800000) 20:10:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3002, 0x0, 0x4022812, r0, 0x0) 20:10:11 executing program 2: kexec_load(0x0, 0x0, &(0x7f0000000240), 0x3e0000) 20:10:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x0) 20:10:11 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:11 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000000)) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) bind$802154_dgram(r2, &(0x7f0000000140)={0x24, @long={0x3, 0x1}}, 0x14) sendmsg$inet6(r3, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) copy_file_range(r1, &(0x7f00000000c0)=0x465, r3, &(0x7f0000000100)=0x3e8, 0x200, 0x0) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) 20:10:11 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 25) 20:10:11 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 27) [ 1115.020885] Unsupported ieee802154 address type: 0 [ 1115.025460] FAULT_INJECTION: forcing a failure. [ 1115.025460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1115.026773] CPU: 0 PID: 7310 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1115.027498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1115.028399] Call Trace: [ 1115.028709] dump_stack+0x107/0x167 [ 1115.029105] should_fail.cold+0x5/0xa [ 1115.029543] _copy_from_user+0x2e/0x1b0 [ 1115.029975] __copy_msghdr_from_user+0x91/0x4b0 [ 1115.030487] ? __ia32_sys_shutdown+0x80/0x80 [ 1115.030976] ? udp_v6_push_pending_frames+0x360/0x360 [ 1115.031537] ? inet6_sendmsg+0xbd/0x140 [ 1115.031965] ? inet6_compat_ioctl+0x320/0x320 [ 1115.032463] ? __sock_sendmsg+0x55/0x190 [ 1115.032911] sendmsg_copy_msghdr+0xa1/0x160 [ 1115.033384] ? do_recvmmsg+0x6d0/0x6d0 [ 1115.033805] ? __lock_acquire+0x1657/0x5b00 [ 1115.034280] ___sys_sendmsg+0xc6/0x170 [ 1115.034706] ? sendmsg_copy_msghdr+0x160/0x160 [ 1115.035201] ? lock_downgrade+0x6d0/0x6d0 [ 1115.035652] ? lock_acquire+0x197/0x470 [ 1115.036086] ? find_held_lock+0x2c/0x110 [ 1115.036540] ? __might_fault+0xd3/0x180 [ 1115.036994] ? lock_downgrade+0x6d0/0x6d0 [ 1115.037461] __sys_sendmmsg+0x195/0x470 [ 1115.037910] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1115.038400] ? lock_downgrade+0x6d0/0x6d0 [ 1115.038881] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1115.039417] ? wait_for_completion_io+0x270/0x270 [ 1115.039952] ? rcu_read_lock_any_held+0x75/0xa0 [ 1115.040466] ? vfs_write+0x354/0xa70 [ 1115.040881] ? fput_many+0x2f/0x1a0 [ 1115.041273] ? ksys_write+0x1a9/0x260 [ 1115.041697] ? __ia32_sys_read+0xb0/0xb0 [ 1115.042140] __x64_sys_sendmmsg+0x99/0x100 [ 1115.042599] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1115.043151] do_syscall_64+0x33/0x40 [ 1115.043564] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1115.044116] RIP: 0033:0x7f714576fb19 [ 1115.044587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1115.046633] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1115.047454] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1115.047590] Unsupported ieee802154 address type: 0 [ 1115.048206] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1115.048213] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1115.048219] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1115.048224] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1115.064104] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1115.065729] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003f8190c8 [ 1115.070878] FAULT_INJECTION: forcing a failure. 20:10:11 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1115.070878] name failslab, interval 1, probability 0, space 0, times 0 [ 1115.073302] CPU: 1 PID: 7315 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1115.074677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1115.076346] Call Trace: [ 1115.076906] dump_stack+0x107/0x167 [ 1115.077649] should_fail.cold+0x5/0xa [ 1115.078423] ? ext4_find_extent+0xa3d/0xd30 [ 1115.079301] should_failslab+0x5/0x20 [ 1115.080069] __kmalloc+0x72/0x390 [ 1115.080788] ext4_find_extent+0xa3d/0xd30 [ 1115.081653] ext4_ext_map_blocks+0x1c8/0x5850 [ 1115.082579] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1115.083643] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1115.084719] ? ext4_ext_release+0x10/0x10 [ 1115.085561] ? ext4_map_blocks+0x5e0/0x1940 [ 1115.086436] ? lock_release+0x680/0x680 [ 1115.087237] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1115.088206] ? lock_downgrade+0x6d0/0x6d0 [ 1115.089093] ? down_write+0xe0/0x160 [ 1115.089861] ? down_write_killable+0x180/0x180 [ 1115.090810] ext4_map_blocks+0x652/0x1940 [ 1115.091666] ? kmem_cache_alloc+0x2a6/0x310 [ 1115.092562] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1115.093493] ? jbd2__journal_start+0xf3/0x7e0 20:10:11 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1115.094415] ? __ext4_journal_start_sb+0x214/0x390 [ 1115.095514] ? __ext4_journal_start_sb+0x1db/0x390 [ 1115.096536] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1115.097606] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1115.098588] ? down_write_killable+0x180/0x180 [ 1115.099520] ext4_fallocate+0x415/0x3860 [ 1115.100343] ? __x64_sys_fallocate+0xcf/0x140 [ 1115.101266] ? lock_release+0x680/0x680 [ 1115.102076] ? ext4_ext_truncate+0x250/0x250 [ 1115.102972] ? ext4_ext_truncate+0x250/0x250 [ 1115.103863] vfs_fallocate+0x48f/0xd00 [ 1115.104666] __x64_sys_fallocate+0xcf/0x140 [ 1115.105549] do_syscall_64+0x33/0x40 [ 1115.106303] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1115.107340] RIP: 0033:0x7f6d60f48b19 [ 1115.108093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1115.111832] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1115.113383] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1115.114823] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1115.116266] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1115.117720] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1115.119159] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:10:11 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 26) 20:10:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1115.158903] FAULT_INJECTION: forcing a failure. [ 1115.158903] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1115.160278] CPU: 0 PID: 7323 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1115.161049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1115.161945] Call Trace: [ 1115.162238] dump_stack+0x107/0x167 [ 1115.162642] should_fail.cold+0x5/0xa [ 1115.163072] _copy_from_user+0x2e/0x1b0 [ 1115.163521] __copy_msghdr_from_user+0x91/0x4b0 [ 1115.164029] ? __ia32_sys_shutdown+0x80/0x80 [ 1115.164522] ? udp_v6_push_pending_frames+0x360/0x360 [ 1115.165085] ? inet6_sendmsg+0xbd/0x140 [ 1115.165524] ? inet6_compat_ioctl+0x320/0x320 [ 1115.166054] ? __sock_sendmsg+0x55/0x190 [ 1115.166566] sendmsg_copy_msghdr+0xa1/0x160 [ 1115.167061] ? do_recvmmsg+0x6d0/0x6d0 [ 1115.167493] ? __lock_acquire+0x1657/0x5b00 [ 1115.167977] ___sys_sendmsg+0xc6/0x170 [ 1115.168413] ? sendmsg_copy_msghdr+0x160/0x160 [ 1115.168917] ? lock_downgrade+0x6d0/0x6d0 [ 1115.169371] ? lock_acquire+0x197/0x470 [ 1115.169810] ? find_held_lock+0x2c/0x110 [ 1115.170258] ? __might_fault+0xd3/0x180 [ 1115.170691] ? lock_downgrade+0x6d0/0x6d0 [ 1115.171136] __sys_sendmmsg+0x195/0x470 [ 1115.171573] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1115.172041] ? lock_downgrade+0x6d0/0x6d0 [ 1115.172524] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1115.173056] ? wait_for_completion_io+0x270/0x270 [ 1115.173587] ? rcu_read_lock_any_held+0x75/0xa0 [ 1115.174106] ? vfs_write+0x354/0xa70 [ 1115.174513] ? fput_many+0x2f/0x1a0 [ 1115.174913] ? ksys_write+0x1a9/0x260 [ 1115.175332] ? __ia32_sys_read+0xb0/0xb0 [ 1115.175786] __x64_sys_sendmmsg+0x99/0x100 [ 1115.176252] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1115.176818] do_syscall_64+0x33/0x40 [ 1115.177219] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1115.177787] RIP: 0033:0x7f714576fb19 [ 1115.178195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1115.180209] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1115.181061] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1115.181848] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1115.182634] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1115.183412] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1115.184199] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 20:10:11 executing program 2: kexec_load(0x0, 0x0, &(0x7f0000000240), 0x3e0000) [ 1115.201869] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1115.202786] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003f8190c8 20:10:11 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2000, 0x0, 0x8800000) 20:10:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x0) 20:10:11 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000340)={0x0, 0x0}) r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r3, &(0x7f0000000140)=0x9, 0xdb7b) perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x6, 0x9, 0x40, 0x7f, 0x0, 0x3f, 0x90091, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3ff, 0x2, @perf_bp={&(0x7f0000000100), 0x9}, 0x408, 0x80000000, 0x10000, 0x0, 0x7, 0xfffffffc, 0x1, 0x0, 0x0, 0x0, 0x3}, r2, 0xd, r3, 0xa) ftruncate(r1, 0x5c) 20:10:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3003, 0x0, 0x4022812, r0, 0x0) 20:10:11 executing program 2: kexec_load(0x0, 0x0, &(0x7f0000000240), 0x3e0000) 20:10:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:11 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x20, 0x80}], 0x3e0000) [ 1115.343460] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1115.344393] ref_ctr increment failed for inode: 0x3e70 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004e9f9b80 [ 1115.369984] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1115.370862] ref_ctr increment failed for inode: 0x3e70 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004e9f9b80 20:10:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3004, 0x0, 0x4022812, r0, 0x0) 20:10:23 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000280)=[{{&(0x7f0000000100)={0xa, 0x4e23, 0x6, @local, 0x4}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="efb893623d64001db1438ef1a19b029ceec6c5e513be81206d64a610ab9c510b889041acf2f82bb18f6200b380153f1f4fe810b13b4ddea3cf12fb93965e90cbb3a09a4b4751ffaa2506f1a7a7299e476082c9b46ee79c987d59b2f384a994099d0ea9d580fcf68a09d752f40285bc1f055f1fee1595a34d36562b3a71bfc34e3b20759bf68af38e0795441cd5a2befbe940d75086ca509a53acf999016184168c2317a96338d43eb362fec2e563191384988512b39d2fcf0892f04bf89cda95626800babacd1f9f76899193205230181f0989b0a837002a21e365f0417157a763c8ca9ad3a4280b3d5f9bcaec8658", 0xef}], 0x1}}], 0x1, 0x40) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r0, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) dup2(0xffffffffffffffff, r0) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000080), 0x14) 20:10:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 27) 20:10:23 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x3e0000) 20:10:23 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 28) 20:10:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:23 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[], 0x1020) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, 0xffffffffffffffff, 0x0) 20:10:23 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2103, 0x0, 0x8800000) [ 1126.971890] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1126.973587] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000056a3f1f0 [ 1126.977524] FAULT_INJECTION: forcing a failure. [ 1126.977524] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1126.979941] CPU: 0 PID: 7359 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1126.981354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1126.983029] Call Trace: [ 1126.983562] dump_stack+0x107/0x167 [ 1126.984307] should_fail.cold+0x5/0xa [ 1126.985109] _copy_from_user+0x2e/0x1b0 [ 1126.985619] FAULT_INJECTION: forcing a failure. [ 1126.985619] name failslab, interval 1, probability 0, space 0, times 0 [ 1126.985921] __copy_msghdr_from_user+0x91/0x4b0 [ 1126.985952] ? __ia32_sys_shutdown+0x80/0x80 [ 1126.990000] ? udp_v6_push_pending_frames+0x360/0x360 [ 1126.991037] ? inet6_sendmsg+0xbd/0x140 [ 1126.991842] ? inet6_compat_ioctl+0x320/0x320 [ 1126.992764] ? __sock_sendmsg+0x55/0x190 [ 1126.993591] sendmsg_copy_msghdr+0xa1/0x160 [ 1126.994463] ? do_recvmmsg+0x6d0/0x6d0 [ 1126.995257] ? __lock_acquire+0x1657/0x5b00 [ 1126.996140] ___sys_sendmsg+0xc6/0x170 [ 1126.996936] ? sendmsg_copy_msghdr+0x160/0x160 [ 1126.997863] ? lock_downgrade+0x6d0/0x6d0 [ 1126.998704] ? lock_acquire+0x197/0x470 [ 1126.999510] ? find_held_lock+0x2c/0x110 [ 1127.000335] ? __might_fault+0xd3/0x180 [ 1127.001150] ? lock_downgrade+0x6d0/0x6d0 [ 1127.002005] __sys_sendmmsg+0x195/0x470 [ 1127.002812] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1127.003681] ? lock_downgrade+0x6d0/0x6d0 [ 1127.004558] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1127.005552] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1127.006609] ? asm_sysvec_call_function_single+0x12/0x20 [ 1127.007707] ? trace_hardirqs_on+0x5b/0x180 [ 1127.008598] ? asm_sysvec_call_function_single+0x12/0x20 [ 1127.009706] __x64_sys_sendmmsg+0x99/0x100 [ 1127.010564] do_syscall_64+0x33/0x40 [ 1127.011316] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1127.012364] RIP: 0033:0x7f714576fb19 [ 1127.013134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1127.016882] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1127.018427] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1127.019853] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1127.021295] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1127.022738] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1127.024175] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1127.025680] CPU: 1 PID: 7369 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1127.027046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1127.028702] Call Trace: [ 1127.029231] dump_stack+0x107/0x167 [ 1127.029966] should_fail.cold+0x5/0xa [ 1127.030730] ? create_object.isra.0+0x3a/0xa20 [ 1127.031641] should_failslab+0x5/0x20 [ 1127.032396] kmem_cache_alloc+0x5b/0x310 [ 1127.033219] ? lock_chain_count+0x20/0x20 [ 1127.034049] create_object.isra.0+0x3a/0xa20 [ 1127.034922] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1127.035933] __kmalloc+0x16e/0x390 [ 1127.036669] ext4_find_extent+0xa3d/0xd30 [ 1127.037509] ext4_ext_map_blocks+0x1c8/0x5850 [ 1127.038439] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1127.039501] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1127.040564] ? ext4_ext_release+0x10/0x10 [ 1127.041406] ? ext4_map_blocks+0x5e0/0x1940 [ 1127.042269] ? lock_release+0x680/0x680 [ 1127.043066] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1127.044007] ? lock_downgrade+0x6d0/0x6d0 [ 1127.044858] ? down_write+0xe0/0x160 [ 1127.045597] ? down_write_killable+0x180/0x180 [ 1127.046524] ext4_map_blocks+0x652/0x1940 [ 1127.047368] ? kmem_cache_alloc+0x2a6/0x310 [ 1127.048238] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1127.049157] ? jbd2__journal_start+0xf3/0x7e0 [ 1127.050055] ? __ext4_journal_start_sb+0x214/0x390 [ 1127.051029] ? __ext4_journal_start_sb+0x1db/0x390 [ 1127.052016] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1127.053082] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1127.054048] ? down_write_killable+0x180/0x180 [ 1127.054969] ext4_fallocate+0x415/0x3860 [ 1127.055777] ? __x64_sys_fallocate+0xcf/0x140 [ 1127.056692] ? lock_release+0x680/0x680 [ 1127.057487] ? ext4_ext_truncate+0x250/0x250 [ 1127.058370] ? ext4_ext_truncate+0x250/0x250 [ 1127.059252] vfs_fallocate+0x48f/0xd00 [ 1127.060035] __x64_sys_fallocate+0xcf/0x140 [ 1127.060908] do_syscall_64+0x33/0x40 [ 1127.061647] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1127.062668] RIP: 0033:0x7f6d60f48b19 [ 1127.063412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1127.067089] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1127.068636] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1127.070050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1127.071462] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1127.072892] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1127.074302] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:10:23 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0}], 0x3e0000) 20:10:23 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x27ff, 0x0, 0x8800000) [ 1127.094990] Unsupported ieee802154 address type: 0 [ 1127.099201] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1127.100950] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000056a3f1f0 [ 1127.108219] syz-executor.7 (7364) used greatest stack depth: 23256 bytes left 20:10:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 28) 20:10:23 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 29) 20:10:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3005, 0x0, 0x4022812, r0, 0x0) [ 1127.238892] FAULT_INJECTION: forcing a failure. [ 1127.238892] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1127.241387] CPU: 1 PID: 7384 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1127.242762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1127.244438] Call Trace: [ 1127.244993] dump_stack+0x107/0x167 [ 1127.245737] should_fail.cold+0x5/0xa [ 1127.246520] _copy_from_user+0x2e/0x1b0 [ 1127.247332] __copy_msghdr_from_user+0x91/0x4b0 [ 1127.248274] ? __ia32_sys_shutdown+0x80/0x80 [ 1127.249178] ? udp_v6_push_pending_frames+0x360/0x360 [ 1127.250224] ? inet6_sendmsg+0xbd/0x140 [ 1127.251029] ? inet6_compat_ioctl+0x320/0x320 [ 1127.251935] ? __sock_sendmsg+0x55/0x190 [ 1127.252771] sendmsg_copy_msghdr+0xa1/0x160 [ 1127.253646] ? do_recvmmsg+0x6d0/0x6d0 [ 1127.254441] ? __lock_acquire+0x1657/0x5b00 [ 1127.255326] ___sys_sendmsg+0xc6/0x170 [ 1127.256115] ? sendmsg_copy_msghdr+0x160/0x160 [ 1127.257061] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1127.258110] ? trace_hardirqs_on+0x5b/0x180 [ 1127.258990] ? lock_acquire+0x197/0x470 [ 1127.259788] ? find_held_lock+0x2c/0x110 [ 1127.260631] ? __might_fault+0xd3/0x180 [ 1127.261434] ? lock_downgrade+0x6d0/0x6d0 [ 1127.262286] ? io_schedule_timeout+0x140/0x140 [ 1127.263219] __sys_sendmmsg+0x195/0x470 [ 1127.264035] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1127.264928] ? lock_downgrade+0x6d0/0x6d0 [ 1127.265796] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1127.266773] ? wait_for_completion_io+0x270/0x270 [ 1127.267746] ? rcu_read_lock_any_held+0x75/0xa0 [ 1127.268687] ? vfs_write+0x354/0xa70 [ 1127.269438] ? fput_many+0x2f/0x1a0 [ 1127.270172] ? ksys_write+0x1a9/0x260 [ 1127.270937] ? __ia32_sys_read+0xb0/0xb0 [ 1127.271763] __x64_sys_sendmmsg+0x99/0x100 [ 1127.272623] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1127.273660] do_syscall_64+0x33/0x40 [ 1127.274410] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1127.275440] RIP: 0033:0x7f714576fb19 [ 1127.276193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1127.279907] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1127.281446] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1127.282881] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1127.284313] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1127.285755] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1127.287188] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1127.301908] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1127.303525] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004a61323f [ 1127.317170] FAULT_INJECTION: forcing a failure. [ 1127.317170] name failslab, interval 1, probability 0, space 0, times 0 [ 1127.319449] CPU: 1 PID: 7389 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1127.320836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1127.322508] Call Trace: [ 1127.323042] dump_stack+0x107/0x167 [ 1127.323781] should_fail.cold+0x5/0xa [ 1127.324572] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1127.325587] should_failslab+0x5/0x20 [ 1127.326351] kmem_cache_alloc+0x5b/0x310 [ 1127.327166] ext4_mb_new_blocks+0x64d/0x45b0 [ 1127.328056] ? trace_hardirqs_on+0x5b/0x180 [ 1127.328936] ? ext4_cache_extents+0x148/0x2d0 [ 1127.329825] ? ext4_discard_preallocations+0xd80/0xd80 [ 1127.330867] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1127.331817] ext4_ext_map_blocks+0x1d68/0x5850 [ 1127.332751] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1127.333793] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1127.334844] ? ext4_ext_release+0x10/0x10 [ 1127.335668] ? ext4_map_blocks+0x5e0/0x1940 [ 1127.336525] ? lock_release+0x680/0x680 [ 1127.337331] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1127.338265] ? lock_downgrade+0x6d0/0x6d0 [ 1127.339102] ? down_write_killable+0x180/0x180 [ 1127.340016] ext4_map_blocks+0x652/0x1940 [ 1127.340847] ? kmem_cache_alloc+0x2a6/0x310 [ 1127.341702] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1127.342594] ? jbd2__journal_start+0xf3/0x7e0 [ 1127.343487] ? __ext4_journal_start_sb+0x214/0x390 [ 1127.344453] ? __ext4_journal_start_sb+0x1db/0x390 [ 1127.345447] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1127.346498] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1127.347459] ? down_write_killable+0x180/0x180 [ 1127.348370] ext4_fallocate+0x415/0x3860 [ 1127.349192] ? __x64_sys_fallocate+0xcf/0x140 [ 1127.350081] ? lock_release+0x680/0x680 [ 1127.350873] ? ext4_ext_truncate+0x250/0x250 [ 1127.351748] ? ext4_ext_truncate+0x250/0x250 [ 1127.352625] vfs_fallocate+0x48f/0xd00 [ 1127.353402] __x64_sys_fallocate+0xcf/0x140 [ 1127.354260] do_syscall_64+0x33/0x40 [ 1127.354993] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1127.356004] RIP: 0033:0x7f6d60f48b19 [ 1127.356772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1127.360389] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1127.361901] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1127.363308] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1127.364728] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1127.366136] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1127.367545] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1127.382780] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1127.384386] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004a61323f [ 1140.731324] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1140.732370] ref_ctr increment failed for inode: 0x3e7c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b 20:10:37 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 30) 20:10:37 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 29) 20:10:37 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[], 0x1020) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, 0xffffffffffffffff, 0x0) 20:10:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:37 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0}], 0x3e0000) 20:10:37 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:10:37 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2800, 0x0, 0x8800000) 20:10:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3006, 0x0, 0x4022812, r0, 0x0) [ 1140.749022] Unsupported ieee802154 address type: 0 [ 1140.752654] FAULT_INJECTION: forcing a failure. [ 1140.752654] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1140.755080] CPU: 0 PID: 7410 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1140.756496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1140.757051] Unsupported ieee802154 address type: 0 [ 1140.758211] Call Trace: [ 1140.758233] dump_stack+0x107/0x167 [ 1140.758258] should_fail.cold+0x5/0xa [ 1140.758284] _copy_from_user+0x2e/0x1b0 [ 1140.762099] move_addr_to_kernel.part.0+0x31/0x110 [ 1140.763120] __copy_msghdr_from_user+0x3e1/0x4b0 [ 1140.764087] ? __ia32_sys_shutdown+0x80/0x80 [ 1140.764996] ? inet6_sendmsg+0xbd/0x140 [ 1140.765805] ? inet6_compat_ioctl+0x320/0x320 [ 1140.766714] ? __sock_sendmsg+0x55/0x190 [ 1140.767547] sendmsg_copy_msghdr+0xa1/0x160 [ 1140.768434] ? do_recvmmsg+0x6d0/0x6d0 [ 1140.769248] ? __lock_acquire+0x1657/0x5b00 [ 1140.770152] ___sys_sendmsg+0xc6/0x170 [ 1140.770956] ? sendmsg_copy_msghdr+0x160/0x160 [ 1140.771906] ? lock_downgrade+0x6d0/0x6d0 [ 1140.772790] ? lock_acquire+0x197/0x470 [ 1140.773604] ? find_held_lock+0x2c/0x110 [ 1140.774460] ? __might_fault+0xd3/0x180 [ 1140.775274] ? lock_downgrade+0x6d0/0x6d0 [ 1140.776129] __sys_sendmmsg+0x195/0x470 [ 1140.776949] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1140.777836] ? lock_downgrade+0x6d0/0x6d0 [ 1140.778700] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1140.779685] ? wait_for_completion_io+0x270/0x270 [ 1140.780670] ? rcu_read_lock_any_held+0x75/0xa0 [ 1140.781636] ? vfs_write+0x354/0xa70 [ 1140.782403] ? fput_many+0x2f/0x1a0 [ 1140.783147] ? ksys_write+0x1a9/0x260 [ 1140.783928] ? __ia32_sys_read+0xb0/0xb0 [ 1140.784770] __x64_sys_sendmmsg+0x99/0x100 [ 1140.785631] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1140.786681] do_syscall_64+0x33/0x40 [ 1140.787444] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1140.788479] RIP: 0033:0x7f714576fb19 [ 1140.789249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1140.792983] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1140.794522] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1140.795964] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1140.797417] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1140.798857] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1140.800298] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1140.804374] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1140.805990] ref_ctr increment failed for inode: 0x3e7c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b 20:10:37 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @none={0x0, 0x2}}, 0x14) 20:10:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:37 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0}], 0x3e0000) [ 1140.831424] FAULT_INJECTION: forcing a failure. [ 1140.831424] name failslab, interval 1, probability 0, space 0, times 0 [ 1140.834436] CPU: 0 PID: 7409 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1140.835848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1140.837577] Call Trace: [ 1140.838121] dump_stack+0x107/0x167 [ 1140.838863] should_fail.cold+0x5/0xa [ 1140.839638] ? create_object.isra.0+0x3a/0xa20 [ 1140.840571] should_failslab+0x5/0x20 [ 1140.841353] kmem_cache_alloc+0x5b/0x310 [ 1140.842190] create_object.isra.0+0x3a/0xa20 [ 1140.843086] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1140.844123] kmem_cache_alloc+0x159/0x310 [ 1140.844986] ext4_mb_new_blocks+0x64d/0x45b0 [ 1140.845909] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1140.846950] ? ext4_cache_extents+0x148/0x2d0 [ 1140.847863] ? ext4_discard_preallocations+0xd80/0xd80 [ 1140.848949] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1140.849919] ext4_ext_map_blocks+0x1d68/0x5850 [ 1140.850863] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1140.851923] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1140.853004] ? ext4_ext_release+0x10/0x10 [ 1140.853846] ? ext4_map_blocks+0x5e0/0x1940 [ 1140.854726] ? lock_release+0x680/0x680 [ 1140.855534] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1140.856507] ? lock_downgrade+0x6d0/0x6d0 [ 1140.857385] ? down_write_killable+0x180/0x180 [ 1140.858340] ext4_map_blocks+0x652/0x1940 [ 1140.859205] ? kmem_cache_alloc+0x2a6/0x310 [ 1140.860103] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1140.860291] Unsupported ieee802154 address type: 0 [ 1140.861048] ? jbd2__journal_start+0xf3/0x7e0 [ 1140.861077] ? __ext4_journal_start_sb+0x214/0x390 [ 1140.861104] ? __ext4_journal_start_sb+0x1db/0x390 [ 1140.865027] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1140.866113] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1140.867100] ? down_write_killable+0x180/0x180 [ 1140.867847] Unsupported ieee802154 address type: 0 [ 1140.868048] ext4_fallocate+0x415/0x3860 [ 1140.869870] ? __x64_sys_fallocate+0xcf/0x140 [ 1140.870788] ? lock_release+0x680/0x680 [ 1140.871611] ? ext4_ext_truncate+0x250/0x250 [ 1140.872376] Unsupported ieee802154 address type: 0 [ 1140.872515] ? ext4_ext_truncate+0x250/0x250 [ 1140.874417] vfs_fallocate+0x48f/0xd00 [ 1140.875219] __x64_sys_fallocate+0xcf/0x140 [ 1140.876101] do_syscall_64+0x33/0x40 [ 1140.876865] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1140.877910] RIP: 0033:0x7f6d60f48b19 [ 1140.877972] Unsupported ieee802154 address type: 0 [ 1140.878671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1140.883403] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1140.884956] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1140.886418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1140.887864] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 20:10:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1140.889320] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1140.890967] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:10:37 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2fff, 0x0, 0x8800000) 20:10:37 executing program 2: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:10:49 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 31) 20:10:49 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 30) 20:10:49 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3000, 0x0, 0x8800000) 20:10:49 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[], 0x1020) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, 0xffffffffffffffff, 0x0) 20:10:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3007, 0x0, 0x4022812, r0, 0x0) 20:10:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:49 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2fff, 0x0, 0x8800000) 20:10:49 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000000)={0x24, @short={0x2, 0xfffe, 0xaaa3}}, 0x14) [ 1152.952631] Unsupported ieee802154 address type: 0 [ 1152.954604] FAULT_INJECTION: forcing a failure. [ 1152.954604] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1152.955957] CPU: 1 PID: 7447 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1152.956736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1152.957643] Call Trace: [ 1152.957949] dump_stack+0x107/0x167 [ 1152.958354] should_fail.cold+0x5/0xa [ 1152.958797] _copy_from_user+0x2e/0x1b0 [ 1152.959256] __copy_msghdr_from_user+0x91/0x4b0 [ 1152.959792] ? __ia32_sys_shutdown+0x80/0x80 [ 1152.960298] ? udp_v6_push_pending_frames+0x360/0x360 [ 1152.960915] ? inet6_sendmsg+0xbd/0x140 [ 1152.961369] ? memcpy+0x39/0x60 [ 1152.961757] sendmsg_copy_msghdr+0xa1/0x160 [ 1152.962251] ? do_recvmmsg+0x6d0/0x6d0 [ 1152.962704] ? __lock_acquire+0x1657/0x5b00 [ 1152.963205] ___sys_sendmsg+0xc6/0x170 [ 1152.963651] ? sendmsg_copy_msghdr+0x160/0x160 [ 1152.964186] ? lock_downgrade+0x6d0/0x6d0 [ 1152.964662] ? lock_acquire+0x197/0x470 [ 1152.965125] ? find_held_lock+0x2c/0x110 [ 1152.965606] ? __might_fault+0xd3/0x180 [ 1152.966085] ? lock_downgrade+0x6d0/0x6d0 [ 1152.966588] __sys_sendmmsg+0x195/0x470 [ 1152.967063] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1152.967559] ? lock_downgrade+0x6d0/0x6d0 [ 1152.968039] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1152.968597] ? wait_for_completion_io+0x270/0x270 [ 1152.969153] ? rcu_read_lock_any_held+0x75/0xa0 [ 1152.969707] ? vfs_write+0x354/0xa70 [ 1152.970157] ? fput_many+0x2f/0x1a0 [ 1152.970592] ? ksys_write+0x1a9/0x260 [ 1152.971034] ? __ia32_sys_read+0xb0/0xb0 [ 1152.971500] __x64_sys_sendmmsg+0x99/0x100 [ 1152.971986] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1152.972578] do_syscall_64+0x33/0x40 [ 1152.973024] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1152.973624] RIP: 0033:0x7f714576fb19 [ 1152.974041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1152.976162] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1152.977035] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1152.977843] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1152.978636] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1152.979455] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1152.980273] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1152.988669] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1152.990288] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000fe19c4a3 [ 1152.994470] Unsupported ieee802154 address type: 0 20:10:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:10:49 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2103, 0x0, 0x8800000) 20:10:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1153.037289] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1153.038190] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000fe19c4a3 20:10:49 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x37ff, 0x0, 0x8800000) [ 1153.072885] FAULT_INJECTION: forcing a failure. [ 1153.072885] name failslab, interval 1, probability 0, space 0, times 0 [ 1153.076374] CPU: 0 PID: 7452 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1153.077759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1153.079419] Call Trace: [ 1153.079952] dump_stack+0x107/0x167 [ 1153.080689] should_fail.cold+0x5/0xa [ 1153.081491] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1153.082434] should_failslab+0x5/0x20 [ 1153.083199] kmem_cache_alloc+0x5b/0x310 [ 1153.084023] ext4_mb_new_blocks+0x209f/0x45b0 [ 1153.084958] ? trace_hardirqs_on+0x5b/0x180 [ 1153.085837] ? ext4_cache_extents+0x148/0x2d0 [ 1153.086746] ? ext4_discard_preallocations+0xd80/0xd80 [ 1153.087807] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1153.088777] ext4_ext_map_blocks+0x1d68/0x5850 [ 1153.089726] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1153.090786] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1153.091855] ? ext4_ext_release+0x10/0x10 [ 1153.092692] ? ext4_map_blocks+0x5e0/0x1940 [ 1153.093579] ? lock_release+0x680/0x680 [ 1153.094398] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1153.095081] FAULT_INJECTION: forcing a failure. [ 1153.095081] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1153.095347] ? lock_downgrade+0x6d0/0x6d0 [ 1153.095388] ? down_write_killable+0x180/0x180 [ 1153.098346] ext4_map_blocks+0x652/0x1940 [ 1153.099181] ? kmem_cache_alloc+0x2a6/0x310 [ 1153.100050] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1153.100958] ? jbd2__journal_start+0xf3/0x7e0 [ 1153.101872] ? __ext4_journal_start_sb+0x214/0x390 [ 1153.102860] ? __ext4_journal_start_sb+0x1db/0x390 [ 1153.103857] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1153.104965] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1153.105948] ? down_write_killable+0x180/0x180 [ 1153.106867] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1153.107963] ext4_fallocate+0x415/0x3860 [ 1153.108784] ? __x64_sys_fallocate+0xcf/0x140 [ 1153.109705] ? lock_release+0x680/0x680 [ 1153.110515] ? ext4_ext_truncate+0x250/0x250 [ 1153.111411] ? ext4_ext_truncate+0x250/0x250 [ 1153.112303] vfs_fallocate+0x48f/0xd00 [ 1153.113121] __x64_sys_fallocate+0xcf/0x140 [ 1153.113999] do_syscall_64+0x33/0x40 [ 1153.114749] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1153.115784] RIP: 0033:0x7f6d60f48b19 [ 1153.116536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1153.120244] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1153.121792] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1153.123229] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1153.124666] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1153.126138] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1153.127581] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1153.129061] CPU: 1 PID: 7461 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1153.129863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1153.130762] Call Trace: [ 1153.131075] dump_stack+0x107/0x167 [ 1153.131497] should_fail.cold+0x5/0xa [ 1153.131939] _copy_from_user+0x2e/0x1b0 [ 1153.132406] __copy_msghdr_from_user+0x91/0x4b0 [ 1153.132934] ? __ia32_sys_shutdown+0x80/0x80 [ 1153.133446] ? udp_v6_push_pending_frames+0x360/0x360 [ 1153.134037] ? inet6_sendmsg+0xbd/0x140 [ 1153.134493] ? inet6_compat_ioctl+0x320/0x320 [ 1153.134995] ? __sock_sendmsg+0x55/0x190 [ 1153.135449] sendmsg_copy_msghdr+0xa1/0x160 [ 1153.135920] ? do_recvmmsg+0x6d0/0x6d0 [ 1153.136359] ? __lock_acquire+0x1657/0x5b00 [ 1153.136865] ___sys_sendmsg+0xc6/0x170 [ 1153.137300] ? sendmsg_copy_msghdr+0x160/0x160 [ 1153.137787] ? lock_downgrade+0x6d0/0x6d0 [ 1153.138248] ? lock_acquire+0x197/0x470 [ 1153.138688] ? find_held_lock+0x2c/0x110 [ 1153.139116] ? __might_fault+0xd3/0x180 [ 1153.139553] ? lock_downgrade+0x6d0/0x6d0 [ 1153.140022] __sys_sendmmsg+0x195/0x470 [ 1153.140459] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1153.140946] ? lock_downgrade+0x6d0/0x6d0 [ 1153.141410] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1153.141945] ? wait_for_completion_io+0x270/0x270 [ 1153.142480] ? rcu_read_lock_any_held+0x75/0xa0 [ 1153.142966] ? vfs_write+0x354/0xa70 [ 1153.143379] ? fput_many+0x2f/0x1a0 20:10:49 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 31) [ 1153.143761] ? ksys_write+0x1a9/0x260 [ 1153.144307] ? __ia32_sys_read+0xb0/0xb0 [ 1153.144758] __x64_sys_sendmmsg+0x99/0x100 [ 1153.145229] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1153.145799] do_syscall_64+0x33/0x40 [ 1153.146211] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1153.146775] RIP: 0033:0x7f714576fb19 [ 1153.147189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1153.149226] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1153.150065] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1153.150853] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1153.151635] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1153.152409] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1153.153205] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 20:11:00 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 32) 20:11:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:11:00 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 32) 20:11:00 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x60, 0x0, 0x8800000) 20:11:00 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f0000000080), 0x14) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x3, 0x585c, 0x1}) connect$802154_dgram(r3, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14) 20:11:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x300a, 0x0, 0x4022812, r0, 0x0) 20:11:00 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3800, 0x0, 0x8800000) [ 1164.637461] FAULT_INJECTION: forcing a failure. [ 1164.637461] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1164.640029] CPU: 1 PID: 7473 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1164.641515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.643312] Call Trace: [ 1164.643901] dump_stack+0x107/0x167 [ 1164.644700] should_fail.cold+0x5/0xa [ 1164.645548] _copy_from_user+0x2e/0x1b0 [ 1164.646415] __copy_msghdr_from_user+0x91/0x4b0 [ 1164.647438] ? __ia32_sys_shutdown+0x80/0x80 [ 1164.648402] ? udp_v6_push_pending_frames+0x360/0x360 [ 1164.649556] ? inet6_sendmsg+0xbd/0x140 [ 1164.650426] ? inet6_compat_ioctl+0x320/0x320 [ 1164.651403] ? __sock_sendmsg+0x55/0x190 [ 1164.652297] sendmsg_copy_msghdr+0xa1/0x160 [ 1164.653251] ? do_recvmmsg+0x6d0/0x6d0 [ 1164.654108] ? __lock_acquire+0x1657/0x5b00 [ 1164.655064] ___sys_sendmsg+0xc6/0x170 [ 1164.655941] ? sendmsg_copy_msghdr+0x160/0x160 [ 1164.656973] ? lock_downgrade+0x6d0/0x6d0 [ 1164.657901] ? lock_acquire+0x197/0x470 [ 1164.658782] ? find_held_lock+0x2c/0x110 [ 1164.659676] ? __might_fault+0xd3/0x180 [ 1164.660552] ? lock_downgrade+0x6d0/0x6d0 [ 1164.661479] __sys_sendmmsg+0x195/0x470 [ 1164.662350] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1164.662373] FAULT_INJECTION: forcing a failure. [ 1164.662373] name failslab, interval 1, probability 0, space 0, times 0 [ 1164.663285] ? lock_downgrade+0x6d0/0x6d0 [ 1164.663323] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1164.663346] ? wait_for_completion_io+0x270/0x270 [ 1164.667951] ? rcu_read_lock_any_held+0x75/0xa0 [ 1164.668974] ? vfs_write+0x354/0xa70 [ 1164.669794] ? fput_many+0x2f/0x1a0 [ 1164.670591] ? ksys_write+0x1a9/0x260 [ 1164.671424] ? __ia32_sys_read+0xb0/0xb0 [ 1164.672321] __x64_sys_sendmmsg+0x99/0x100 [ 1164.673253] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1164.674383] do_syscall_64+0x33/0x40 [ 1164.675197] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1164.676315] RIP: 0033:0x7f714576fb19 [ 1164.677181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.681199] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1164.682854] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1164.684425] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1164.686003] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1164.687573] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1164.689162] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1164.690790] CPU: 0 PID: 7478 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1164.691891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.693198] Call Trace: [ 1164.693613] dump_stack+0x107/0x167 [ 1164.694192] should_fail.cold+0x5/0xa 20:11:00 executing program 5: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x28, 0x0, 0x8800000) [ 1164.694859] ? create_object.isra.0+0x3a/0xa20 [ 1164.695544] should_failslab+0x5/0x20 [ 1164.696104] kmem_cache_alloc+0x5b/0x310 [ 1164.696718] create_object.isra.0+0x3a/0xa20 [ 1164.697375] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1164.698125] kmem_cache_alloc+0x159/0x310 [ 1164.698753] ext4_mb_new_blocks+0x209f/0x45b0 [ 1164.699431] ? ext4_ext_search_right+0x325/0xbd0 [ 1164.700131] ? ext4_ext_search_right+0x337/0xbd0 [ 1164.700837] ? ext4_discard_preallocations+0xd80/0xd80 [ 1164.701655] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1164.702383] ext4_ext_map_blocks+0x1d68/0x5850 [ 1164.703090] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.703882] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1164.704712] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1164.705518] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1164.706349] ? ext4_ext_release+0x10/0x10 [ 1164.706985] ? ext4_map_blocks+0x5e0/0x1940 [ 1164.707650] ? lock_release+0x680/0x680 [ 1164.708258] ? io_schedule_timeout+0x140/0x140 [ 1164.708962] ? lock_downgrade+0x6d0/0x6d0 [ 1164.709593] ? down_write_killable+0x180/0x180 [ 1164.710294] ext4_map_blocks+0x652/0x1940 [ 1164.710936] ? kmem_cache_alloc+0x2a6/0x310 [ 1164.711606] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1164.712302] ? jbd2__journal_start+0xf3/0x7e0 [ 1164.713006] ? __ext4_journal_start_sb+0x214/0x390 [ 1164.713758] ? __ext4_journal_start_sb+0x1db/0x390 [ 1164.714561] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1164.715373] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1164.716120] ? down_write_killable+0x180/0x180 [ 1164.716832] ext4_fallocate+0x415/0x3860 [ 1164.717467] ? __x64_sys_fallocate+0xcf/0x140 [ 1164.718160] ? lock_release+0x680/0x680 [ 1164.718774] ? ext4_ext_truncate+0x250/0x250 [ 1164.719448] ? ext4_ext_truncate+0x250/0x250 [ 1164.720127] vfs_fallocate+0x48f/0xd00 [ 1164.720734] __x64_sys_fallocate+0xcf/0x140 [ 1164.721406] do_syscall_64+0x33/0x40 [ 1164.721975] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1164.722757] RIP: 0033:0x7f6d60f48b19 [ 1164.723313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.726141] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1164.727299] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1164.728385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1164.729500] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1164.730601] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1164.731686] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1164.763015] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1164.764315] ref_ctr increment failed for inode: 0x3e88 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000093398c38 20:11:01 executing program 2: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) kcmp(r0, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @short}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x80400, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000009c0)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r6], 0x1}, 0x58) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x5a1441, 0x0) perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x0, 0x7f, 0x5, 0x6, 0x0, 0x7, 0x40, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4b97, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10004, 0x0, 0x3, 0x9, 0x550, 0x0, 0x0, 0x0, 0x1c93b74e, 0x0, 0x7}, r6, 0x1, r7, 0x8) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 20:11:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1164.794434] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1164.796181] ref_ctr increment failed for inode: 0x3e88 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000093398c38 20:11:01 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000000)=0xcbc, 0x4) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f0000000080), 0x14) 20:11:01 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:11:01 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 33) 20:11:01 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3f00, 0x0, 0x8800000) 20:11:01 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f0000000080), 0x14) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x3, 0x585c, 0x1}) connect$802154_dgram(r3, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14) [ 1164.900154] FAULT_INJECTION: forcing a failure. [ 1164.900154] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1164.903694] CPU: 1 PID: 7504 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1164.905115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.906793] Call Trace: [ 1164.907345] dump_stack+0x107/0x167 [ 1164.908108] should_fail.cold+0x5/0xa [ 1164.908911] _copy_from_user+0x2e/0x1b0 [ 1164.909762] iovec_from_user+0x141/0x400 [ 1164.910624] __import_iovec+0x67/0x590 [ 1164.911466] ? __ia32_sys_shutdown+0x80/0x80 [ 1164.912408] import_iovec+0x83/0xb0 [ 1164.913185] sendmsg_copy_msghdr+0x131/0x160 [ 1164.914086] ? do_recvmmsg+0x6d0/0x6d0 [ 1164.914918] ? __lock_acquire+0x1657/0x5b00 [ 1164.915852] ___sys_sendmsg+0xc6/0x170 [ 1164.916675] ? sendmsg_copy_msghdr+0x160/0x160 [ 1164.917656] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.918733] ? trace_hardirqs_on+0x5b/0x180 [ 1164.919672] ? lock_acquire+0x197/0x470 [ 1164.920527] ? find_held_lock+0x2c/0x110 [ 1164.921420] ? __might_fault+0xd3/0x180 [ 1164.922281] ? lock_downgrade+0x6d0/0x6d0 [ 1164.923181] ? io_schedule_timeout+0x140/0x140 [ 1164.924197] __sys_sendmmsg+0x195/0x470 [ 1164.925097] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 1164.926053] ? lock_downgrade+0x6d0/0x6d0 [ 1164.926970] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1164.928027] ? wait_for_completion_io+0x270/0x270 [ 1164.929085] ? rcu_read_lock_any_held+0x75/0xa0 [ 1164.930093] ? vfs_write+0x354/0xa70 [ 1164.930910] ? fput_many+0x2f/0x1a0 [ 1164.931707] ? ksys_write+0x1a9/0x260 [ 1164.932555] ? __ia32_sys_read+0xb0/0xb0 [ 1164.933482] __x64_sys_sendmmsg+0x99/0x100 [ 1164.934444] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1164.935591] do_syscall_64+0x33/0x40 [ 1164.936430] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1164.937599] RIP: 0033:0x7f714576fb19 [ 1164.938430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.942586] RSP: 002b:00007f7142ce5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1164.944299] RAX: ffffffffffffffda RBX: 00007f7145882f60 RCX: 00007f714576fb19 [ 1164.945820] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000003 [ 1164.947442] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1164.949024] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1164.950587] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 20:11:01 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000000)=0x3, 0x4) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) [ 1164.977051] Unsupported ieee802154 address type: 0 [ 1164.990162] Unsupported ieee802154 address type: 0 20:11:01 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 33) 20:11:01 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x300c, 0x0, 0x4022812, r0, 0x0) 20:11:01 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1165.023304] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1165.025056] ref_ctr increment failed for inode: 0x3e64 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000013eb1acf [ 1165.051338] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1165.053037] ref_ctr increment failed for inode: 0x3e64 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000013eb1acf [ 1165.104467] FAULT_INJECTION: forcing a failure. [ 1165.104467] name failslab, interval 1, probability 0, space 0, times 0 [ 1165.109645] CPU: 0 PID: 7520 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1165.110698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1165.111965] Call Trace: [ 1165.112370] dump_stack+0x107/0x167 [ 1165.112936] should_fail.cold+0x5/0xa [ 1165.113538] ? jbd2__journal_start+0x190/0x7e0 [ 1165.114236] should_failslab+0x5/0x20 [ 1165.114813] kmem_cache_alloc+0x5b/0x310 [ 1165.115442] jbd2__journal_start+0x190/0x7e0 [ 1165.116122] __ext4_journal_start_sb+0x214/0x390 [ 1165.116853] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1165.117660] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1165.118394] ? down_write_killable+0x180/0x180 [ 1165.119096] ext4_fallocate+0x415/0x3860 [ 1165.119706] ? __x64_sys_fallocate+0xcf/0x140 [ 1165.120390] ? lock_release+0x680/0x680 [ 1165.121003] ? ext4_ext_truncate+0x250/0x250 [ 1165.121680] ? ext4_ext_truncate+0x250/0x250 [ 1165.122345] vfs_fallocate+0x48f/0xd00 [ 1165.122945] __x64_sys_fallocate+0xcf/0x140 [ 1165.123598] do_syscall_64+0x33/0x40 [ 1165.124188] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1165.125017] RIP: 0033:0x7f6d60f48b19 [ 1165.125604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1165.128429] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1165.129634] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1165.130731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1165.131845] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1165.132950] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1165.134081] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1179.109493] FAULT_INJECTION: forcing a failure. [ 1179.109493] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.111826] CPU: 1 PID: 7533 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1179.113222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1179.114913] Call Trace: [ 1179.115457] dump_stack+0x107/0x167 [ 1179.116212] should_fail.cold+0x5/0xa [ 1179.116998] ? create_object.isra.0+0x3a/0xa20 [ 1179.117958] should_failslab+0x5/0x20 [ 1179.118740] kmem_cache_alloc+0x5b/0x310 [ 1179.119570] create_object.isra.0+0x3a/0xa20 [ 1179.120466] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1179.121511] kmem_cache_alloc+0x159/0x310 [ 1179.122375] jbd2__journal_start+0x190/0x7e0 [ 1179.123284] __ext4_journal_start_sb+0x214/0x390 [ 1179.124267] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1179.125366] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1179.126358] ? down_write_killable+0x180/0x180 [ 1179.127301] ext4_fallocate+0x415/0x3860 [ 1179.128129] ? __x64_sys_fallocate+0xcf/0x140 [ 1179.129057] ? lock_release+0x680/0x680 [ 1179.129894] ? ext4_ext_truncate+0x250/0x250 [ 1179.130806] ? ext4_ext_truncate+0x250/0x250 [ 1179.131699] vfs_fallocate+0x48f/0xd00 [ 1179.132505] __x64_sys_fallocate+0xcf/0x140 [ 1179.133399] do_syscall_64+0x33/0x40 [ 1179.134161] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1179.135211] RIP: 0033:0x7f6d60f48b19 [ 1179.135975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1179.139757] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d 20:11:15 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3fff, 0x0, 0x8800000) 20:11:15 executing program 2: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) kcmp(r0, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @short}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x80400, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000009c0)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r6], 0x1}, 0x58) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x5a1441, 0x0) perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x0, 0x7f, 0x5, 0x6, 0x0, 0x7, 0x40, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4b97, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10004, 0x0, 0x3, 0x9, 0x550, 0x0, 0x0, 0x0, 0x1c93b74e, 0x0, 0x7}, r6, 0x1, r7, 0x8) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 20:11:15 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 34) [ 1179.141320] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1179.143337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1179.145186] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1179.146999] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1179.148809] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1179.161581] Unsupported ieee802154 address type: 0 20:11:15 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:11:15 executing program 5: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) kcmp(r0, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @short}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x80400, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000009c0)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r6], 0x1}, 0x58) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x5a1441, 0x0) perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x0, 0x7f, 0x5, 0x6, 0x0, 0x7, 0x40, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4b97, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10004, 0x0, 0x3, 0x9, 0x550, 0x0, 0x0, 0x0, 0x1c93b74e, 0x0, 0x7}, r6, 0x1, r7, 0x8) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 20:11:15 executing program 7: prctl$PR_SVE_SET_VL(0x32, 0x3ad96) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:11:15 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) (fail_nth: 34) 20:11:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3010, 0x0, 0x4022812, r0, 0x0) [ 1179.165748] Unsupported ieee802154 address type: 0 20:11:15 executing program 2: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) kcmp(r0, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @short}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x80400, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000009c0)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r6], 0x1}, 0x58) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x5a1441, 0x0) perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x0, 0x7f, 0x5, 0x6, 0x0, 0x7, 0x40, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4b97, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10004, 0x0, 0x3, 0x9, 0x550, 0x0, 0x0, 0x0, 0x1c93b74e, 0x0, 0x7}, r6, 0x1, r7, 0x8) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4) [ 1179.184926] FAULT_INJECTION: forcing a failure. [ 1179.184926] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1179.186280] CPU: 0 PID: 7541 Comm: syz-executor.6 Not tainted 5.10.204 #1 [ 1179.187043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1179.187958] Call Trace: [ 1179.188258] dump_stack+0x107/0x167 [ 1179.188664] should_fail.cold+0x5/0xa [ 1179.189100] _copy_to_user+0x2e/0x180 [ 1179.189536] simple_read_from_buffer+0xcc/0x160 [ 1179.190054] proc_fail_nth_read+0x198/0x230 [ 1179.190528] ? proc_sessionid_read+0x230/0x230 [ 1179.191028] ? security_file_permission+0x24e/0x570 [ 1179.191575] ? perf_trace_initcall_start+0x101/0x380 [ 1179.192152] ? proc_sessionid_read+0x230/0x230 [ 1179.192656] vfs_read+0x228/0x580 [ 1179.193052] ksys_read+0x12d/0x260 [ 1179.193454] ? vfs_write+0xa70/0xa70 [ 1179.193871] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1179.194444] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1179.195015] do_syscall_64+0x33/0x40 [ 1179.195436] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1179.196022] RIP: 0033:0x7f714572269c [ 1179.196453] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1179.198569] RSP: 002b:00007f7142ce5170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1179.199442] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f714572269c [ 1179.200249] RDX: 000000000000000f RSI: 00007f7142ce51e0 RDI: 0000000000000004 [ 1179.201065] RBP: 00007f7142ce51d0 R08: 0000000000000000 R09: 0000000000000000 [ 1179.201876] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002 [ 1179.202682] R13: 00007ffd4f988a0f R14: 00007f7142ce5300 R15: 0000000000022000 [ 1179.210863] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1179.212634] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000e771f831 20:11:15 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = accept4(r0, &(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000000)=0x80, 0x80000) bind$802154_dgram(r1, &(0x7f0000000100)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14) 20:11:15 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4000, 0x0, 0x8800000) 20:11:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1179.251112] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1179.252781] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000e771f831 20:11:15 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) connect$802154_dgram(r0, &(0x7f0000000000)={0x24, @short={0x2, 0x0, 0x1}}, 0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'}) ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f00000000c0)={{r0}, "dc9d69806b7f6c3cefc34d57908a81886197f6af666a6062f10cc43d60c00c23059c0e7b9c1f08f69a082c34431263bb9c0123f2446670f15e64c95db100a407830e856d410b6881268dd629eb09c66b6015e464af0f81ae3e21d136e5bf0ce0e6359164072320c7890854593bbb9d1c73a6e17ee4e034c9939ddb89a5f70ac5aa7d8bfbb2df49237eac343cf3e79a14b714c4861305932f5eedc9d5022c964154bceb927ea0db000e3935c6a589accfbd952d2ad23ce88267bcc1c6a32c822bba42e0f99f88e9b894d36d5a667957fcf38d0d41a5d9500293d3f1cdf5ae9478d486b89ecc491d11ed723b0c36e5358d39cad375284c5f602bee8e0121b9716b574e1d7acd9e0de48fca044e38cee351c3cd238c7fea37a64a75e6b89d8a3c08597d7ba35a1e1e37bc5483a0e0d1d546aba1e575b1b0cfaa7bea111af0c223bd7411280e699b3be4b95b57316957bffd73ca6381dd06678783cc6b08db9e57b61eae9b0e7a855cee7034a5ab5d1fc583939b526d349c73c65f5a2be1be26b7c71c722c3d1fef36749daf3d30fdf448f708162de8363542d08445690c1e629bdd3652d683c4dc8e7e88bee4abbebeebc80f96812290a83801028533e916240c9a05ea4fb9549fb3f78476937385f4014c80762100977ba063ad829f7656a1da5943f303c329a9d49801c25b0790502e10f84fe6e674b040e23ef3c06d3da3a689b22170be3edf3794e2cffac9117f487e563b725031a41ba7e369694dc4ac6df9437443c5b008efedf7031878f58a1c784f24302403a072ea1a8907a616c61c9b3a9813c6fccea08d7e8a7ba3594e922866ec10939b4daacc272b7011d719699c9bdc4bcf014a42574bd024fb925c27b94d145e0179dae74dfa3472066c6943cb1fa117ef8c3d920dcf8c8e6ff322e153c83f6571a48fe194d9670cef31a1fccb058d846ef39fb6695e5b6e5416e5cefbf31bb78693458acca05af5c96aca9fd1fda1fa8946b070c10a57de6fa4b4417f41e768349a886846945f00396b90b9acc90c72d3dfe19e1f10e2bf925ef0b6916e087a16c9bdd83386ca985e34269282cce3e165864fb14e1c74ba65f7ea73631fdf4b43fa26619f50a3969df593aa03c0373512d91b5db07a51c4d0c71ca8618650b5e99f000b82c1e8d10e278903f0fe08c2fc6d21b25f5d56953e8c4b5355650e0d3c125c2ecb7b0d8c9c5ccbb9ea768467de31a93139962c79a8e0bb6b2d69be69caba39f08dcc3188c286ce658136c8b8b8209712a3a27ed552d742b0ee6d0517c9a05ce70ef8e0a67f3117df5664f04ece0de0739bf031987547f09f6f96690f61745b273936c9634af36e9becaa8e2a310bef33fb01460653e92f4e326c500e2f25b977d01c35389c965b7b5df16e258824d0fd06f5d290fd2eb387c2c2f7f4a80921b2236479efdef5f9ceede4448c3ef3583b61f26a75571c1fefa2194e06720ebe51b4d3505dd18a0384794d6e98a0e2ad1de515e4171c91f7e02b7ae238cd8d797f0a3219c71a72a175ec548914de9274990c441df0615f5699fb3fe5ee36adad03f0531dc3d3e133d50677d6cd4c1b4af0119b76d69d1ba5491026e9d598824c5015a3007a3e544db4aea1ad841ad3a926e790e5aa7d4ca247b5a566edbc5992822d2da924eb18f3ddeb8780cb149740e96699738300cec43f46437584ea1bb8ac9bc66042708fb08d3b4ce13910abb7b2720a5ac5f6a61a27e9010890a30cf33d2e30734c73bd2cfb6ed4843f9b6db8c7465caba42cbe77af439d56e0c9170564d66d01c1c19f2a7e8d504765e848bf8b117ed3ce05c3c3f4c1089bcb1f847d24dbbce834e022bbf0ed4414d74c237e805b0cb1c00285cb83c660b6a233294af4b245161e82ac4ba3a937ecb517ae2c9890ecf1ac250b2833e3f4cfa0de9c6ba81fd7dd7b2488f1d965de214b74865efc20650d82bbbd5596f4e5c319c7727ce941b43113cc31c6a809485bfbaeb4dffccb6767d0415afdaf3bff5696241ade2be8d062f3d2064f9245bd67635bdd0bf2df83c2e8b1376c4942fa95bcdd70c60b65732610e0cb87aeb6caaa54b5934df243c74008222cfaddf6f9b5abf3499c447fa4921c4bc50c9b5eb2bac1b03a1f97dfac05c623b56d1b6873ec4ddff754c7bf27032ad5449ecd1434ec25eda98ba05407067708b13f9a15f760a8d9436ff9c1dae21dc1735eb09e4f32cdd70fb8782621c33c1d1070ee5d3d5243fd069a4e9d90454e565d01297534853ec7032750ea84d5134c36340e66a12c95be39614ffc09dbcfa21fda151828800d9336d8cd9b894d3497437894f2b4e4935a33d813cf71c3de0dbf42cee4637e63fb759062ff26cc4da4c411f222ec8028892834ea2fe42e8242e3cfe904c413352998b4eb7005c0c35228a04bd12bac9e1008e1fc45fc4795c9e40c72c018c7e1d82761d7a7db49c32c851498d49fa043d602e4629543427e5d70e0a97fa47ecf7f9d7083d5654f1069ee0cc140c59f771a43bd4cc488d1f0df179259a2e93e00e41fe1bb6133ab03f89a83e4108ab9d640a6562767b54a7606b93f7ae6f630715491f6e2031c9fd8c4db9b48b2a7dfd6daca4ce6a99a6e36f9490bdec2e17deeb0b6cde1ab4834720dcd0d45c7cc144f56cc67fdbeec4696b377b5c25fae0614dd7ec572ced0d8e19365139b1eb4f3a092115ab48a84bd2d56533465d8068b30b6d8b4331f8131c564d842082e9a06b18d456a42a815454ffaf067bb2a0ea198d7b6c1c4d72191548e6b17b2ded365f1d19441d3c24d80e44c44010629f27721256f040262537f02531f7b015883318e545511a28cd9ef16f5f22d1ee12f9b4ef8b6ffafc9fd1483d85b201ca8d53aa2ea5dc9595437582117b980527ea829fa5426369cd0877183274b60d55337a61c70ab2b472e87438ccf804839afbade6e6a8d9899eea7be6da3019735749ca224bbf0d676879538eb9ed077fafa6d689010f9622b93ae6091ec67647452ae2f5ce6057d8d09ae730ab6ab9b227ab3f102f9e16dbc05c4644e48f312cab9bf56e0584d77864db0ed9955f216b2eb5181cbaf4a8a81d64dc0db3dc74191a32b4a8937512751c464d087236502b73db4d8cdb4b49655c67d2992862ffece5c56a360d23805bdceb3f1337368812fda5ee1f927aa62dc5d0f821828c5d8f4ba0d86d154fd83d47325328cc195ed5f64d6e72d04e4b710c9592794da06e5500b615824772ca12e94f87f5767a84424e1bc0b633b9f483a5e14fbab4ab704527e2a47390336227b99171d3b6734be21ee1a197e44d183d323784b6f11e4191dd850feb5714ff02edd31251bde84aa16d9f26c21c12c74abdbd6a6a2d9aa91b8bf9ae482d3ce4626b4649f40a97fc0075d91af147cc8c0dec0b5b26ca43990abac338a31a84f08d471503b6a08876df9c0e930ab714f2f7aa3ed89b175f03ac959cb275b95fb30331b4484b92448a60473201afb3f0433d39af9d6dd5530aac98351032f991cb254410c14dd093bf15e7c626a80df97abd48ea694849987039fe4ceff730a825eec601b3dd96b5c2bb1fb453e3caa0931a256a4ea9665049e1cf96a8874726f265f260ea9218442c10f5eadfa2fdb38f17850254d0dc37e5b22f746adddf87c720b88def948f04cbd2d45f54c6ca9083885cf1919705ae33516a520a96dd355740fac128e40623e03fa4d739ef66c70feba2bf2b4fe77fea053eb1494577f8b85c8e334f7bd5b5afc0f60e89539a8096a16ad25e8c78c0a54143f03ad20bfa80fef66034182eded7240668ba1f5bf41e9f77b2fbdde6c9fbde295620deb9b47c5b610dcd82781eceb3436c15b3855f726c4e27bd6702089bdf8b3a37d0000bd923d820d048c89f152247d7454fd1106d9b818a65b5cd01b05aa1dd343c3ce561df8847b40e976af3aeff06599aebd9503343a21f67aa0adeecfdc45ce758ed15af507262c0dfc68bcdbd0d2373d2909c4eddd4fa02f5183101e65020dcc67e1f6bf2b4159c17644ae3681d840d5875a59d01b0af7210dc940773bcbc6a16a2cddacaa01a5db0547429aed8c4dad518b663d68d3a76947478e0e5ba59815220d9f92b3ab491ca6bb22810ff777d0f6c8c5e3dcdedf417560ad7a3aa722986fcb85042eca6050fb4a2b432e5882f1f2427b3367b1735366060b4b9064411244af6fc728a14b9b6216b597d40284cf1710f3a08db67eb2d112a4abcf1a442f069b1edb2981bc7fefe1911a8963b7fac8c19c52f23479a8c51a9cff5707a6fc4d19db4b08531063e43d15c6934e7fb412fed1c1e50d2db5dab17993ba18c12fa9eec81e78beda1bc346b261eff7400e7ac1a5f4efdd03823ea731402cd402d15adb5d06f9f12caa6a42e18d80d082ed6313b58466bfc6f24979e39304804c4a58e547baeb58e3627d397a3cbd7a0870aa9bcf335094970be0a3643c057501c01c78eb8c4c11f52cab0856edbb55d5744e1385efb801b80c9b01de1ac8bdd4704d69d34dc2d626cf8d328ef26f8714cca1a850541d483bba333161d163d7c5554767522746f6f1d5916a0058bf2f5aad83426a9bb9dd9fc29a026aa1ab695a035b9dd8d6d48474da0dce2205936453ed3871b2cc001148488a43f5d01e368377a2d8b0025634b76696385a038af9fc653e3611567ac5327c03a120ab28a13a1afcd7b5e29dbe35aea1c6e6af5515501627d0b3aa9a4e2efba5813f65056df741cb0cfe2702f36a8c7391ccaeb581d213d8339375ac554efdc66fecff61c3945144810c3affa6a93da28368d4f89e2f0ae05b1981dbe1d384106b0857818cf096420591d6597da293749c7f350f3db32ac9e165c8dced4146afbc27bcefc9213c5544d3b13112c32f51493760f308925bcba739ee58b9f73498ceaacabe36287ef97e54fb56c323400276cb4e5db18517e1ada5bbfbed5f381c20785cfe58457dbb22d51d4603f9457ebc847998233a50cb2080b5b5b3c6e93aba495dacb6fcc3b9be75e09661614392b6862429a12875ba1e0b18b3c9871e6da183eb68cb0c4114adfe3af7c6619493b938f4adac71522bf07842981b7107c14671b5ca994456b245acdc2b56ce1ddc369bc8c8bc68c003675ff15c7c9b30a7109024b65b7e1f2db37e9cc9bdb9323adb35804de078a64f1542f1482c5b84ee1b1722ecbacdd9f8a87a9240b6fc97cac2cdf84ec29a6b58e7fa80b45d00e03ba5dcac09110e0d0626e75fba0997ab889149a78c72b685500ac83971f7040ca835dc3ce13f53ea40126124473c1c756d130a6844c7a6d219c8b1a58fedcf03e466b3d0c45e71a28fcc3af1cdf0190a41730e34b2d3cc939140128e1fff1094475cd74c376d9387ba9e6e438bdc83541cc9adb9e4c0839e6b0a139328d11b9575f387eafceff770dc0d46520ea49e19886dfa431ac37990837f48b7189788fb97fe5be45e07b0ccef03c64cc70df67fd5e44b04191e867dc76412aded749e5861d207baff4c340b98b369b52613e3326901141b1db3c0bc563e0af961fc39bdd35a865e2188fb757e04f8dfb07ddbfd4ad4cb6c383cd1f5aaac5315e16eb2a2180a28d26546046678570efc731fea73710754912ddc25e7409a9c94b509065d1b7591ab6b20c3fb065c44c7df1a34a7901109d5da104933465a943d061ac02ce1766a8cf5355de9d8aa9f0b23328143a0649bc20d77893a84f59517de0e37c9c7682ffdfed41021d764f243a0e22e61de7ebdca55cac85e2ef38dc7fc83111c22c7936bef0d3f7c1cc0056957"}) [ 1179.319359] Unsupported ieee802154 address type: 0 [ 1179.386512] Unsupported ieee802154 address type: 0 20:11:29 executing program 5: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x10, 0x0, 0x8800000) 20:11:29 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x47ff, 0x0, 0x8800000) 20:11:29 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1, 0x2) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:11:29 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 35) 20:11:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3048, 0x0, 0x4022812, r0, 0x0) 20:11:29 executing program 2: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) kcmp(r0, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @short}, 0x14) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x80400, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000009c0)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r6], 0x1}, 0x58) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x5a1441, 0x0) perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x0, 0x7f, 0x5, 0x6, 0x0, 0x7, 0x40, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4b97, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0x10004, 0x0, 0x3, 0x9, 0x550, 0x0, 0x0, 0x0, 0x1c93b74e, 0x0, 0x7}, r6, 0x1, r7, 0x8) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r1}}, './file0\x00'}) getsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 20:11:29 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1193.421242] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1193.422245] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b [ 1193.432477] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1193.433493] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b [ 1193.435139] Unsupported ieee802154 address type: 0 20:11:29 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0x2, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:29 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x304c, 0x0, 0x4022812, r0, 0x0) 20:11:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:11:29 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r0}}, './file0\x00'}) [ 1193.540418] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1193.541427] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000006780e7b6 20:11:29 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4800, 0x0, 0x8800000) 20:11:29 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fchmodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x4, 0x0, 0x0, 0x21c}}) fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r2, &(0x7f0000000040)={0x24, @short={0x2, 0x1, 0xaaa1}}, 0x14) bind$802154_dgram(r2, &(0x7f0000000140)={0x24, @short}, 0x14) bind$802154_dgram(r2, &(0x7f0000000000)={0x24, @short}, 0x14) syz_open_dev$vcsa(&(0x7f0000000100), 0x1, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x4001, 0x0) connect$802154_dgram(r3, &(0x7f00000000c0)={0x24, @none={0x0, 0x3}}, 0x14) [ 1193.587648] FAULT_INJECTION: forcing a failure. [ 1193.587648] name failslab, interval 1, probability 0, space 0, times 0 20:11:29 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1193.591093] CPU: 0 PID: 7588 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1193.592749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1193.594750] Call Trace: [ 1193.595388] dump_stack+0x107/0x167 [ 1193.596265] should_fail.cold+0x5/0xa [ 1193.597185] ? jbd2__journal_start+0x190/0x7e0 [ 1193.598307] should_failslab+0x5/0x20 [ 1193.599227] kmem_cache_alloc+0x5b/0x310 [ 1193.600212] jbd2__journal_start+0x190/0x7e0 [ 1193.601306] __ext4_journal_start_sb+0x214/0x390 [ 1193.602437] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1193.603519] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1193.604496] ? down_write_killable+0x180/0x180 [ 1193.605464] ext4_fallocate+0x415/0x3860 20:11:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1193.606300] ? __x64_sys_fallocate+0xcf/0x140 [ 1193.606323] ? lock_release+0x680/0x680 [ 1193.606345] ? ext4_ext_truncate+0x250/0x250 [ 1193.606368] ? ext4_ext_truncate+0x250/0x250 [ 1193.606387] vfs_fallocate+0x48f/0xd00 20:11:30 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3068, 0x0, 0x4022812, r0, 0x0) [ 1193.606412] __x64_sys_fallocate+0xcf/0x140 [ 1193.606434] do_syscall_64+0x33/0x40 [ 1193.606450] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1193.606463] RIP: 0033:0x7f6d60f48b19 [ 1193.606482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:11:30 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4fff, 0x0, 0x8800000) [ 1193.606492] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1193.606512] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1193.606522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1193.606532] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1193.606542] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 20:11:30 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 36) 20:11:30 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x2, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1193.606553] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:11:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1193.621173] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1193.621254] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000006780e7b6 [ 1193.662099] Unsupported ieee802154 address type: 0 [ 1193.700989] Unsupported ieee802154 address type: 0 [ 1193.725569] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1193.725596] ref_ctr increment failed for inode: 0x3e7e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000001ee02b86 [ 1193.758364] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1193.758378] ref_ctr increment failed for inode: 0x3e7e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000001ee02b86 [ 1193.809073] FAULT_INJECTION: forcing a failure. [ 1193.809073] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.810288] CPU: 1 PID: 7634 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1193.811007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1193.811878] Call Trace: [ 1193.812163] dump_stack+0x107/0x167 [ 1193.812551] should_fail.cold+0x5/0xa [ 1193.812957] ? create_object.isra.0+0x3a/0xa20 [ 1193.813446] should_failslab+0x5/0x20 [ 1193.813847] kmem_cache_alloc+0x5b/0x310 [ 1193.814275] ? lock_chain_count+0x20/0x20 [ 1193.814713] create_object.isra.0+0x3a/0xa20 [ 1193.815184] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1193.815721] __kmalloc+0x16e/0x390 [ 1193.816101] ext4_find_extent+0xa3d/0xd30 [ 1193.816545] ext4_ext_map_blocks+0x1c8/0x5850 [ 1193.817038] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1193.817636] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1193.818216] ? ext4_ext_release+0x10/0x10 [ 1193.818670] ? ext4_map_blocks+0x5e0/0x1940 [ 1193.819152] ? lock_release+0x680/0x680 [ 1193.819591] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1193.820119] ? lock_downgrade+0x6d0/0x6d0 [ 1193.820583] ? down_write+0xe0/0x160 [ 1193.820997] ? down_write_killable+0x180/0x180 [ 1193.821520] ext4_map_blocks+0x652/0x1940 [ 1193.821981] ? kmem_cache_alloc+0x2a6/0x310 [ 1193.822456] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1193.822952] ? jbd2__journal_start+0xf3/0x7e0 [ 1193.823451] ? __ext4_journal_start_sb+0x214/0x390 [ 1193.823998] ? __ext4_journal_start_sb+0x1db/0x390 [ 1193.824540] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1193.825122] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1193.825661] ? down_write_killable+0x180/0x180 [ 1193.826172] ext4_fallocate+0x415/0x3860 [ 1193.826619] ? __x64_sys_fallocate+0xcf/0x140 [ 1193.827116] ? lock_release+0x680/0x680 [ 1193.827542] ? ext4_ext_truncate+0x250/0x250 [ 1193.828030] ? ext4_ext_truncate+0x250/0x250 [ 1193.828510] vfs_fallocate+0x48f/0xd00 [ 1193.828946] __x64_sys_fallocate+0xcf/0x140 [ 1193.829424] do_syscall_64+0x33/0x40 [ 1193.829829] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1193.830391] RIP: 0033:0x7f6d60f48b19 [ 1193.830806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1193.832814] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1193.833662] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1193.834442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1193.835204] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1193.835990] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1193.836769] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:11:30 executing program 2: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @short}, 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f00000004c0)={0x24, @short={0x2, 0x2, 0xaaa2}}, 0x14) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) pipe(&(0x7f0000000500)) r4 = creat(&(0x7f0000000540)='./file0\x00', 0x184) setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r3, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'macvlan1\x00', 0x0}) sendmsg$sock(r0, &(0x7f0000000480)={&(0x7f0000000100)=@ll={0x11, 0xf8, r5, 0x1, 0x77, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="9d27ae77cc94e124d0d85f11ab3187f20d74a45dcc36620056fd75974ac88663648f0cac47dd3269979d7666001dbb71211319018581", 0x36}, {&(0x7f00000001c0)="5d94ee2f2aa3609af85264dbaa6dbb6499ab2016e9fb81e76a72b1fcb5bfdb3a38993ba613d93d669d4737b8c8e252a7e41e113317afd0acc08abf90158c70aec52a1cfca143b257d2932e37f73b6efd6b2c9157f3794143534eae072994423dd8536943901ee0da0652ff423548745505659a339cd39830a7b290ec6e4c52b4558c74dd6d05e914059296c6068962bd345092fc49f457fd813a", 0x9a}, {&(0x7f0000000280)="25a77e09db4887fb6d4f24f3c70c8d18d877cfd2bedf7ecbee5d211d302b8110235b29f80a4bd953932e381fa50b8585590085eba7f351107aeb15b8c470ce927966371e81877ec3f3e7879400cdbddbc9a1cce54820ac3c70715b65bdb098f74ba98b2a46d0832bb4c1bc3b6eb2a96feeb5d37ea5d7", 0x76}, {&(0x7f0000000300)="e37cb5e12570f380305a", 0xa}], 0x4, &(0x7f0000000380)=[@timestamping={{0x14, 0x1, 0x25, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x3f}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0xffff3208}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x20}}], 0xa8}, 0x4) 20:11:30 executing program 7: sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800050}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0xe8, 0x0, 0x400, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x30}}}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x13}, @NL80211_ATTR_IE={0xc, 0x2a, [@gcr_ga={0xbd, 0x6, @broadcast}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x6}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x50}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x51}, @NL80211_ATTR_IE={0x24, 0x2a, [@peer_mgmt={0x75, 0x4, {0x1, 0x5, @void, @void, @void}}, @mic={0x8c, 0x18, {0x3f2, "5444ce4d69cd", @long="76a5d283d9437af15a88c53c1718fb17"}}]}, @NL80211_ATTR_IE={0x6b, 0x2a, [@tim={0x5, 0x33, {0x3, 0x8e, 0x97, "e38b3824c6453a3278ee6b2cc76f1de572c5810dffd0af94cc60d9e266b01926ce847957ef1b0d63e88b48675a248b21"}}, @preq={0x82, 0x30, @not_ext={{0x1, 0x1, 0x1}, 0x6, 0xdd, 0x7, @device_b, 0x2a, "", 0x9, 0x7, 0x2, [{{0x1, 0x0, 0x1}, @broadcast, 0x30000000}, {{0x1}, @device_b, 0x1}]}}]}, @NL80211_ATTR_MAC={0xa}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000800}, 0x20040090) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:11:30 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x5000, 0x0, 0x8800000) 20:11:30 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x3, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1193.870598] Unsupported ieee802154 address type: 0 [ 1193.894929] Unsupported ieee802154 address type: 0 20:11:42 executing program 2: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @short}, 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f00000004c0)={0x24, @short={0x2, 0x2, 0xaaa2}}, 0x14) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) pipe(&(0x7f0000000500)) r4 = creat(&(0x7f0000000540)='./file0\x00', 0x184) setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r3, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'macvlan1\x00', 0x0}) sendmsg$sock(r0, &(0x7f0000000480)={&(0x7f0000000100)=@ll={0x11, 0xf8, r5, 0x1, 0x77, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="9d27ae77cc94e124d0d85f11ab3187f20d74a45dcc36620056fd75974ac88663648f0cac47dd3269979d7666001dbb71211319018581", 0x36}, {&(0x7f00000001c0)="5d94ee2f2aa3609af85264dbaa6dbb6499ab2016e9fb81e76a72b1fcb5bfdb3a38993ba613d93d669d4737b8c8e252a7e41e113317afd0acc08abf90158c70aec52a1cfca143b257d2932e37f73b6efd6b2c9157f3794143534eae072994423dd8536943901ee0da0652ff423548745505659a339cd39830a7b290ec6e4c52b4558c74dd6d05e914059296c6068962bd345092fc49f457fd813a", 0x9a}, {&(0x7f0000000280)="25a77e09db4887fb6d4f24f3c70c8d18d877cfd2bedf7ecbee5d211d302b8110235b29f80a4bd953932e381fa50b8585590085eba7f351107aeb15b8c470ce927966371e81877ec3f3e7879400cdbddbc9a1cce54820ac3c70715b65bdb098f74ba98b2a46d0832bb4c1bc3b6eb2a96feeb5d37ea5d7", 0x76}, {&(0x7f0000000300)="e37cb5e12570f380305a", 0xa}], 0x4, &(0x7f0000000380)=[@timestamping={{0x14, 0x1, 0x25, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x3f}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0xffff3208}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x20}}], 0xa8}, 0x4) 20:11:42 executing program 5: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @short}, 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f00000004c0)={0x24, @short={0x2, 0x2, 0xaaa2}}, 0x14) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) pipe(&(0x7f0000000500)) r4 = creat(&(0x7f0000000540)='./file0\x00', 0x184) setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r3, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'macvlan1\x00', 0x0}) sendmsg$sock(r0, &(0x7f0000000480)={&(0x7f0000000100)=@ll={0x11, 0xf8, r5, 0x1, 0x77, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="9d27ae77cc94e124d0d85f11ab3187f20d74a45dcc36620056fd75974ac88663648f0cac47dd3269979d7666001dbb71211319018581", 0x36}, {&(0x7f00000001c0)="5d94ee2f2aa3609af85264dbaa6dbb6499ab2016e9fb81e76a72b1fcb5bfdb3a38993ba613d93d669d4737b8c8e252a7e41e113317afd0acc08abf90158c70aec52a1cfca143b257d2932e37f73b6efd6b2c9157f3794143534eae072994423dd8536943901ee0da0652ff423548745505659a339cd39830a7b290ec6e4c52b4558c74dd6d05e914059296c6068962bd345092fc49f457fd813a", 0x9a}, {&(0x7f0000000280)="25a77e09db4887fb6d4f24f3c70c8d18d877cfd2bedf7ecbee5d211d302b8110235b29f80a4bd953932e381fa50b8585590085eba7f351107aeb15b8c470ce927966371e81877ec3f3e7879400cdbddbc9a1cce54820ac3c70715b65bdb098f74ba98b2a46d0832bb4c1bc3b6eb2a96feeb5d37ea5d7", 0x76}, {&(0x7f0000000300)="e37cb5e12570f380305a", 0xa}], 0x4, &(0x7f0000000380)=[@timestamping={{0x14, 0x1, 0x25, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x3f}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0xffff3208}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x20}}], 0xa8}, 0x4) 20:11:42 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x57ff, 0x0, 0x8800000) 20:11:42 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 37) 20:11:42 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x306c, 0x0, 0x4022812, r0, 0x0) 20:11:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, 0x0, 0x0) 20:11:42 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x4, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:42 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r0, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) sendmmsg$inet6(r0, &(0x7f0000000580)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x80000001, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x1fd}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000200)="ca152063db8b29a9a81c30e4c8ed13741d398654ed150cf21d926c5358af7c06626315cf7a0e548683e6ead4bc4522e5379d50baa05ecf134eaa3ac8f7cab775d36a5d3693e78956edebcb5564b590799dde43cc560b9084aea7099d1c2d9e3056977938218c6039c712d0fc55b2b321a2f6af89725ccda7d2b7e1a4bfc2faad2cae4afa900350edff129e24c58c65151837d2d891fb23d9d55c5239c218b8c776906fee3da22a4c75e5d4cdf0223c26d4dc55c20cb19d7f00a551f7059b9069858c7353c5429633e9b5480114bef7d22af66cfbe5dbece054502b39877aa198c90252f73b", 0xe5}, {&(0x7f0000000300)="880b45445a272f4a44facc6fa8079ff6666cd2915503b5ad3670b059fc134e7488a0618c485139955d790b9adc7d53e6c946136d5917c2f5b25ec320e38a9c2c4e974b04f8f4d4038871c589ca0d01ea5c8d4c4ef61fde2f606f01da16d311560f4d097b753318d70bc76dcf28f10b6e400ad7bbc1ec6b794f7ed2ca312747f16b492a86e73885ce5799dbb38a1f74fc802ea56b4546ea89447163771a7a7171fac45b6608b530ebdaa74b6953a02ca83db3116a037e42c75ba387a6820e11882bfc60d8893f2f4d6b3b908644ba46add66d75c5c5312567d3761b6354d4bd0b", 0xe0}, {&(0x7f0000000480)="90783eee2209461c09e5f1021a552039403895e0b72dd8218eb91417edeb93550240ab3ce57f4c0813e7b84505684a7bf44bd5a97562a4185c620b59d2d54ea0507632eed2b63daa45e97e11355eb362977d87fc7045f2c18bf0b7461371ad24fcf5ac7add1989cab5762efdba1d4e803bcb68072758ae57551e", 0x7a}], 0x3, &(0x7f0000000500)=[@hoplimit={{0x14, 0x29, 0x34, 0xff}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x3b, 0x1, '\x00', [@ra={0x5, 0x2, 0x6}, @pad1, @jumbo={0xc2, 0x4, 0x1984}]}}}, @tclass={{0x14, 0x29, 0x43, 0x7}}, @tclass={{0x14, 0x29, 0x43, 0x3}}], 0x70}}], 0x1, 0x2000001) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in6=@mcast1}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000000)=0xe8) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000040)={@private1, r6}, 0x14) accept$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000006c0)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000a00)={{{@in6=@private0, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f0000000840)=0xe8) setsockopt$inet6_mreq(r3, 0x29, 0x0, &(0x7f0000000880)={@remote, r8}, 0x14) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000000800)={&(0x7f00000005c0), 0xc, &(0x7f00000007c0)={&(0x7f0000000940)={0xb4, 0x0, 0x8, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0) bind$802154_dgram(r1, &(0x7f0000000080)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x4, 0x0, 0x1, 0x5, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}, 0x14) [ 1205.949607] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1205.951358] ref_ctr increment failed for inode: 0x3e8b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bfa6ca6c 20:11:42 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x5, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1205.995220] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1205.997048] ref_ctr increment failed for inode: 0x3e8b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bfa6ca6c 20:11:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, 0x0, 0x0) 20:11:42 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x5800, 0x0, 0x8800000) 20:11:42 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3074, 0x0, 0x4022812, r0, 0x0) [ 1206.112720] FAULT_INJECTION: forcing a failure. [ 1206.112720] name failslab, interval 1, probability 0, space 0, times 0 [ 1206.116348] CPU: 0 PID: 7671 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1206.117721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1206.119362] Call Trace: [ 1206.119891] dump_stack+0x107/0x167 [ 1206.120622] should_fail.cold+0x5/0xa [ 1206.121380] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1206.122296] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1206.123207] should_failslab+0x5/0x20 [ 1206.123966] kmem_cache_alloc+0x5b/0x310 [ 1206.124776] ? ext4_mb_new_blocks+0x63c/0x45b0 [ 1206.125711] ext4_mb_new_blocks+0x64d/0x45b0 [ 1206.126610] ? trace_hardirqs_on+0x5b/0x180 [ 1206.127480] ? ext4_cache_extents+0x148/0x2d0 [ 1206.128372] ? ext4_discard_preallocations+0xd80/0xd80 [ 1206.129430] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1206.130386] ext4_ext_map_blocks+0x1d68/0x5850 [ 1206.131313] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1206.132353] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1206.133404] ? ext4_ext_release+0x10/0x10 [ 1206.134253] ? ext4_map_blocks+0x5e0/0x1940 [ 1206.135112] ? lock_release+0x680/0x680 [ 1206.135904] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1206.136846] ? lock_downgrade+0x6d0/0x6d0 [ 1206.137745] ? down_write_killable+0x180/0x180 [ 1206.138667] ext4_map_blocks+0x652/0x1940 [ 1206.139529] ? kmem_cache_alloc+0x2a6/0x310 [ 1206.140390] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1206.141283] ? jbd2__journal_start+0xf3/0x7e0 [ 1206.142191] ? __ext4_journal_start_sb+0x214/0x390 [ 1206.143159] ? __ext4_journal_start_sb+0x1db/0x390 [ 1206.144138] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1206.145188] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1206.146167] ? down_write_killable+0x180/0x180 [ 1206.147086] ext4_fallocate+0x415/0x3860 [ 1206.147905] ? __x64_sys_fallocate+0xcf/0x140 [ 1206.148798] ? lock_release+0x680/0x680 [ 1206.149600] ? ext4_ext_truncate+0x250/0x250 [ 1206.150478] ? ext4_ext_truncate+0x250/0x250 [ 1206.151350] vfs_fallocate+0x48f/0xd00 [ 1206.152130] __x64_sys_fallocate+0xcf/0x140 [ 1206.152989] do_syscall_64+0x33/0x40 [ 1206.153743] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1206.154755] RIP: 0033:0x7f6d60f48b19 [ 1206.155518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1206.159166] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1206.160671] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1206.162088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1206.163499] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1206.164915] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1206.166339] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:11:42 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x6, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, 0x0, 0x0) [ 1206.200612] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1206.202298] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009f159adb 20:11:42 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x5fff, 0x0, 0x8800000) 20:11:42 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00'}) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) [ 1206.321011] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1206.322646] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009f159adb 20:11:42 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x8, 0x0, 0x8800000) 20:11:42 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r0, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) sendmmsg$inet6(r0, &(0x7f0000000580)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x80000001, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x1fd}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000200)="ca152063db8b29a9a81c30e4c8ed13741d398654ed150cf21d926c5358af7c06626315cf7a0e548683e6ead4bc4522e5379d50baa05ecf134eaa3ac8f7cab775d36a5d3693e78956edebcb5564b590799dde43cc560b9084aea7099d1c2d9e3056977938218c6039c712d0fc55b2b321a2f6af89725ccda7d2b7e1a4bfc2faad2cae4afa900350edff129e24c58c65151837d2d891fb23d9d55c5239c218b8c776906fee3da22a4c75e5d4cdf0223c26d4dc55c20cb19d7f00a551f7059b9069858c7353c5429633e9b5480114bef7d22af66cfbe5dbece054502b39877aa198c90252f73b", 0xe5}, {&(0x7f0000000300)="880b45445a272f4a44facc6fa8079ff6666cd2915503b5ad3670b059fc134e7488a0618c485139955d790b9adc7d53e6c946136d5917c2f5b25ec320e38a9c2c4e974b04f8f4d4038871c589ca0d01ea5c8d4c4ef61fde2f606f01da16d311560f4d097b753318d70bc76dcf28f10b6e400ad7bbc1ec6b794f7ed2ca312747f16b492a86e73885ce5799dbb38a1f74fc802ea56b4546ea89447163771a7a7171fac45b6608b530ebdaa74b6953a02ca83db3116a037e42c75ba387a6820e11882bfc60d8893f2f4d6b3b908644ba46add66d75c5c5312567d3761b6354d4bd0b", 0xe0}, {&(0x7f0000000480)="90783eee2209461c09e5f1021a552039403895e0b72dd8218eb91417edeb93550240ab3ce57f4c0813e7b84505684a7bf44bd5a97562a4185c620b59d2d54ea0507632eed2b63daa45e97e11355eb362977d87fc7045f2c18bf0b7461371ad24fcf5ac7add1989cab5762efdba1d4e803bcb68072758ae57551e", 0x7a}], 0x3, &(0x7f0000000500)=[@hoplimit={{0x14, 0x29, 0x34, 0xff}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x3b, 0x1, '\x00', [@ra={0x5, 0x2, 0x6}, @pad1, @jumbo={0xc2, 0x4, 0x1984}]}}}, @tclass={{0x14, 0x29, 0x43, 0x7}}, @tclass={{0x14, 0x29, 0x43, 0x3}}], 0x70}}], 0x1, 0x2000001) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in6=@mcast1}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000000)=0xe8) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000040)={@private1, r6}, 0x14) accept$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000006c0)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000a00)={{{@in6=@private0, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f0000000840)=0xe8) setsockopt$inet6_mreq(r3, 0x29, 0x0, &(0x7f0000000880)={@remote, r8}, 0x14) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000000800)={&(0x7f00000005c0), 0xc, &(0x7f00000007c0)={&(0x7f0000000940)={0xb4, 0x0, 0x8, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0) bind$802154_dgram(r1, &(0x7f0000000080)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x4, 0x0, 0x1, 0x5, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}, 0x14) 20:11:42 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x7, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1206.379049] Unsupported ieee802154 address type: 0 [ 1206.468433] Unsupported ieee802154 address type: 0 20:11:55 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 38) 20:11:55 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) r3 = openat(r2, &(0x7f0000000600)='./file0\x00', 0x2, 0x2) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) bind$packet(r2, &(0x7f00000006c0)={0x11, 0x5, 0x0, 0x1, 0x81, 0x6, @local}, 0x14) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000740)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) connect$802154_dgram(r4, &(0x7f0000000780)={0x24, @none={0x0, 0xffff}}, 0x14) connect$802154_dgram(r0, &(0x7f00000004c0)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000700)="8590e1cfaf3a5aafd994cf3d820b49caf58554fe1664", 0x1}], 0x1}}], 0x47, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) accept4(r5, &(0x7f0000000540)=@rc={0x1f, @none}, &(0x7f00000005c0)=0x80, 0x80800) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) readv(r0, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/224, 0xe0}, {&(0x7f00000001c0)=""/247, 0xf7}, {&(0x7f00000002c0)=""/147, 0x93}, {&(0x7f0000000380)=""/136, 0x88}], 0x4) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000500)=0x7) connect$802154_dgram(r0, &(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000480)={0x2, 0xce27}) 20:11:55 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) (fail_nth: 1) 20:11:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) 20:11:55 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x307a, 0x0, 0x4022812, r0, 0x0) 20:11:55 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x8, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:55 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6000, 0x0, 0x8800000) 20:11:55 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 1) [ 1218.638042] FAULT_INJECTION: forcing a failure. [ 1218.638042] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.639303] CPU: 1 PID: 7749 Comm: syz-executor.5 Not tainted 5.10.204 #1 [ 1218.639994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.640913] Call Trace: [ 1218.641213] dump_stack+0x107/0x167 [ 1218.641631] should_fail.cold+0x5/0xa [ 1218.642062] ? do_kimage_alloc_init+0x3d/0x2b0 [ 1218.642581] should_failslab+0x5/0x20 [ 1218.643009] kmem_cache_alloc_trace+0x55/0x320 [ 1218.643529] do_kimage_alloc_init+0x3d/0x2b0 [ 1218.644022] do_kexec_load+0x9f/0x6c0 [ 1218.644450] __x64_sys_kexec_load+0x1dc/0x250 [ 1218.644959] do_syscall_64+0x33/0x40 [ 1218.645378] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1218.645966] RIP: 0033:0x7ff8a1fd3b19 [ 1218.646388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.648518] RSP: 002b:00007ff89f549188 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 1218.649371] RAX: ffffffffffffffda RBX: 00007ff8a20e6f60 RCX: 00007ff8a1fd3b19 [ 1218.650089] RDX: 0000000020000240 RSI: 0000000000000001 RDI: 0000000000000000 [ 1218.650796] RBP: 00007ff89f5491d0 R08: 0000000000000000 R09: 0000000000000000 [ 1218.651503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1218.652211] R13: 00007ffdfe57838f R14: 00007ff89f549300 R15: 0000000000022000 [ 1218.657849] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1218.658658] ref_ctr increment failed for inode: 0x3e8e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000005e5134a2 [ 1218.662493] FAULT_INJECTION: forcing a failure. [ 1218.662493] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.663784] CPU: 1 PID: 7748 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1218.664573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.665400] Call Trace: [ 1218.665706] dump_stack+0x107/0x167 [ 1218.666104] should_fail.cold+0x5/0xa [ 1218.666524] ? vm_area_dup+0x78/0x290 [ 1218.666945] should_failslab+0x5/0x20 [ 1218.667362] kmem_cache_alloc+0x5b/0x310 [ 1218.667810] vm_area_dup+0x78/0x290 [ 1218.668217] ? lock_downgrade+0x6d0/0x6d0 [ 1218.668669] ? mark_lock+0xf5/0x2df0 [ 1218.669083] ? lock_chain_count+0x20/0x20 [ 1218.669537] ? avc_has_extended_perms+0xf40/0xf40 [ 1218.670077] ? avc_has_perm_noaudit+0x1c9/0x3e0 [ 1218.670582] ? lock_downgrade+0x6d0/0x6d0 [ 1218.671039] ? __lock_acquire+0x1657/0x5b00 [ 1218.671524] ? vm_area_alloc+0x110/0x110 [ 1218.671977] ? __lock_acquire+0x1657/0x5b00 [ 1218.672454] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1218.673050] ? vmacache_find+0x55/0x2a0 [ 1218.673507] __split_vma+0xa8/0x570 [ 1218.673922] __do_munmap+0x365/0x1260 [ 1218.674367] ? lock_release+0x680/0x680 [ 1218.674809] mmap_region+0x776/0x1590 [ 1218.675198] Unsupported ieee802154 address type: 0 [ 1218.675744] ? get_unmapped_area+0x2f0/0x420 [ 1218.675756] do_mmap+0xcdb/0x11e0 [ 1218.675777] vm_mmap_pgoff+0x198/0x1f0 [ 1218.677444] ? randomize_page+0xb0/0xb0 [ 1218.677900] ? __fget_files+0x296/0x4c0 [ 1218.678313] ksys_mmap_pgoff+0x41c/0x560 [ 1218.678767] ? find_mergeable_anon_vma+0x250/0x250 [ 1218.679253] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1218.679825] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1218.680337] do_syscall_64+0x33/0x40 [ 1218.680747] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1218.681263] RIP: 0033:0x7f90dc5e4b19 [ 1218.681677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.683532] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1218.684363] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1218.685163] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1218.685984] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1218.686794] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1218.687606] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 [ 1218.687626] FAULT_INJECTION: forcing a failure. [ 1218.687626] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.689736] CPU: 0 PID: 7751 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1218.691164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.693041] Call Trace: [ 1218.693603] dump_stack+0x107/0x167 [ 1218.694368] should_fail.cold+0x5/0xa [ 1218.695146] ? create_object.isra.0+0x3a/0xa20 [ 1218.696072] should_failslab+0x5/0x20 [ 1218.696857] kmem_cache_alloc+0x5b/0x310 [ 1218.697697] create_object.isra.0+0x3a/0xa20 [ 1218.698591] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1218.699630] kmem_cache_alloc+0x159/0x310 [ 1218.700478] ext4_mb_new_blocks+0x64d/0x45b0 [ 1218.701397] ? trace_hardirqs_on+0x5b/0x180 [ 1218.702292] ? ext4_cache_extents+0x148/0x2d0 [ 1218.703208] ? ext4_discard_preallocations+0xd80/0xd80 [ 1218.704276] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1218.705248] ext4_ext_map_blocks+0x1d68/0x5850 [ 1218.706216] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1218.707289] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1218.708359] ? ext4_ext_release+0x10/0x10 [ 1218.709201] ? ext4_map_blocks+0x5e0/0x1940 [ 1218.710085] ? lock_release+0x680/0x680 [ 1218.710893] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1218.711854] ? lock_downgrade+0x6d0/0x6d0 [ 1218.712710] ? down_write_killable+0x180/0x180 [ 1218.713677] ext4_map_blocks+0x652/0x1940 [ 1218.714526] ? kmem_cache_alloc+0x2a6/0x310 [ 1218.715403] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1218.716314] ? jbd2__journal_start+0xf3/0x7e0 [ 1218.717230] ? __ext4_journal_start_sb+0x214/0x390 [ 1218.718248] ? __ext4_journal_start_sb+0x1db/0x390 [ 1218.719251] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1218.720330] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1218.721313] ? down_write_killable+0x180/0x180 [ 1218.722277] ext4_fallocate+0x415/0x3860 [ 1218.723102] ? __x64_sys_fallocate+0xcf/0x140 [ 1218.724020] ? lock_release+0x680/0x680 [ 1218.724477] FAULT_INJECTION: forcing a failure. [ 1218.724477] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.724826] ? ext4_ext_truncate+0x250/0x250 [ 1218.724852] ? ext4_ext_truncate+0x250/0x250 [ 1218.727739] vfs_fallocate+0x48f/0xd00 [ 1218.728532] __x64_sys_fallocate+0xcf/0x140 [ 1218.729409] do_syscall_64+0x33/0x40 [ 1218.730175] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1218.731206] RIP: 0033:0x7f6d60f48b19 [ 1218.731965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.735719] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1218.737266] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1218.738729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1218.740172] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1218.741621] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1218.743054] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1218.744512] CPU: 1 PID: 7756 Comm: syz-executor.5 Not tainted 5.10.204 #1 [ 1218.745298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.746173] Call Trace: 20:11:55 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) (fail_nth: 2) [ 1218.746450] dump_stack+0x107/0x167 [ 1218.746949] should_fail.cold+0x5/0xa [ 1218.747362] ? create_object.isra.0+0x3a/0xa20 [ 1218.747837] should_failslab+0x5/0x20 [ 1218.748243] kmem_cache_alloc+0x5b/0x310 [ 1218.748686] ? check_nnp_nosuid.isra.0+0x2a0/0x2a0 [ 1218.749237] create_object.isra.0+0x3a/0xa20 [ 1218.749731] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1218.750280] kmem_cache_alloc_trace+0x151/0x320 [ 1218.750776] do_kimage_alloc_init+0x3d/0x2b0 [ 1218.751225] do_kexec_load+0x9f/0x6c0 [ 1218.751636] __x64_sys_kexec_load+0x1dc/0x250 [ 1218.752109] do_syscall_64+0x33/0x40 [ 1218.752498] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1218.753031] RIP: 0033:0x7ff8a1fd3b19 [ 1218.753440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.755322] RSP: 002b:00007ff89f549188 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 1218.756149] RAX: ffffffffffffffda RBX: 00007ff8a20e6f60 RCX: 00007ff8a1fd3b19 [ 1218.756878] RDX: 0000000020000240 RSI: 0000000000000001 RDI: 0000000000000000 [ 1218.757606] RBP: 00007ff89f5491d0 R08: 0000000000000000 R09: 0000000000000000 [ 1218.758329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1218.759050] R13: 00007ffdfe57838f R14: 00007ff89f549300 R15: 0000000000022000 [ 1218.766349] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1218.767144] ref_ctr increment failed for inode: 0x3e8e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000005e5134a2 20:11:55 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x11, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:11:55 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x5500, 0x0, 0x4022812, r0, 0x0) 20:11:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) 20:11:55 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6400, 0x0, 0x8800000) 20:11:55 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 2) [ 1218.839107] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1218.840747] ref_ctr increment failed for inode: 0x3e79 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000002259ce3 [ 1218.844170] FAULT_INJECTION: forcing a failure. [ 1218.844170] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.845337] CPU: 1 PID: 7769 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1218.846015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1218.846828] Call Trace: [ 1218.847098] dump_stack+0x107/0x167 [ 1218.847464] should_fail.cold+0x5/0xa [ 1218.847840] ? create_object.isra.0+0x3a/0xa20 [ 1218.848318] should_failslab+0x5/0x20 [ 1218.848705] kmem_cache_alloc+0x5b/0x310 [ 1218.849129] create_object.isra.0+0x3a/0xa20 [ 1218.849618] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1218.850141] kmem_cache_alloc+0x159/0x310 [ 1218.850566] vm_area_dup+0x78/0x290 [ 1218.850939] ? lock_downgrade+0x6d0/0x6d0 [ 1218.851362] ? mark_lock+0xf5/0x2df0 [ 1218.851777] ? mark_lock+0xf5/0x2df0 [ 1218.852161] ? lock_chain_count+0x20/0x20 [ 1218.852585] ? avc_has_extended_perms+0xf40/0xf40 [ 1218.853068] ? avc_has_perm_noaudit+0x1c9/0x3e0 [ 1218.853538] ? lock_downgrade+0x6d0/0x6d0 [ 1218.853972] ? __lock_acquire+0x1657/0x5b00 [ 1218.854443] ? vm_area_alloc+0x110/0x110 [ 1218.854876] ? __lock_acquire+0x1657/0x5b00 [ 1218.855346] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1218.855875] ? vmacache_find+0x55/0x2a0 [ 1218.856305] __split_vma+0xa8/0x570 [ 1218.856683] __do_munmap+0x365/0x1260 [ 1218.857070] ? lock_release+0x680/0x680 [ 1218.857479] mmap_region+0x776/0x1590 [ 1218.857891] ? get_unmapped_area+0x2f0/0x420 [ 1218.858337] do_mmap+0xcdb/0x11e0 [ 1218.858712] vm_mmap_pgoff+0x198/0x1f0 [ 1218.859117] ? randomize_page+0xb0/0xb0 [ 1218.859529] ? __fget_files+0x296/0x4c0 [ 1218.859934] ksys_mmap_pgoff+0x41c/0x560 20:11:55 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1c, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1218.860356] ? find_mergeable_anon_vma+0x250/0x250 [ 1218.861049] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1218.861632] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1218.862176] do_syscall_64+0x33/0x40 [ 1218.862576] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1218.863131] RIP: 0033:0x7f90dc5e4b19 [ 1218.863535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1218.865526] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1218.866363] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1218.867157] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1218.867952] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1218.868752] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1218.869545] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 20:11:55 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) [ 1218.905815] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1218.906688] ref_ctr increment failed for inode: 0x3e79 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000002259ce3 [ 1219.462852] Unsupported ieee802154 address type: 0 20:12:08 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 39) 20:12:08 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r0, &(0x7f0000000140)=0x9, 0xdb7b) sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a40000000a0a010200000000000000000000000408000fc20000000908000440000000c665000d402601ea482137820064539dcfb31c89818479b8d36851e88cfd88b0aac4a96287e460f0d03a4a2095bd73388d6ff319e1535a7faef5d4758f8df8eab35b344c47862ad2e7ab5fcae383fcbd9736f778083600000008000c4000000007080007400000003e080007400000000f00000000002000"/164], 0xa4}, 0x1, 0x0, 0x0, 0x840}, 0x48000) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r2, &(0x7f0000000080), 0x14) r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x2) dup2(r5, r1) sendfile(r4, r3, &(0x7f0000000140)=0x9, 0xdb7b) connect$802154_dgram(r4, &(0x7f0000000000)={0x24, @short={0x2, 0x2, 0xaaa1}}, 0x14) 20:12:08 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x27, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:08 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x67ff, 0x0, 0x8800000) 20:12:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0) 20:12:08 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 3) 20:12:08 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) (fail_nth: 3) 20:12:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x7400, 0x0, 0x4022812, r0, 0x0) [ 1231.902268] Zero length message leads to an empty skb [ 1231.903227] FAULT_INJECTION: forcing a failure. [ 1231.903227] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1231.905827] CPU: 0 PID: 7799 Comm: syz-executor.5 Not tainted 5.10.204 #1 [ 1231.907222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1231.908914] Call Trace: [ 1231.909456] dump_stack+0x107/0x167 [ 1231.910239] should_fail.cold+0x5/0xa [ 1231.911026] _copy_from_user+0x2e/0x1b0 [ 1231.911846] do_kexec_load+0x13c/0x6c0 [ 1231.912639] __x64_sys_kexec_load+0x1dc/0x250 [ 1231.913555] do_syscall_64+0x33/0x40 [ 1231.914331] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1231.915376] RIP: 0033:0x7ff8a1fd3b19 [ 1231.916142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1231.919963] RSP: 002b:00007ff89f549188 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 1231.921506] RAX: ffffffffffffffda RBX: 00007ff8a20e6f60 RCX: 00007ff8a1fd3b19 [ 1231.922981] RDX: 0000000020000240 RSI: 0000000000000001 RDI: 0000000000000000 [ 1231.924417] RBP: 00007ff89f5491d0 R08: 0000000000000000 R09: 0000000000000000 [ 1231.925896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1231.927351] R13: 00007ffdfe57838f R14: 00007ff89f549300 R15: 0000000000022000 20:12:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0) [ 1231.940846] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1231.942575] ref_ctr increment failed for inode: 0x3e8e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000006780e7b6 [ 1231.946076] FAULT_INJECTION: forcing a failure. [ 1231.946076] name failslab, interval 1, probability 0, space 0, times 0 [ 1231.948454] CPU: 1 PID: 7801 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1231.949878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1231.951566] Call Trace: [ 1231.952111] dump_stack+0x107/0x167 [ 1231.952864] should_fail.cold+0x5/0xa [ 1231.953644] ? anon_vma_clone+0xdc/0x590 [ 1231.954509] should_failslab+0x5/0x20 [ 1231.955295] kmem_cache_alloc+0x5b/0x310 [ 1231.956151] anon_vma_clone+0xdc/0x590 [ 1231.956525] FAULT_INJECTION: forcing a failure. [ 1231.956525] name failslab, interval 1, probability 0, space 0, times 0 [ 1231.956973] __split_vma+0x17c/0x570 [ 1231.956997] __do_munmap+0x365/0x1260 [ 1231.960785] ? lock_release+0x680/0x680 [ 1231.961605] mmap_region+0x776/0x1590 [ 1231.962426] ? get_unmapped_area+0x2f0/0x420 [ 1231.963330] do_mmap+0xcdb/0x11e0 [ 1231.964067] vm_mmap_pgoff+0x198/0x1f0 [ 1231.964869] ? randomize_page+0xb0/0xb0 [ 1231.965696] ? __fget_files+0x296/0x4c0 [ 1231.966548] ksys_mmap_pgoff+0x41c/0x560 [ 1231.967408] ? find_mergeable_anon_vma+0x250/0x250 [ 1231.968411] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1231.969488] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1231.970562] do_syscall_64+0x33/0x40 [ 1231.971323] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1231.972376] RIP: 0033:0x7f90dc5e4b19 [ 1231.973136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1231.976977] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1231.978570] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1231.980039] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1231.981523] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1231.983003] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1231.984487] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 [ 1231.986077] CPU: 0 PID: 7789 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1231.987489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1231.989305] Call Trace: [ 1231.989902] dump_stack+0x107/0x167 [ 1231.990662] should_fail.cold+0x5/0xa [ 1231.991434] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1231.992398] should_failslab+0x5/0x20 [ 1231.993172] kmem_cache_alloc+0x5b/0x310 [ 1231.994019] ext4_mb_new_blocks+0x209f/0x45b0 [ 1231.994940] ? trace_hardirqs_on+0x5b/0x180 [ 1231.995818] ? ext4_cache_extents+0x148/0x2d0 [ 1231.996727] ? ext4_discard_preallocations+0xd80/0xd80 [ 1231.997805] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1231.998773] ext4_ext_map_blocks+0x1d68/0x5850 [ 1231.999718] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1232.000773] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1232.001869] ? trace_hardirqs_on+0x5b/0x180 [ 1232.002749] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1232.003864] ? ext4_ext_release+0x10/0x10 [ 1232.004710] ? ext4_map_blocks+0x5e0/0x1940 [ 1232.005601] ? lock_release+0x680/0x680 [ 1232.006425] ? trace_hardirqs_on+0x5b/0x180 [ 1232.007300] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1232.008414] ? down_write_killable+0x180/0x180 [ 1232.009350] ext4_map_blocks+0x652/0x1940 [ 1232.010199] ? kmem_cache_alloc+0x2a6/0x310 [ 1232.011079] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1232.011994] ? jbd2__journal_start+0xf3/0x7e0 [ 1232.012915] ? __ext4_journal_start_sb+0x214/0x390 [ 1232.013915] ? __ext4_journal_start_sb+0x1db/0x390 [ 1232.014922] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1232.015991] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1232.016973] ? down_write_killable+0x180/0x180 [ 1232.017923] ext4_fallocate+0x415/0x3860 [ 1232.018746] ? __x64_sys_fallocate+0xcf/0x140 [ 1232.019658] ? lock_release+0x680/0x680 [ 1232.020477] ? ext4_ext_truncate+0x250/0x250 [ 1232.021369] ? ext4_ext_truncate+0x250/0x250 [ 1232.022265] vfs_fallocate+0x48f/0xd00 [ 1232.023058] __x64_sys_fallocate+0xcf/0x140 [ 1232.023932] do_syscall_64+0x33/0x40 [ 1232.024688] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1232.025729] RIP: 0033:0x7f6d60f48b19 [ 1232.026485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1232.030219] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1232.031765] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1232.033205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1232.034654] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1232.036090] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1232.037536] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1232.063935] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1232.065565] ref_ctr increment failed for inode: 0x3e8e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000006780e7b6 20:12:08 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfc, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:08 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6800, 0x0, 0x8800000) 20:12:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0) [ 1232.103396] Unsupported ieee802154 address type: 0 20:12:08 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x300, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x5f5e0ff, 0x0, 0x4022812, r0, 0x0) 20:12:08 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) (fail_nth: 4) 20:12:08 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6fff, 0x0, 0x8800000) [ 1232.224083] FAULT_INJECTION: forcing a failure. [ 1232.224083] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1232.226602] CPU: 1 PID: 7824 Comm: syz-executor.5 Not tainted 5.10.204 #1 [ 1232.227991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1232.228567] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1232.229673] Call Trace: [ 1232.229697] dump_stack+0x107/0x167 [ 1232.229754] should_fail.cold+0x5/0xa [ 1232.231314] ref_ctr increment failed for inode: 0x3e72 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b [ 1232.231831] _copy_to_user+0x2e/0x180 [ 1232.231862] simple_read_from_buffer+0xcc/0x160 [ 1232.237055] proc_fail_nth_read+0x198/0x230 [ 1232.237953] ? proc_sessionid_read+0x230/0x230 [ 1232.238887] ? security_file_permission+0x24e/0x570 [ 1232.239903] ? perf_trace_initcall_start+0x101/0x380 [ 1232.240946] ? proc_sessionid_read+0x230/0x230 [ 1232.241894] vfs_read+0x228/0x580 [ 1232.242602] ksys_read+0x12d/0x260 [ 1232.243326] ? vfs_write+0xa70/0xa70 [ 1232.244239] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1232.245293] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1232.246349] do_syscall_64+0x33/0x40 [ 1232.247102] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1232.248138] RIP: 0033:0x7ff8a1f8669c [ 1232.248891] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1232.252619] RSP: 002b:00007ff89f549170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1232.254194] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007ff8a1f8669c [ 1232.255628] RDX: 000000000000000f RSI: 00007ff89f5491e0 RDI: 0000000000000003 [ 1232.257067] RBP: 00007ff89f5491d0 R08: 0000000000000000 R09: 0000000000000000 [ 1232.258524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1232.259965] R13: 00007ffdfe57838f R14: 00007ff89f549300 R15: 0000000000022000 [ 1232.269535] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1232.271201] ref_ctr increment failed for inode: 0x3e72 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b 20:12:20 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 40) 20:12:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x7fffdf004000, 0x0, 0x4022812, r0, 0x0) 20:12:20 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x7000, 0x0, 0x8800000) 20:12:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 4) [ 1244.094561] FAULT_INJECTION: forcing a failure. [ 1244.094561] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.095931] CPU: 0 PID: 7841 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1244.096697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1244.097607] Call Trace: [ 1244.097921] dump_stack+0x107/0x167 [ 1244.098335] should_fail.cold+0x5/0xa [ 1244.098775] ? create_object.isra.0+0x3a/0xa20 [ 1244.099282] should_failslab+0x5/0x20 [ 1244.099698] kmem_cache_alloc+0x5b/0x310 [ 1244.100144] create_object.isra.0+0x3a/0xa20 [ 1244.100630] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1244.101183] kmem_cache_alloc+0x159/0x310 [ 1244.101639] ext4_mb_new_blocks+0x209f/0x45b0 [ 1244.102144] ? trace_hardirqs_on+0x5b/0x180 [ 1244.102624] ? ext4_cache_extents+0x148/0x2d0 [ 1244.103113] ? ext4_discard_preallocations+0xd80/0xd80 [ 1244.103696] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1244.104246] ext4_ext_map_blocks+0x1d68/0x5850 [ 1244.104779] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1244.105370] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1244.105991] ? ext4_ext_release+0x10/0x10 [ 1244.106463] ? ext4_map_blocks+0x5e0/0x1940 [ 1244.106960] ? lock_release+0x680/0x680 [ 1244.107417] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1244.107967] ? lock_downgrade+0x6d0/0x6d0 [ 1244.108453] ? down_write_killable+0x180/0x180 [ 1244.108987] ext4_map_blocks+0x652/0x1940 [ 1244.109464] ? kmem_cache_alloc+0x2a6/0x310 [ 1244.110197] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1244.111284] ? jbd2__journal_start+0xf3/0x7e0 [ 1244.112371] ? __ext4_journal_start_sb+0x214/0x390 [ 1244.113547] ? __ext4_journal_start_sb+0x1db/0x390 [ 1244.114751] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 20:12:20 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @short={0x2, 0x1, 0xaaa1}}, 0x0) 20:12:20 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x500, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:20 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1244.116025] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1244.117338] ext4_fallocate+0x415/0x3860 [ 1244.118218] ? lock_release+0x680/0x680 [ 1244.119045] ? ext4_ext_truncate+0x250/0x250 [ 1244.119946] ? ext4_ext_truncate+0x250/0x250 [ 1244.120851] vfs_fallocate+0x48f/0xd00 [ 1244.121666] __x64_sys_fallocate+0xcf/0x140 [ 1244.122569] do_syscall_64+0x33/0x40 [ 1244.123341] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1244.124393] RIP: 0033:0x7f6d60f48b19 [ 1244.125175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1244.128975] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1244.130541] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1244.131988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1244.133438] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1244.134883] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1244.136321] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1244.146113] FAULT_INJECTION: forcing a failure. [ 1244.146113] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.148469] CPU: 1 PID: 7848 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1244.149851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1244.151534] Call Trace: [ 1244.152080] dump_stack+0x107/0x167 [ 1244.152826] should_fail.cold+0x5/0xa [ 1244.153604] ? create_object.isra.0+0x3a/0xa20 [ 1244.154537] should_failslab+0x5/0x20 [ 1244.155299] kmem_cache_alloc+0x5b/0x310 [ 1244.156134] create_object.isra.0+0x3a/0xa20 [ 1244.157013] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1244.158060] kmem_cache_alloc+0x159/0x310 [ 1244.158903] anon_vma_clone+0xdc/0x590 [ 1244.159691] __split_vma+0x17c/0x570 [ 1244.160452] __do_munmap+0x365/0x1260 [ 1244.161228] ? lock_release+0x680/0x680 [ 1244.162040] mmap_region+0x776/0x1590 [ 1244.162833] ? get_unmapped_area+0x2f0/0x420 [ 1244.163724] do_mmap+0xcdb/0x11e0 [ 1244.164448] vm_mmap_pgoff+0x198/0x1f0 [ 1244.165242] ? randomize_page+0xb0/0xb0 [ 1244.166054] ? __fget_files+0x296/0x4c0 [ 1244.166861] ksys_mmap_pgoff+0x41c/0x560 [ 1244.167713] ? find_mergeable_anon_vma+0x250/0x250 [ 1244.168722] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1244.169821] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1244.170916] do_syscall_64+0x33/0x40 [ 1244.171687] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1244.172752] RIP: 0033:0x7f90dc5e4b19 [ 1244.173528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1244.177367] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1244.178952] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1244.180435] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1244.181946] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1244.183425] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1244.184903] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 20:12:20 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x600, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:20 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) bind$802154_dgram(r1, &(0x7f0000000000), 0x14) connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @short={0x2, 0x0, 0xaaa2}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:12:20 executing program 5: kexec_load(0x2, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1244.282307] Unsupported ieee802154 address type: 0 20:12:20 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:20 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x7ffffffff000, 0x0, 0x4022812, r0, 0x0) 20:12:20 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x77ff, 0x0, 0x8800000) 20:12:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 5) [ 1244.316998] Unsupported ieee802154 address type: 0 20:12:20 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x700, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1244.393560] FAULT_INJECTION: forcing a failure. [ 1244.393560] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.395887] CPU: 0 PID: 7870 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1244.397272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1244.398965] Call Trace: [ 1244.399508] dump_stack+0x107/0x167 [ 1244.400257] should_fail.cold+0x5/0xa [ 1244.401045] ? vm_area_dup+0x78/0x290 [ 1244.401821] should_failslab+0x5/0x20 [ 1244.402626] kmem_cache_alloc+0x5b/0x310 [ 1244.403473] vm_area_dup+0x78/0x290 [ 1244.404228] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1244.405214] ? lock_downgrade+0x6d0/0x6d0 [ 1244.406066] ? do_raw_spin_lock+0x121/0x260 [ 1244.406953] ? wait_for_completion_io+0x270/0x270 [ 1244.407938] ? rwlock_bug.part.0+0x90/0x90 [ 1244.408810] ? uprobe_mmap+0x122/0xfc0 [ 1244.409615] ? uprobe_apply+0x150/0x150 [ 1244.410435] ? vm_area_alloc+0x110/0x110 [ 1244.411273] ? __vma_adjust+0xc11/0x25b0 [ 1244.412112] ? vmacache_find+0x55/0x2a0 [ 1244.412915] __split_vma+0xa8/0x570 [ 1244.413657] __do_munmap+0xf40/0x1260 [ 1244.414441] ? lock_release+0x680/0x680 [ 1244.415253] mmap_region+0x776/0x1590 [ 1244.416039] ? get_unmapped_area+0x2f0/0x420 [ 1244.416946] do_mmap+0xcdb/0x11e0 [ 1244.417658] vm_mmap_pgoff+0x198/0x1f0 [ 1244.418473] ? randomize_page+0xb0/0xb0 [ 1244.419277] ? __fget_files+0x296/0x4c0 [ 1244.420099] ksys_mmap_pgoff+0x41c/0x560 [ 1244.420933] ? find_mergeable_anon_vma+0x250/0x250 [ 1244.421949] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1244.423037] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1244.424091] do_syscall_64+0x33/0x40 [ 1244.424843] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1244.425889] RIP: 0033:0x7f90dc5e4b19 [ 1244.426638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1244.430335] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1244.431889] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1244.433325] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1244.434786] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1244.436215] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1244.437662] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 [ 1258.439165] Unsupported ieee802154 address type: 0 [ 1258.451445] Unsupported ieee802154 address type: 0 20:12:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x4022812, r0, 0x0) 20:12:34 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 41) 20:12:34 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 6) 20:12:34 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:34 executing program 5: kexec_load(0x8, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:12:34 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:12:34 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x7800, 0x0, 0x8800000) 20:12:34 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1100, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1258.458576] FAULT_INJECTION: forcing a failure. [ 1258.458576] name failslab, interval 1, probability 0, space 0, times 0 [ 1258.461237] CPU: 1 PID: 7888 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1258.462643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1258.464303] Call Trace: [ 1258.464844] dump_stack+0x107/0x167 [ 1258.465580] should_fail.cold+0x5/0xa [ 1258.466355] ? create_object.isra.0+0x3a/0xa20 [ 1258.467272] should_failslab+0x5/0x20 [ 1258.468041] kmem_cache_alloc+0x5b/0x310 [ 1258.468862] create_object.isra.0+0x3a/0xa20 [ 1258.469742] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1258.470774] kmem_cache_alloc+0x159/0x310 20:12:34 executing program 5: kexec_load(0x3e00, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1258.471609] vm_area_dup+0x78/0x290 [ 1258.472427] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1258.473392] ? lock_downgrade+0x6d0/0x6d0 [ 1258.474231] ? do_raw_spin_lock+0x121/0x260 [ 1258.475099] ? wait_for_completion_io+0x270/0x270 [ 1258.476063] ? rwlock_bug.part.0+0x90/0x90 [ 1258.476920] ? uprobe_mmap+0x122/0xfc0 [ 1258.477710] ? uprobe_apply+0x150/0x150 [ 1258.478516] ? vm_area_alloc+0x110/0x110 [ 1258.479343] ? __vma_adjust+0xc11/0x25b0 [ 1258.480174] ? vmacache_find+0x55/0x2a0 [ 1258.480980] __split_vma+0xa8/0x570 20:12:34 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1c00, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1258.481786] __do_munmap+0xf40/0x1260 [ 1258.482563] ? lock_release+0x680/0x680 [ 1258.483361] mmap_region+0x776/0x1590 [ 1258.484140] ? get_unmapped_area+0x2f0/0x420 [ 1258.485022] do_mmap+0xcdb/0x11e0 [ 1258.485731] vm_mmap_pgoff+0x198/0x1f0 [ 1258.486529] ? randomize_page+0xb0/0xb0 [ 1258.487331] ? __fget_files+0x296/0x4c0 [ 1258.488142] ksys_mmap_pgoff+0x41c/0x560 [ 1258.488962] ? find_mergeable_anon_vma+0x250/0x250 [ 1258.489948] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1258.491015] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1258.492056] do_syscall_64+0x33/0x40 [ 1258.492802] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1258.493839] RIP: 0033:0x7f90dc5e4b19 [ 1258.494597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1258.498278] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1258.499802] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1258.501229] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1258.502672] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1258.504099] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1258.505527] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 [ 1258.517656] FAULT_INJECTION: forcing a failure. [ 1258.517656] name failslab, interval 1, probability 0, space 0, times 0 [ 1258.520020] CPU: 1 PID: 7900 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1258.521393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1258.523076] Call Trace: [ 1258.523605] dump_stack+0x107/0x167 [ 1258.524343] should_fail.cold+0x5/0xa [ 1258.525110] ? jbd2__journal_start+0x190/0x7e0 [ 1258.526040] should_failslab+0x5/0x20 [ 1258.526809] kmem_cache_alloc+0x5b/0x310 [ 1258.527636] jbd2__journal_start+0x190/0x7e0 [ 1258.528530] __ext4_journal_start_sb+0x214/0x390 [ 1258.529492] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1258.530565] ? ext4_iomap_xattr_begin+0x530/0x530 20:12:34 executing program 5: kexec_load(0x80000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1258.531539] ? down_write_killable+0x180/0x180 [ 1258.532576] ext4_fallocate+0x415/0x3860 [ 1258.533391] ? __x64_sys_fallocate+0xcf/0x140 [ 1258.534301] ? lock_release+0x680/0x680 [ 1258.535103] ? ext4_ext_truncate+0x250/0x250 [ 1258.535990] ? ext4_ext_truncate+0x250/0x250 [ 1258.536872] vfs_fallocate+0x48f/0xd00 [ 1258.537660] __x64_sys_fallocate+0xcf/0x140 [ 1258.538537] do_syscall_64+0x33/0x40 [ 1258.539282] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1258.540307] RIP: 0033:0x7f6d60f48b19 20:12:34 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x2700, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1258.541053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1258.544813] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1258.546342] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1258.547767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1258.549192] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1258.550630] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1258.552055] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:12:34 executing program 5: kexec_load(0x3e0000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:12:34 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:35 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80c0, 0x91) connect$802154_dgram(r1, &(0x7f0000000040)={0x24, @short={0x2, 0xffff, 0xaaa0}}, 0x14) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r2, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) fallocate(r2, 0x33, 0xdb, 0x7) 20:12:35 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x8008, 0x0, 0x8800000) [ 1258.651687] Unsupported ieee802154 address type: 0 [ 1258.663289] Unsupported ieee802154 address type: 0 20:12:46 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 7) 20:12:46 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, 0x4022812, r0, 0x0) 20:12:46 executing program 7: io_setup(0xfffffff7, &(0x7f0000000000)) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @none={0x0, 0x2}}, 0x14) connect$802154_dgram(r0, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xffff}}, 0x14) 20:12:46 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x4000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:46 executing program 5: kexec_load(0x1000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:12:46 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x8102, 0x0, 0x8800000) 20:12:46 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 42) [ 1270.301823] FAULT_INJECTION: forcing a failure. [ 1270.301823] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.304183] CPU: 0 PID: 7935 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1270.305560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1270.307255] Call Trace: [ 1270.307792] dump_stack+0x107/0x167 [ 1270.308535] should_fail.cold+0x5/0xa [ 1270.309304] ? anon_vma_clone+0xdc/0x590 [ 1270.310152] should_failslab+0x5/0x20 [ 1270.310922] kmem_cache_alloc+0x5b/0x310 [ 1270.311743] anon_vma_clone+0xdc/0x590 [ 1270.312479] Unsupported ieee802154 address type: 0 [ 1270.312526] __split_vma+0x17c/0x570 [ 1270.314306] __do_munmap+0xf40/0x1260 [ 1270.315074] ? lock_release+0x680/0x680 [ 1270.315885] mmap_region+0x776/0x1590 [ 1270.316664] ? get_unmapped_area+0x2f0/0x420 [ 1270.317561] do_mmap+0xcdb/0x11e0 [ 1270.318285] vm_mmap_pgoff+0x198/0x1f0 [ 1270.319061] ? randomize_page+0xb0/0xb0 [ 1270.319889] ? __fget_files+0x296/0x4c0 [ 1270.320693] ksys_mmap_pgoff+0x41c/0x560 [ 1270.321524] ? find_mergeable_anon_vma+0x250/0x250 [ 1270.322539] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1270.323597] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1270.324657] do_syscall_64+0x33/0x40 [ 1270.325418] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1270.326482] RIP: 0033:0x7f90dc5e4b19 [ 1270.326573] Unsupported ieee802154 address type: 0 [ 1270.327231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1270.327242] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1270.333493] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1270.334939] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1270.336371] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1270.337812] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1270.339254] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 20:12:46 executing program 5: kexec_load(0x2000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:12:46 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x80fe, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:46 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r2}}, 0x7fffffff) ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000040)) 20:12:46 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff01, 0x0, 0x8800000) 20:12:46 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4, 0x4022812, r0, 0x0) [ 1270.435549] FAULT_INJECTION: forcing a failure. [ 1270.435549] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.438380] CPU: 0 PID: 7939 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1270.439784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1270.441449] Call Trace: [ 1270.441983] dump_stack+0x107/0x167 [ 1270.442737] should_fail.cold+0x5/0xa [ 1270.443509] ? create_object.isra.0+0x3a/0xa20 [ 1270.444430] should_failslab+0x5/0x20 [ 1270.445191] kmem_cache_alloc+0x5b/0x310 [ 1270.446010] create_object.isra.0+0x3a/0xa20 [ 1270.446915] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1270.447937] kmem_cache_alloc+0x159/0x310 [ 1270.448787] jbd2__journal_start+0x190/0x7e0 [ 1270.449693] __ext4_journal_start_sb+0x214/0x390 [ 1270.450671] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1270.451758] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1270.452750] ? down_write_killable+0x180/0x180 [ 1270.453691] ext4_fallocate+0x415/0x3860 [ 1270.454532] ? __x64_sys_fallocate+0xcf/0x140 [ 1270.455454] ? lock_release+0x680/0x680 [ 1270.456290] ? ext4_ext_truncate+0x250/0x250 [ 1270.457183] ? ext4_ext_truncate+0x250/0x250 [ 1270.458066] vfs_fallocate+0x48f/0xd00 [ 1270.458867] __x64_sys_fallocate+0xcf/0x140 [ 1270.459734] do_syscall_64+0x33/0x40 [ 1270.460488] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1270.461518] RIP: 0033:0x7f6d60f48b19 [ 1270.462295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1270.465996] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1270.467544] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1270.468996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1270.470466] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1270.471933] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1270.473378] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1270.477932] Unsupported ieee802154 address type: 0 [ 1270.494297] Unsupported ieee802154 address type: 0 [ 1270.521504] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1270.523159] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000006bfd6f9a 20:12:46 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xc0fe, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:46 executing program 5: kexec_load(0x3e0000000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1270.559285] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1270.561183] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000006bfd6f9a 20:12:59 executing program 5: kexec_load(0x8000000000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:12:59 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 8) 20:12:59 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfc00, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:12:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5, 0x4022812, r0, 0x0) 20:12:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:12:59 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @none={0x0, 0x2}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) connect$802154_dgram(r0, &(0x7f0000000000)={0x24, @none={0x0, 0x3}}, 0x14) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) sendmmsg$sock(r1, &(0x7f0000000f40)=[{{&(0x7f00000000c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)="5b0ba7f81dde42feb804ffc51289a6e732d32d8dd3dde1671e796f14e382df562d671aa42e83c2f156e497a3f1ebcc47d46bef97416b6a713baf36ae898e7f84f2cb1992f4850c0a5d1fabaf8a712abf27302956efdd4c9361ea358508a23f5ff967b7cc0e1e580fb7d7605406d84dc4e1ba46c291c0bb2c266ced", 0x7b}, {&(0x7f00000001c0)="6d29a954a84dc6f4631b1011a968a0d45be057d55a9a0d1dc3e622", 0x1b}, {&(0x7f0000000200)="83c1ec1e87e39ec1a0dee15f3a21c276aab40642f8caf13cee6e7419902e308a50172314305590190a43c12d0bd17f629954637c31d5c29dba351a1257a4977c367d94f1da57e4ca6c7f15417a5bef515ae51153b3", 0x55}], 0x3, &(0x7f00000002c0)=[@mark={{0x14, 0x1, 0x24, 0x4}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000300)="a491feee84919e3ea58b232765e7cce1011520b65e61751ee9758ce1e20ca54dfc61be12ff0cbd076028aa32f55feb8240cb9561d13c0f2f40b2f876bfbae583cddfab97e603c27db9ce119943378fdf4740c6f4b5bb56fbe901adfb5b5c30f810c49c94380282cf9b4d076bdd7b3ca8ac35a00a3adeca0138aa72a95962f91aa0a93821999f696896b6cd0ca0cf0a6c912266491ec1654d35c88f8e2c7f10b2c63133062fe37a946ae568338cf979acbfa6d53e74d9e34bf85ddba30ec253a97bffdfa08cd950d482357fc80a2f506f11c612bcc319b6e83f62e1bf281b7060d603dcf145d170", 0xe7}, {&(0x7f0000000400)="ce55f07251e4989e10382828b254845331ff3edee6593a46", 0x18}, {&(0x7f0000000440)="50677a9528a4405a116ad1318efb1e7bd1e7959453ae08c5ef128aac9b3670d200d2774c2d688a385086935acfe4fcd9b1cda222ea24b99e4d909326dec8fa80d559e926cf2c6434041be90f56ef18d82e9a8ce15c735da41d870a3a52e8bf1294fe54b3ee01720de503172be4f12a6816e4eaed14bc1c4f5f5a93d513504539bda1bc581c42169b442e41ee0c99cf62050adaa445ec7c962f4f8f5e5c3cf83da3ce6fab54733f189ea9d0daf7", 0xad}], 0x3, &(0x7f0000000540)=[@timestamping={{0x14, 0x1, 0x25, 0x81}}, @timestamping={{0x14, 0x1, 0x25, 0xb9}}, @txtime={{0x18, 0x1, 0x3d, 0xffff}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @mark={{0x14, 0x1, 0x24, 0x3ff}}], 0xc0}}, {{&(0x7f0000000600)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xfe}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000680)="fa", 0x1}, {&(0x7f00000006c0)="5f706c7c3dd1d8070a118fa616a8aaf2e428510538dea31bc4810ac3582e9171347e02871e1428be9315a065d211a119538ebb815dd32b071ae5cef1c4e4c0b5e4786db2b4af6859c70f1c7dda7613845fe346c2078d48aa313b4c07739e74c6ebbf7a0d4574aa776d40180584d84570fe89205b08472088b3e7ca40cfe37fb3320078e9f7f137261d44129847b17c3be29b5e6b74218148ece26f519301d180c7fc209aa37fd32582c3a9b5df2fb3250e96", 0xb2}, {&(0x7f0000000780)="f1b3939fb7715950cf9c4896ba94768c938d79dbca5bfdc0f86978d6e50e463198811795699e75791792a301b0c1c257df419bb52b33c8fac4cbb7922f9c7eaf8d21e905b29989de39c96faf3e81ecb28d", 0x51}], 0x3, &(0x7f0000000840)=[@mark={{0x14, 0x1, 0x24, 0x1000}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x9}}], 0xf0}}, {{&(0x7f0000000940)=@l2tp={0x2, 0x0, @loopback, 0x4}, 0x80, &(0x7f0000000ec0)=[{&(0x7f00000009c0)="57129a7d177deadcd81aae4c634e7d1954f9dd992ae877b4deb024c663f148cdafde971d4e762cc046910c0193c60d49c857fbab2456cbda47f2ff001432ca073406468dd05de5d0a304c9402f3751e6ff0cce08792666f5f6db3213b19bb5c705ec69d75210b27cad6eb2641f1c13834d3a3049e8b9e46386b2e853a672cb5eb4a060c29f86a1f5a97263c9df17191058c40cacf95f8b6b5522d3ed86e08b145bc0e4efbc5a92b9e54b7659711f4491f31a47f18c", 0xb5}, {&(0x7f0000000a80)="31ef59b1070dc8f7d7723f8935dc76a99a8987ec53570270b5562c044575e40744dcae54d22c9af20b7a1425956fd3d8104c71ea35da853988fc5af9adb473c899abb09f2384cc84f7a46332d5f10f72053bf13f45f8bf1f68b68206f9554fc2e3e32c3df279f7270b39222f9e63c61bd0a3312f8abc20da3fe45c99a46c8a557ed9a6ad6766d8af631be6b62d822af7e262d7cdf1d9178bbd187eb43f840d4e2a6b14e5be0aae646a5ef015cb80b4ae9f27167f1b24392a8df1ace4e597845cf31baeca69a4f558f44bc350a4f10004eb399ab29475564b12e7a0d8ab9677d81bc7b7766126c9964b3b5f6a18", 0xed}, {&(0x7f0000000b80)="b34205423f19e25d9423bc058a", 0xd}, {&(0x7f0000000bc0)="de670e1f0e504ff8b701b11817ddca2a80d1a7ca0a57dc64406d2dd4ffc26f04227554e3e9144f6ce88c3b3a4b770d651fda464cca4b442c960d2ad6e8ec4f1573c577a4b3309e50f11a2cf6775d4295b19f5e492802bd95f4a6e2e51e877f6aecfc3a2d54", 0x65}, {&(0x7f0000000c40)="72c7d49948b307fa7e35e59ba83b9e6225a6994b6044277e0fc0eae8b9161e7ebb1f2aa2ade84eb93324ab1e308c6005c2dd45784fa025d09274a6d569388f6e9d589696312a60e669d8b778343b23035e47f81bfe4235925fc4ed7a7064f1e908240efa5a1158caee001c419176edbdb0eff7e8a770cb47f7ea3aafe55f7d8a515875703690671bdde407e7aeb20dc9a31a43d9917e6376e8e656b6ddf5e0e849fefb0f153ddb87d390cb2e3c21d49c32e74b99d1fb4050dd69254e3dd6b69104a02fcc5aa1b71976863e33fa0224a830f4393499d6e26388f2c8cc", 0xdc}, {&(0x7f0000000d40)="9fed7afce7307aa53460ea1fe9c4f8c1926b380bb8cfee4a73850a516557f0f99408342f18c1953019f474e88e8457e935329ecb1a0e2dbb4cd72d8ab8c8422eaadd3acc2eba341c38ca80ab1fc33f4fa77b1619d85721b0e864e4c3cea2fc10", 0x60}, {&(0x7f0000000dc0)="0f1a695f132b0b84b4ebcd2957f724205e8feb81ec44c99515a9f22c632f3c8176977ec55d", 0x25}, {&(0x7f0000000e00)="f47836903e31cd65bdb267e566d6a395ad84a8692651d996a6246ad267aea9cfb82b88fceb3ba3d00cb4f544de9186f2cac5f15d17772893300e5a452d039eff6572db171f6dd9f5e2e0a7999acfa2825b34d2317ac9e8f638ef8ad1002c8a771cb9c39421c878a579db63d279d3e02efda05ac39970e3905f51a21ae496a68d3507e610b3f5c3aa7f864609e0849b6f0a", 0x91}], 0x8}}], 0x4, 0x0) 20:12:59 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff07, 0x0, 0x8800000) 20:12:59 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 43) 20:12:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1283.358781] Unsupported ieee802154 address type: 0 [ 1283.360380] FAULT_INJECTION: forcing a failure. [ 1283.360380] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.361554] CPU: 1 PID: 7994 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1283.362240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.363077] Call Trace: [ 1283.363366] dump_stack+0x107/0x167 [ 1283.363737] should_fail.cold+0x5/0xa [ 1283.364122] ? ___slab_alloc+0x155/0x700 [ 1283.364561] ? create_object.isra.0+0x3a/0xa20 [ 1283.365029] should_failslab+0x5/0x20 [ 1283.365408] kmem_cache_alloc+0x5b/0x310 [ 1283.365827] create_object.isra.0+0x3a/0xa20 [ 1283.366276] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1283.366817] kmem_cache_alloc+0x159/0x310 [ 1283.367251] anon_vma_clone+0xdc/0x590 [ 1283.367675] __split_vma+0x17c/0x570 [ 1283.368073] __do_munmap+0xf40/0x1260 [ 1283.368492] ? lock_release+0x680/0x680 [ 1283.368919] mmap_region+0x776/0x1590 [ 1283.369315] ? get_unmapped_area+0x2f0/0x420 [ 1283.369789] do_mmap+0xcdb/0x11e0 [ 1283.370187] vm_mmap_pgoff+0x198/0x1f0 [ 1283.370609] ? randomize_page+0xb0/0xb0 [ 1283.371027] ? __fget_files+0x296/0x4c0 [ 1283.371449] ksys_mmap_pgoff+0x41c/0x560 [ 1283.371877] ? find_mergeable_anon_vma+0x250/0x250 [ 1283.372380] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.372924] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.373477] do_syscall_64+0x33/0x40 [ 1283.373864] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1283.374401] RIP: 0033:0x7f90dc5e4b19 [ 1283.374807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.376749] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1283.377586] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1283.378378] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1283.379135] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1283.379911] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1283.380649] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 [ 1283.386205] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1283.387053] ref_ctr increment failed for inode: 0x3e83 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000042897129 [ 1283.399528] Unsupported ieee802154 address type: 0 [ 1283.409358] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1283.410173] ref_ctr increment failed for inode: 0x3e83 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000042897129 [ 1283.445552] FAULT_INJECTION: forcing a failure. [ 1283.445552] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.448399] CPU: 0 PID: 7997 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1283.449771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.451462] Call Trace: [ 1283.451998] dump_stack+0x107/0x167 [ 1283.452744] should_fail.cold+0x5/0xa [ 1283.453519] ? jbd2__journal_start+0x190/0x7e0 [ 1283.454466] should_failslab+0x5/0x20 [ 1283.455239] kmem_cache_alloc+0x5b/0x310 [ 1283.456065] jbd2__journal_start+0x190/0x7e0 [ 1283.456969] __ext4_journal_start_sb+0x214/0x390 [ 1283.457924] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1283.459022] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1283.459990] ? down_write_killable+0x180/0x180 [ 1283.460912] ext4_fallocate+0x415/0x3860 [ 1283.461722] ? __x64_sys_fallocate+0xcf/0x140 [ 1283.462650] ? lock_release+0x680/0x680 [ 1283.463448] ? ext4_ext_truncate+0x250/0x250 [ 1283.464330] ? ext4_ext_truncate+0x250/0x250 [ 1283.465220] vfs_fallocate+0x48f/0xd00 [ 1283.466008] __x64_sys_fallocate+0xcf/0x140 [ 1283.466894] do_syscall_64+0x33/0x40 [ 1283.467635] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1283.468675] RIP: 0033:0x7f6d60f48b19 [ 1283.469437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.473179] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1283.474723] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1283.476158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1283.477590] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1283.479029] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1283.480465] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:13:12 executing program 5: kexec_load(0x100000000000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:13:12 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 9) 20:13:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00'}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:13:12 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfe80, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6, 0x4022812, r0, 0x0) 20:13:12 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff0f, 0x0, 0x8800000) 20:13:12 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'caif0\x00'}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0x1, 0x4c, 0x8000, 0xc6, 0x1}) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:13:12 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 44) [ 1296.299536] FAULT_INJECTION: forcing a failure. [ 1296.299536] name failslab, interval 1, probability 0, space 0, times 0 [ 1296.301912] CPU: 1 PID: 8012 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1296.303331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1296.304988] Call Trace: [ 1296.305523] dump_stack+0x107/0x167 [ 1296.306268] should_fail.cold+0x5/0xa [ 1296.307047] ? vm_area_alloc+0x1c/0x110 [ 1296.307860] should_failslab+0x5/0x20 [ 1296.308629] kmem_cache_alloc+0x5b/0x310 [ 1296.309453] vm_area_alloc+0x1c/0x110 [ 1296.310231] mmap_region+0x819/0x1590 [ 1296.311012] ? get_unmapped_area+0x2f0/0x420 [ 1296.311884] do_mmap+0xcdb/0x11e0 [ 1296.312586] vm_mmap_pgoff+0x198/0x1f0 [ 1296.313366] ? randomize_page+0xb0/0xb0 [ 1296.314162] ? __fget_files+0x296/0x4c0 [ 1296.315010] ksys_mmap_pgoff+0x41c/0x560 [ 1296.315833] ? find_mergeable_anon_vma+0x250/0x250 [ 1296.316316] FAULT_INJECTION: forcing a failure. [ 1296.316316] name failslab, interval 1, probability 0, space 0, times 0 [ 1296.316852] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1296.316876] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1296.320312] do_syscall_64+0x33/0x40 [ 1296.321068] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1296.322125] RIP: 0033:0x7f90dc5e4b19 [ 1296.322909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1296.326687] RSP: 002b:00007f90d9b5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1296.328255] RAX: ffffffffffffffda RBX: 00007f90dc6f7f60 RCX: 00007f90dc5e4b19 [ 1296.329700] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffb000 [ 1296.331158] RBP: 00007f90d9b5a1d0 R08: 0000000000000003 R09: 0000000000000000 [ 1296.332585] R10: 0000000004022812 R11: 0000000000000246 R12: 0000000000000001 [ 1296.334020] R13: 00007ffc9f72ab5f R14: 00007f90d9b5a300 R15: 0000000000022000 [ 1296.335491] CPU: 0 PID: 8025 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1296.336258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1296.337165] Call Trace: [ 1296.337461] dump_stack+0x107/0x167 [ 1296.337926] should_fail.cold+0x5/0xa [ 1296.338443] ? create_object.isra.0+0x3a/0xa20 [ 1296.338956] should_failslab+0x5/0x20 [ 1296.339377] kmem_cache_alloc+0x5b/0x310 [ 1296.339837] create_object.isra.0+0x3a/0xa20 [ 1296.340319] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1296.340880] kmem_cache_alloc+0x159/0x310 [ 1296.341343] jbd2__journal_start+0x190/0x7e0 [ 1296.341832] __ext4_journal_start_sb+0x214/0x390 [ 1296.342355] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1296.342948] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1296.343483] ? down_write_killable+0x180/0x180 [ 1296.343987] ext4_fallocate+0x415/0x3860 [ 1296.344426] ? __x64_sys_fallocate+0xcf/0x140 [ 1296.344916] ? lock_release+0x680/0x680 [ 1296.345348] ? ext4_ext_truncate+0x250/0x250 [ 1296.345832] ? ext4_ext_truncate+0x250/0x250 [ 1296.346322] vfs_fallocate+0x48f/0xd00 [ 1296.346768] __x64_sys_fallocate+0xcf/0x140 [ 1296.347242] do_syscall_64+0x33/0x40 [ 1296.347651] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1296.348220] RIP: 0033:0x7f6d60f48b19 [ 1296.348626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1296.350629] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1296.351465] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1296.352247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1296.353033] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1296.353815] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1296.354601] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1296.357289] Unsupported ieee802154 address type: 0 20:13:12 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff17, 0x0, 0x8800000) 20:13:12 executing program 5: kexec_load(0x200000000000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:13:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7, 0x4022812, r0, 0x0) 20:13:12 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfec0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 20:13:12 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) (fail_nth: 10) 20:13:12 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff1f, 0x0, 0x8800000) 20:13:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa, 0x4022812, r0, 0x0) 20:13:12 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 45) 20:13:12 executing program 5: kexec_load(0x8000000000000000, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1296.517268] FAULT_INJECTION: forcing a failure. [ 1296.517268] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1296.518739] CPU: 0 PID: 8052 Comm: syz-executor.2 Not tainted 5.10.204 #1 [ 1296.519456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1296.520320] Call Trace: [ 1296.520606] dump_stack+0x107/0x167 [ 1296.520996] should_fail.cold+0x5/0xa [ 1296.521409] _copy_from_user+0x2e/0x1b0 [ 1296.521837] kstrtouint_from_user+0xbd/0x220 [ 1296.522299] ? kstrtou8_from_user+0x210/0x210 [ 1296.522800] ? lock_acquire+0x197/0x470 [ 1296.523225] ? ksys_write+0x12d/0x260 [ 1296.523636] proc_fail_nth_write+0x78/0x220 [ 1296.524100] ? proc_task_getattr+0x1f0/0x1f0 [ 1296.524565] ? __fget_files+0x296/0x4c0 [ 1296.524994] ? proc_task_getattr+0x1f0/0x1f0 [ 1296.525452] vfs_write+0x29a/0xa70 [ 1296.525837] ksys_write+0x12d/0x260 [ 1296.526218] ? __ia32_sys_read+0xb0/0xb0 [ 1296.526667] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1296.527218] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1296.527770] do_syscall_64+0x33/0x40 [ 1296.528169] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1296.528719] RIP: 0033:0x7f90dc5975ff [ 1296.529122] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 1296.531070] RSP: 002b:00007f90d9b39170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1296.531871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f90dc5975ff [ 1296.532623] RDX: 0000000000000001 RSI: 00007f90d9b391e0 RDI: 0000000000000008 [ 1296.533377] RBP: 00007f90d9b391d0 R08: 0000000000000000 R09: 0000000000000000 [ 1296.534129] R10: 0000000004022812 R11: 0000000000000293 R12: 0000000000000002 [ 1296.534893] R13: 00007ffc9f72ab5f R14: 00007f90d9b39300 R15: 0000000000022000 [ 1296.598588] FAULT_INJECTION: forcing a failure. [ 1296.598588] name failslab, interval 1, probability 0, space 0, times 0 [ 1296.601117] CPU: 1 PID: 8058 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1296.602507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1296.604170] Call Trace: [ 1296.604703] dump_stack+0x107/0x167 [ 1296.605476] should_fail.cold+0x5/0xa [ 1296.606296] ? jbd2__journal_start+0x190/0x7e0 [ 1296.607232] should_failslab+0x5/0x20 [ 1296.608015] kmem_cache_alloc+0x5b/0x310 [ 1296.608845] jbd2__journal_start+0x190/0x7e0 [ 1296.609744] __ext4_journal_start_sb+0x214/0x390 [ 1296.610719] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1296.611792] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1296.612775] ? down_write_killable+0x180/0x180 [ 1296.613706] ext4_fallocate+0x415/0x3860 [ 1296.614542] ? __x64_sys_fallocate+0xcf/0x140 [ 1296.615450] ? lock_release+0x680/0x680 [ 1296.616260] ? ext4_ext_truncate+0x250/0x250 [ 1296.617146] ? ext4_ext_truncate+0x250/0x250 [ 1296.618030] vfs_fallocate+0x48f/0xd00 [ 1296.618824] __x64_sys_fallocate+0xcf/0x140 [ 1296.619708] do_syscall_64+0x33/0x40 [ 1296.620451] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1296.621489] RIP: 0033:0x7f6d60f48b19 [ 1296.622235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1296.625991] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1296.627518] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1296.628938] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1296.630367] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1296.631811] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1296.633237] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:13:25 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 46) 20:13:25 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) fsetxattr(r1, &(0x7f0000000000)=@known='trusted.overlay.origin\x00', &(0x7f0000000040)='\xd3\x00', 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:13:25 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xc, 0x4022812, r0, 0x0) 20:13:25 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xff00, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:25 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff27, 0x0, 0x8800000) 20:13:25 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 20:13:25 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) 20:13:25 executing program 5: kexec_load(0x0, 0x10, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1308.974162] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1308.975906] ref_ctr increment failed for inode: 0x3e75 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003a89a0f1 [ 1308.989665] Unsupported ieee802154 address type: 0 [ 1309.003621] Unsupported ieee802154 address type: 0 [ 1309.020794] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1309.022436] ref_ctr increment failed for inode: 0x3e75 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003a89a0f1 20:13:25 executing program 5: kexec_load(0x0, 0x80000, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:13:25 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x34000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1309.076244] FAULT_INJECTION: forcing a failure. [ 1309.076244] name failslab, interval 1, probability 0, space 0, times 0 [ 1309.078593] CPU: 1 PID: 8075 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1309.079976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1309.081635] Call Trace: [ 1309.082167] dump_stack+0x107/0x167 [ 1309.082915] should_fail.cold+0x5/0xa [ 1309.083691] ? create_object.isra.0+0x3a/0xa20 [ 1309.084611] should_failslab+0x5/0x20 [ 1309.085374] kmem_cache_alloc+0x5b/0x310 [ 1309.086193] create_object.isra.0+0x3a/0xa20 [ 1309.087100] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1309.088131] kmem_cache_alloc+0x159/0x310 [ 1309.088972] ext4_mb_new_blocks+0x64d/0x45b0 [ 1309.089871] ? trace_hardirqs_on+0x5b/0x180 [ 1309.090763] ? ext4_cache_extents+0x148/0x2d0 [ 1309.091662] ? ext4_discard_preallocations+0xd80/0xd80 [ 1309.092718] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1309.093686] ext4_ext_map_blocks+0x1d68/0x5850 [ 1309.094633] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1309.095688] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1309.096747] ? ext4_ext_release+0x10/0x10 [ 1309.097586] ? ext4_map_blocks+0x5e0/0x1940 [ 1309.098459] ? lock_release+0x680/0x680 [ 1309.099269] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1309.100218] ? lock_downgrade+0x6d0/0x6d0 [ 1309.101072] ? down_write_killable+0x180/0x180 [ 1309.102011] ext4_map_blocks+0x652/0x1940 [ 1309.102866] ? kmem_cache_alloc+0x2a6/0x310 [ 1309.103736] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1309.104638] ? jbd2__journal_start+0xf3/0x7e0 [ 1309.105546] ? __ext4_journal_start_sb+0x214/0x390 [ 1309.106527] ? __ext4_journal_start_sb+0x1db/0x390 [ 1309.107525] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1309.108597] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1309.109575] ? down_write_killable+0x180/0x180 [ 1309.110501] ext4_fallocate+0x415/0x3860 [ 1309.111331] ? __x64_sys_fallocate+0xcf/0x140 [ 1309.112238] ? lock_release+0x680/0x680 [ 1309.113040] ? ext4_ext_truncate+0x250/0x250 [ 1309.113932] ? ext4_ext_truncate+0x250/0x250 [ 1309.114844] vfs_fallocate+0x48f/0xd00 [ 1309.115632] __x64_sys_fallocate+0xcf/0x140 [ 1309.116503] do_syscall_64+0x33/0x40 [ 1309.117250] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1309.118282] RIP: 0033:0x7f6d60f48b19 [ 1309.119041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1309.122733] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1309.124253] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1309.125685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1309.127140] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1309.128578] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1309.130013] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:13:44 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 47) 20:13:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 20:13:44 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x40000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10, 0x4022812, r0, 0x0) 20:13:44 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="02000000000100002e2f66696c653000c0967462a0f8f8a3ffaf0bcb5a5a47d3f77e3053e4f10ef833463d9a83b0f772edd2e34b6ccab0be6d0804b786a6f1dc5b5aacd13b8169d417d8bae4bceb0ca9f9e6c00ca7bc58d1b93e27676d6234f36a1ee28d0a6831d87cee61193911fcd1cd08a2c7cb09848b75f7cfaab779a4bb1e6f20685169264d9a652f39bb1daaa1f85e"]) setsockopt$WPAN_WANTLQI(r1, 0x0, 0x3, &(0x7f0000000040)=0x1, 0x4) r2 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x1f, 0x101000) preadv2(r2, &(0x7f0000000140)=[{&(0x7f0000000100)=""/16, 0x10}], 0x1, 0xfffffffd, 0xffffffd9, 0xa) connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000180)={0x24, @short={0x2, 0xffff, 0xaaa0}}, 0x14) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000340), 0x6e, &(0x7f0000000840)=[{&(0x7f00000003c0)=""/170, 0xaa}, {&(0x7f0000000480)=""/252, 0xfc}, {&(0x7f0000000580)=""/79, 0x4f}, {&(0x7f0000000600)=""/180, 0xb4}, {&(0x7f00000006c0)=""/170, 0xaa}, {&(0x7f0000000780)=""/13, 0xd}, {&(0x7f00000007c0)=""/69, 0x45}], 0x7, &(0x7f00000009c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="000000001c000000000000000100000002400000fc696f808dc1bc027a8c4f7a546e59f601fb4066e96521eb5fe57c2398743b684e32f235c6129bbc1e4236db9112c93becce7e489065851208cff2e73c05008ab1b4fde8b65061cf0587231db3416b95ce7534a55e707dbd652ea5ede577da0dca118fc197be7695cce5f53c91fcd8d2fb7e2fd0bdf28039ca013253c0d1db4b07ab2e43b78e7af9bb4a0c95b43de53083f370047de3697941f14909008b686ffbf3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x2122) bind$802154_dgram(r3, &(0x7f0000000300)={0x24, @none={0x0, 0x2}}, 0x14) r4 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000280)=0x14) ioctl$sock_SIOCOUTQ(r4, 0x5411, &(0x7f00000002c0)) 20:13:44 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff2f, 0x0, 0x8800000) 20:13:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3002, 0x0, 0x4022812, r0, 0x0) 20:13:44 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x2, 0x0, 0x80}], 0x0) [ 1328.423633] Unsupported ieee802154 address type: 0 [ 1328.446370] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1328.448061] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000da2e0b8e 20:13:44 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x8, 0x0, 0x80}], 0x0) [ 1328.480468] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1328.482096] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000da2e0b8e 20:13:44 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x80000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:44 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = accept4(r0, &(0x7f0000000140)=@pptp={0x18, 0x2, {0x0, @local}}, &(0x7f00000000c0)=0x80, 0x800) bind$802154_dgram(r1, &(0x7f0000000100)={0x24, @none={0x0, 0x2}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:13:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3003, 0x0, 0x4022812, r0, 0x0) 20:13:44 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff37, 0x0, 0x8800000) [ 1328.576017] Unsupported ieee802154 address type: 0 20:13:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x30, 0x4022812, r0, 0x0) 20:13:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3002, 0x0, 0x4022812, r0, 0x0) 20:13:45 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x3e00, 0x0, 0x80}], 0x0) [ 1328.633537] FAULT_INJECTION: forcing a failure. [ 1328.633537] name failslab, interval 1, probability 0, space 0, times 0 [ 1328.637271] CPU: 0 PID: 8115 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1328.638720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1328.640478] Call Trace: [ 1328.641042] dump_stack+0x107/0x167 [ 1328.641817] should_fail.cold+0x5/0xa [ 1328.642629] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1328.643635] should_failslab+0x5/0x20 [ 1328.644446] kmem_cache_alloc+0x5b/0x310 [ 1328.645307] ext4_mb_new_blocks+0x209f/0x45b0 [ 1328.646265] ? trace_hardirqs_on+0x5b/0x180 [ 1328.647193] ? ext4_cache_extents+0x148/0x2d0 [ 1328.648141] ? ext4_discard_preallocations+0xd80/0xd80 [ 1328.649252] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1328.650271] ext4_ext_map_blocks+0x1d68/0x5850 [ 1328.651293] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1328.652400] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1328.653514] ? ext4_ext_release+0x10/0x10 [ 1328.654396] ? ext4_map_blocks+0x5e0/0x1940 [ 1328.655321] ? lock_release+0x680/0x680 [ 1328.656164] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1328.657160] ? lock_downgrade+0x6d0/0x6d0 [ 1328.658060] ? down_write_killable+0x180/0x180 [ 1328.659051] ext4_map_blocks+0x652/0x1940 [ 1328.659935] ? kmem_cache_alloc+0x2a6/0x310 [ 1328.660848] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1328.661798] ? jbd2__journal_start+0xf3/0x7e0 [ 1328.662751] ? __ext4_journal_start_sb+0x214/0x390 [ 1328.663804] ? __ext4_journal_start_sb+0x1db/0x390 [ 1328.664854] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1328.665977] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1328.667011] ? down_write_killable+0x180/0x180 [ 1328.667991] ext4_fallocate+0x415/0x3860 [ 1328.668848] ? __x64_sys_fallocate+0xcf/0x140 [ 1328.669800] ? lock_release+0x680/0x680 [ 1328.670648] ? ext4_ext_truncate+0x250/0x250 [ 1328.671609] ? ext4_ext_truncate+0x250/0x250 [ 1328.672548] vfs_fallocate+0x48f/0xd00 [ 1328.673382] __x64_sys_fallocate+0xcf/0x140 [ 1328.674302] do_syscall_64+0x33/0x40 [ 1328.675101] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1328.676195] RIP: 0033:0x7f6d60f48b19 [ 1328.676988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1328.680864] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1328.682468] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1328.683994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1328.685497] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1328.687009] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1328.688516] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1328.715544] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1328.717217] ref_ctr increment failed for inode: 0x3e8a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000071571121 [ 1328.759335] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1328.761029] ref_ctr increment failed for inode: 0x3e8a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000071571121 [ 1340.971614] Unsupported ieee802154 address type: 0 [ 1340.973773] Unsupported ieee802154 address type: 0 20:13:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3004, 0x0, 0x4022812, r0, 0x0) 20:13:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x48, 0x4022812, r0, 0x0) 20:13:57 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80c0, 0x91) connect$802154_dgram(r1, &(0x7f0000000040)={0x24, @short={0x2, 0xffff, 0xaaa0}}, 0x14) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r2, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) fallocate(r2, 0x33, 0xdb, 0x7) 20:13:57 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff3f, 0x0, 0x8800000) 20:13:57 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x80000, 0x0, 0x80}], 0x0) 20:13:57 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x400300, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:57 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x80, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f0000000000)={0x24, @long={0x3, 0x1}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:13:57 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 48) [ 1340.976159] FAULT_INJECTION: forcing a failure. [ 1340.976159] name failslab, interval 1, probability 0, space 0, times 0 [ 1340.977486] CPU: 1 PID: 8159 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1340.978265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1340.979196] Call Trace: [ 1340.979497] dump_stack+0x107/0x167 [ 1340.979903] should_fail.cold+0x5/0xa [ 1340.980329] ? create_object.isra.0+0x3a/0xa20 [ 1340.980848] should_failslab+0x5/0x20 [ 1340.981274] kmem_cache_alloc+0x5b/0x310 [ 1340.981747] create_object.isra.0+0x3a/0xa20 [ 1340.982257] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1340.982854] kmem_cache_alloc+0x159/0x310 [ 1340.983355] ext4_mb_new_blocks+0x209f/0x45b0 [ 1340.983888] ? trace_hardirqs_on+0x5b/0x180 [ 1340.984401] ? ext4_cache_extents+0x148/0x2d0 [ 1340.984901] ? ext4_discard_preallocations+0xd80/0xd80 [ 1340.985511] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1340.986075] ext4_ext_map_blocks+0x1d68/0x5850 [ 1340.986626] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1340.987257] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1340.987869] ? ext4_ext_release+0x10/0x10 [ 1340.988356] ? ext4_map_blocks+0x5e0/0x1940 [ 1340.988844] ? lock_release+0x680/0x680 [ 1340.989312] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1340.989869] ? lock_downgrade+0x6d0/0x6d0 [ 1340.990376] ? down_write_killable+0x180/0x180 [ 1340.990916] ext4_map_blocks+0x652/0x1940 [ 1340.991391] ? kmem_cache_alloc+0x2a6/0x310 [ 1340.991907] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1340.992447] ? jbd2__journal_start+0xf3/0x7e0 [ 1340.992975] ? __ext4_journal_start_sb+0x214/0x390 [ 1340.993548] ? __ext4_journal_start_sb+0x1db/0x390 [ 1340.994131] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1340.994750] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1340.995325] ? down_write_killable+0x180/0x180 [ 1340.995871] ext4_fallocate+0x415/0x3860 [ 1340.996351] ? __x64_sys_fallocate+0xcf/0x140 [ 1340.996891] ? lock_release+0x680/0x680 [ 1340.997366] ? ext4_ext_truncate+0x250/0x250 [ 1340.997901] ? ext4_ext_truncate+0x250/0x250 [ 1340.998415] vfs_fallocate+0x48f/0xd00 [ 1340.998867] __x64_sys_fallocate+0xcf/0x140 [ 1340.999380] do_syscall_64+0x33/0x40 [ 1340.999808] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1341.000399] RIP: 0033:0x7f6d60f48b19 [ 1341.000832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1341.002838] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1341.003726] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1341.004514] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1341.005326] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1341.006144] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1341.006982] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:13:57 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x3e0000, 0x0, 0x80}], 0x0) [ 1341.019447] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1341.021220] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b [ 1341.049641] Unsupported ieee802154 address type: 0 20:13:57 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:13:57 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:13:57 executing program 1: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r0, &(0x7f0000000140)=0x9, 0xdb7b) sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a40000000a0a010200000000000000000000000408000fc20000000908000440000000c665000d402601ea482137820064539dcfb31c89818479b8d36851e88cfd88b0aac4a96287e460f0d03a4a2095bd73388d6ff319e1535a7faef5d4758f8df8eab35b344c47862ad2e7ab5fcae383fcbd9736f778083600000008000c4000000007080007400000003e080007400000000f00000000002000"/164], 0xa4}, 0x1, 0x0, 0x0, 0x840}, 0x48000) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r2, &(0x7f0000000080), 0x14) r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x2) dup2(r5, r1) sendfile(r4, r3, &(0x7f0000000140)=0x9, 0xdb7b) connect$802154_dgram(r4, &(0x7f0000000000)={0x24, @short={0x2, 0x2, 0xaaa1}}, 0x14) 20:13:57 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) r1 = openat2(r0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x200000, 0x82}, 0x18) setsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000100)=0x1, 0x4) 20:13:57 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff47, 0x0, 0x8800000) [ 1341.093975] Unsupported ieee802154 address type: 0 20:13:57 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x1000000, 0x0, 0x80}], 0x0) [ 1341.106577] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1341.108252] Unsupported ieee802154 address type: 0 [ 1341.108270] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b00470b 20:13:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x300a, 0x0, 0x4022812, r0, 0x0) 20:13:57 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x2000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1341.241471] Unsupported ieee802154 address type: 0 20:14:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x300a, 0x0, 0x4022812, r0, 0x0) 20:14:09 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) connect$802154_dgram(r0, &(0x7f0000000000)={0x24, @short={0x2, 0x3, 0xaaa0}}, 0x14) 20:14:09 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 49) 20:14:09 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x7fffdf004000, 0x0, 0x4022812, r0, 0x0) 20:14:09 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x2000000, 0x0, 0x80}], 0x0) 20:14:09 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4c, 0x4022812, r0, 0x0) 20:14:09 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff4f, 0x0, 0x8800000) 20:14:09 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x3000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1353.593521] Unsupported ieee802154 address type: 0 [ 1353.597053] FAULT_INJECTION: forcing a failure. [ 1353.597053] name failslab, interval 1, probability 0, space 0, times 0 [ 1353.599392] CPU: 1 PID: 8214 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1353.600764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1353.602426] Call Trace: [ 1353.602965] dump_stack+0x107/0x167 [ 1353.603725] should_fail.cold+0x5/0xa [ 1353.604514] ? jbd2__journal_start+0x190/0x7e0 [ 1353.605448] should_failslab+0x5/0x20 [ 1353.606224] kmem_cache_alloc+0x5b/0x310 [ 1353.607064] jbd2__journal_start+0x190/0x7e0 [ 1353.607970] __ext4_journal_start_sb+0x214/0x390 [ 1353.608939] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1353.610188] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1353.611179] ? down_write_killable+0x180/0x180 [ 1353.612152] ext4_fallocate+0x415/0x3860 [ 1353.612980] ? __x64_sys_fallocate+0xcf/0x140 [ 1353.613896] ? lock_release+0x680/0x680 [ 1353.614723] ? ext4_ext_truncate+0x250/0x250 [ 1353.615644] ? ext4_ext_truncate+0x250/0x250 [ 1353.616541] vfs_fallocate+0x48f/0xd00 [ 1353.617354] __x64_sys_fallocate+0xcf/0x140 [ 1353.618236] do_syscall_64+0x33/0x40 [ 1353.618994] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1353.620040] RIP: 0033:0x7f6d60f48b19 [ 1353.620799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1353.624567] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1353.626118] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1353.627611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1353.629065] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1353.630531] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1353.631998] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:14:10 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x3e0000000000, 0x0, 0x80}], 0x0) [ 1353.645362] Unsupported ieee802154 address type: 0 [ 1353.656970] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1353.658699] ref_ctr increment failed for inode: 0x3e8f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b5656144 20:14:10 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x4000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1353.689738] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1353.691451] ref_ctr increment failed for inode: 0x3e8f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b5656144 20:14:10 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x8000000000000, 0x0, 0x80}], 0x0) 20:14:10 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6800, 0x0, 0x8800000) 20:14:10 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @none={0x0, 0x3}}, 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f0000000000)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0102}}}, 0x14) 20:14:10 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff57, 0x0, 0x8800000) 20:14:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x68, 0x4022812, r0, 0x0) 20:14:10 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x5000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:14:10 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x7ffffffff000, 0x0, 0x4022812, r0, 0x0) [ 1353.825161] Unsupported ieee802154 address type: 0 [ 1353.854134] Unsupported ieee802154 address type: 0 20:14:10 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 50) 20:14:10 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x7400, 0x0, 0x4022812, r0, 0x0) [ 1353.882173] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1353.883876] ref_ctr increment failed for inode: 0x3e78 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003b6377b7 [ 1353.947125] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1353.948759] ref_ctr increment failed for inode: 0x3e78 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003b6377b7 [ 1353.965918] FAULT_INJECTION: forcing a failure. [ 1353.965918] name failslab, interval 1, probability 0, space 0, times 0 [ 1353.968327] CPU: 1 PID: 8258 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1353.969726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1353.971410] Call Trace: [ 1353.971949] dump_stack+0x107/0x167 [ 1353.972689] should_fail.cold+0x5/0xa [ 1353.973459] ? create_object.isra.0+0x3a/0xa20 [ 1353.974380] should_failslab+0x5/0x20 [ 1353.975180] kmem_cache_alloc+0x5b/0x310 [ 1353.976017] create_object.isra.0+0x3a/0xa20 [ 1353.976932] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1353.977985] kmem_cache_alloc+0x159/0x310 [ 1353.978856] jbd2__journal_start+0x190/0x7e0 [ 1353.979783] __ext4_journal_start_sb+0x214/0x390 [ 1353.980778] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1353.981879] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1353.982889] ? down_write_killable+0x180/0x180 [ 1353.983864] ext4_fallocate+0x415/0x3860 [ 1353.984707] ? __x64_sys_fallocate+0xcf/0x140 [ 1353.985645] ? lock_release+0x680/0x680 [ 1353.986473] ? ext4_ext_truncate+0x250/0x250 [ 1353.987398] ? ext4_ext_truncate+0x250/0x250 [ 1353.988311] vfs_fallocate+0x48f/0xd00 [ 1353.989117] __x64_sys_fallocate+0xcf/0x140 [ 1353.990015] do_syscall_64+0x33/0x40 [ 1353.990786] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1353.991853] RIP: 0033:0x7f6d60f48b19 [ 1353.992626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1353.996395] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1353.997971] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1353.999441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1354.000927] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1354.002390] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1354.003886] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1354.018343] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1354.019970] ref_ctr increment failed for inode: 0x3e6a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004a61323f 20:14:24 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x100000000000000, 0x0, 0x80}], 0x0) 20:14:24 executing program 1: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x27, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:14:24 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) fcntl$getownex(r2, 0x10, &(0x7f00000009c0)={0x0, 0x0}) clone3(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[r3], 0x1}, 0x58) r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r4, &(0x7f0000000140)=0x9, 0xdb7b) connect$802154_dgram(r5, &(0x7f0000000100)={0x24, @none={0x0, 0x3}}, 0x14) fcntl$setown(r1, 0x8, r3) [ 1368.026337] Unsupported ieee802154 address type: 0 20:14:24 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x6000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:14:24 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 51) 20:14:24 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff5f, 0x0, 0x8800000) 20:14:24 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x4022812, r0, 0x0) 20:14:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6c, 0x4022812, r0, 0x0) 20:14:24 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x200000000000000, 0x0, 0x80}], 0x0) 20:14:24 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) r3 = openat(r2, &(0x7f0000000600)='./file0\x00', 0x2, 0x2) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) bind$packet(r2, &(0x7f00000006c0)={0x11, 0x5, 0x0, 0x1, 0x81, 0x6, @local}, 0x14) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000740)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) connect$802154_dgram(r4, &(0x7f0000000780)={0x24, @none={0x0, 0xffff}}, 0x14) connect$802154_dgram(r0, &(0x7f00000004c0)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000700)="8590e1cfaf3a5aafd994cf3d820b49caf58554fe1664", 0x1}], 0x1}}], 0x47, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) accept4(r5, &(0x7f0000000540)=@rc={0x1f, @none}, &(0x7f00000005c0)=0x80, 0x80800) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) readv(r0, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/224, 0xe0}, {&(0x7f00000001c0)=""/247, 0xf7}, {&(0x7f00000002c0)=""/147, 0x93}, {&(0x7f0000000380)=""/136, 0x88}], 0x4) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000500)=0x7) connect$802154_dgram(r0, &(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000480)={0x2, 0xce27}) 20:14:24 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x7000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1368.117839] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1368.119581] ref_ctr increment failed for inode: 0x3e8a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000ec3a543b [ 1368.135969] FAULT_INJECTION: forcing a failure. [ 1368.135969] name failslab, interval 1, probability 0, space 0, times 0 [ 1368.138481] CPU: 0 PID: 8280 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1368.139537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1368.140771] Call Trace: [ 1368.141178] dump_stack+0x107/0x167 [ 1368.141738] should_fail.cold+0x5/0xa [ 1368.142309] ? ext4_find_extent+0xa3d/0xd30 [ 1368.142958] should_failslab+0x5/0x20 [ 1368.143545] __kmalloc+0x72/0x390 [ 1368.144070] ? lock_chain_count+0x20/0x20 [ 1368.144691] ext4_find_extent+0xa3d/0xd30 [ 1368.145311] ext4_ext_map_blocks+0x1c8/0x5850 [ 1368.145986] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1368.146769] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1368.147461] ? _raw_spin_unlock_irq+0x27/0x30 [ 1368.148165] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1368.148830] ? finish_task_switch+0x126/0x5d0 [ 1368.149492] ? ext4_ext_release+0x10/0x10 [ 1368.150114] ? ext4_map_blocks+0x5e0/0x1940 [ 1368.150765] ? lock_release+0x680/0x680 [ 1368.151376] ? io_schedule_timeout+0x140/0x140 [ 1368.152055] ? lock_downgrade+0x6d0/0x6d0 [ 1368.152678] ? down_write+0xe0/0x160 [ 1368.153234] ? down_write_killable+0x180/0x180 [ 1368.153927] ext4_map_blocks+0x652/0x1940 20:14:24 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff67, 0x0, 0x8800000) [ 1368.154544] ? kmem_cache_alloc+0x2a6/0x310 [ 1368.155351] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1368.156033] ? jbd2__journal_start+0xf3/0x7e0 [ 1368.156712] ? __ext4_journal_start_sb+0x214/0x390 [ 1368.157438] ? __ext4_journal_start_sb+0x1db/0x390 [ 1368.158169] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1368.158953] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1368.159689] ? down_write_killable+0x180/0x180 [ 1368.160393] ext4_fallocate+0x415/0x3860 [ 1368.161003] ? __x64_sys_fallocate+0xcf/0x140 [ 1368.161679] ? lock_release+0x680/0x680 [ 1368.162275] ? ext4_ext_truncate+0x250/0x250 [ 1368.162930] ? ext4_ext_truncate+0x250/0x250 [ 1368.163585] vfs_fallocate+0x48f/0xd00 [ 1368.164144] __x64_sys_fallocate+0xcf/0x140 [ 1368.164780] do_syscall_64+0x33/0x40 [ 1368.165323] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1368.166075] RIP: 0033:0x7f6d60f48b19 [ 1368.166621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1368.169281] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1368.170384] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1368.171423] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1368.172468] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1368.173515] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1368.174547] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:14:24 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x8000000000000000, 0x0, 0x80}], 0x0) [ 1368.182306] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1368.183966] ref_ctr increment failed for inode: 0x3e8a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000ec3a543b [ 1368.186064] Unsupported ieee802154 address type: 0 20:14:24 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, 0x4022812, r0, 0x0) 20:14:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4, 0x4022812, r0, 0x0) 20:14:38 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff67, 0x0, 0x8800000) 20:14:38 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 52) 20:14:38 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff6f, 0x0, 0x8800000) 20:14:38 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket(0x2a, 0x274dd37dd8f41397, 0x1f) lseek(r1, 0x7, 0x1) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:14:38 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x2, 0x80}], 0x0) 20:14:38 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x8000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:14:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x74, 0x4022812, r0, 0x0) [ 1382.213611] Unsupported ieee802154 address type: 0 [ 1382.214312] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1382.216373] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000005394bb6 20:14:38 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x8, 0x80}], 0x0) [ 1382.240377] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1382.241931] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000005394bb6 20:14:38 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff77, 0x0, 0x8800000) 20:14:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7a, 0x4022812, r0, 0x0) 20:14:38 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x11000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:14:38 executing program 7: recvmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000), 0x6e, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/234, 0xea}, {&(0x7f00000001c0)=""/99, 0x63}], 0x2, &(0x7f0000000280)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}, 0x12001) write$P9_RSETATTR(r0, &(0x7f00000003c0)={0x7, 0x1b, 0x2}, 0x7) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendto(r3, &(0x7f0000000500)="b1b56b7a8d4891e6f0e7d212d7d83cd54d4b854fff90f55218c5e4a9889cb59ff6421137d875af5a0166c6004aec68b7c0f6986d7f936f85c9d1aec92ee88fb8a078110f894563914f7905a20f347cffa44a213352a84c3e02de33264e89af0218b06c", 0x63, 0x8001, 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) faccessat(r2, &(0x7f0000000400)='./file0\x00', 0x16) 20:14:38 executing program 1: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x2, 0x80}], 0x0) [ 1382.336161] FAULT_INJECTION: forcing a failure. [ 1382.336161] name failslab, interval 1, probability 0, space 0, times 0 [ 1382.339467] CPU: 0 PID: 8323 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1382.340884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1382.342586] Call Trace: [ 1382.343125] dump_stack+0x107/0x167 [ 1382.343886] should_fail.cold+0x5/0xa [ 1382.344663] ? create_object.isra.0+0x3a/0xa20 [ 1382.345941] ? create_object.isra.0+0x3a/0xa20 [ 1382.347040] should_failslab+0x5/0x20 [ 1382.347965] kmem_cache_alloc+0x5b/0x310 [ 1382.348942] create_object.isra.0+0x3a/0xa20 [ 1382.349995] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1382.351208] __kmalloc+0x16e/0x390 [ 1382.352078] ext4_find_extent+0xa3d/0xd30 [ 1382.353121] ext4_ext_map_blocks+0x1c8/0x5850 [ 1382.354214] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1382.355489] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1382.356665] ? ext4_ext_release+0x10/0x10 [ 1382.357506] ? ext4_map_blocks+0x5e0/0x1940 [ 1382.358383] ? lock_release+0x680/0x680 [ 1382.359188] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1382.360153] ? lock_downgrade+0x6d0/0x6d0 [ 1382.361080] ? down_write+0xe0/0x160 [ 1382.361835] ? down_write_killable+0x180/0x180 [ 1382.362783] ext4_map_blocks+0x652/0x1940 [ 1382.363644] ? kmem_cache_alloc+0x2a6/0x310 [ 1382.364632] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1382.365546] ? jbd2__journal_start+0xf3/0x7e0 [ 1382.366457] ? __ext4_journal_start_sb+0x214/0x390 [ 1382.367468] ? __ext4_journal_start_sb+0x1db/0x390 [ 1382.368466] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1382.369545] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1382.370546] ? down_write_killable+0x180/0x180 [ 1382.371501] ext4_fallocate+0x415/0x3860 [ 1382.372333] ? __x64_sys_fallocate+0xcf/0x140 [ 1382.373263] ? lock_release+0x680/0x680 [ 1382.374077] ? ext4_ext_truncate+0x250/0x250 [ 1382.375001] ? ext4_ext_truncate+0x250/0x250 [ 1382.375940] vfs_fallocate+0x48f/0xd00 [ 1382.376763] __x64_sys_fallocate+0xcf/0x140 [ 1382.377649] do_syscall_64+0x33/0x40 [ 1382.378415] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1382.379498] RIP: 0033:0x7f6d60f48b19 [ 1382.380284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1382.384038] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1382.385641] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1382.387092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1382.388576] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1382.390049] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1382.391519] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:14:38 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x3e00, 0x80}], 0x0) 20:14:38 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, 0x4022812, r0, 0x0) 20:14:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa, 0x4022812, r0, 0x0) 20:14:38 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1c000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1394.861411] FAULT_INJECTION: forcing a failure. [ 1394.861411] name failslab, interval 1, probability 0, space 0, times 0 [ 1394.862807] CPU: 0 PID: 8376 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1394.863592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1394.864476] Call Trace: [ 1394.864780] dump_stack+0x107/0x167 [ 1394.865206] should_fail.cold+0x5/0xa [ 1394.865645] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1394.866182] should_failslab+0x5/0x20 [ 1394.866623] kmem_cache_alloc+0x5b/0x310 [ 1394.867097] ext4_mb_new_blocks+0x64d/0x45b0 [ 1394.867611] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1394.868205] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1394.868782] ? trace_hardirqs_on+0x5b/0x180 [ 1394.869270] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1394.869881] ? ext4_discard_preallocations+0xd80/0xd80 [ 1394.870480] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1394.871026] ext4_ext_map_blocks+0x1d68/0x5850 [ 1394.871552] ? mark_held_locks+0x9e/0xe0 [ 1394.872037] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1394.872635] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1394.873234] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1394.873739] ? trace_hardirqs_on+0x5b/0x180 [ 1394.874406] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1394.874913] ? finish_task_switch+0x126/0x5d0 [ 1394.875418] ? ext4_ext_release+0x10/0x10 [ 1394.875903] ? ext4_map_blocks+0x5e0/0x1940 [ 1394.876400] ? lock_release+0x680/0x680 [ 1394.876850] ? io_schedule_timeout+0x140/0x140 [ 1394.877370] ? lock_downgrade+0x6d0/0x6d0 [ 1394.877857] ? down_write_killable+0x180/0x180 [ 1394.878393] ext4_map_blocks+0x652/0x1940 [ 1394.878884] ? kmem_cache_alloc+0x2a6/0x310 [ 1394.879388] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1394.879896] ? jbd2__journal_start+0xf3/0x7e0 [ 1394.880408] ? __ext4_journal_start_sb+0x214/0x390 [ 1394.880940] ? __ext4_journal_start_sb+0x1db/0x390 [ 1394.881505] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1394.882106] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1394.882665] ? down_write_killable+0x180/0x180 [ 1394.883195] ext4_fallocate+0x415/0x3860 [ 1394.883673] ? __x64_sys_fallocate+0xcf/0x140 [ 1394.884191] ? lock_release+0x680/0x680 [ 1394.884638] ? ext4_ext_truncate+0x250/0x250 [ 1394.885148] ? ext4_ext_truncate+0x250/0x250 [ 1394.885651] vfs_fallocate+0x48f/0xd00 [ 1394.886042] Unsupported ieee802154 address type: 0 [ 1394.886101] __x64_sys_fallocate+0xcf/0x140 [ 1394.886115] do_syscall_64+0x33/0x40 [ 1394.886135] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1394.888569] RIP: 0033:0x7f6d60f48b19 [ 1394.888986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1394.891068] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1394.891960] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1394.892768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1394.893586] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1394.894358] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1394.895169] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:14:51 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10, 0x4022812, r0, 0x0) 20:14:51 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xff7f, 0x0, 0x8800000) 20:14:51 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x80000, 0x80}], 0x0) 20:14:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300, 0x4022812, r0, 0x0) 20:14:51 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x27000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:14:51 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @short={0x2, 0x0, 0xaaa3}}, 0x41) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000000, 0x8010, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x40010002}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r7 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) r10 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r13 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r11, r12, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r13, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x40010002}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r10, 0x0) r14 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r10, 0x8000000) syz_io_uring_submit(r14, r12, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) syz_io_uring_submit(r8, 0x0, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x2007, @fd=r0, 0x6, 0x6b1, 0x12b0451, 0x2, 0x1, {0x1}}, 0x2) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x10, 0x1, {0x0, r9}}, 0x6) 20:14:51 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) r3 = openat(r2, &(0x7f0000000600)='./file0\x00', 0x2, 0x2) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) bind$packet(r2, &(0x7f00000006c0)={0x11, 0x5, 0x0, 0x1, 0x81, 0x6, @local}, 0x14) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000740)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) connect$802154_dgram(r4, &(0x7f0000000780)={0x24, @none={0x0, 0xffff}}, 0x14) connect$802154_dgram(r0, &(0x7f00000004c0)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000700)="8590e1cfaf3a5aafd994cf3d820b49caf58554fe1664", 0x1}], 0x1}}], 0x47, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) accept4(r5, &(0x7f0000000540)=@rc={0x1f, @none}, &(0x7f00000005c0)=0x80, 0x80800) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) readv(r0, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/224, 0xe0}, {&(0x7f00000001c0)=""/247, 0xf7}, {&(0x7f00000002c0)=""/147, 0x93}, {&(0x7f0000000380)=""/136, 0x88}], 0x4) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000500)=0x7) connect$802154_dgram(r0, &(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000480)={0x2, 0xce27}) 20:14:51 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 53) [ 1394.914874] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1394.916481] ref_ctr increment failed for inode: 0x3e6e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000ec2c4d14 20:14:51 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x40000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1394.971772] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1394.972702] ref_ctr increment failed for inode: 0x3e6e offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000ec2c4d14 20:15:05 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 54) 20:15:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x500, 0x4022812, r0, 0x0) 20:15:05 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x48800, 0x0, 0x8800000) 20:15:05 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x3e0000, 0x80}], 0x0) 20:15:05 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x7ffffff7, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:05 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x30, 0x4022812, r0, 0x0) 20:15:05 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @short={0x2, 0x3, 0xaaa2}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x10, 0xffffffffffffffff, 0x8000000) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x50, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_NOP={0x0, 0x3}, 0x100) 20:15:05 executing program 1: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) r3 = openat(r2, &(0x7f0000000600)='./file0\x00', 0x2, 0x2) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) bind$packet(r2, &(0x7f00000006c0)={0x11, 0x5, 0x0, 0x1, 0x81, 0x6, @local}, 0x14) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000740)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) connect$802154_dgram(r4, &(0x7f0000000780)={0x24, @none={0x0, 0xffff}}, 0x14) connect$802154_dgram(r0, &(0x7f00000004c0)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000700)="8590e1cfaf3a5aafd994cf3d820b49caf58554fe1664", 0x1}], 0x1}}], 0x47, 0x8080) sendmsg$inet6(r5, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) accept4(r5, &(0x7f0000000540)=@rc={0x1f, @none}, &(0x7f00000005c0)=0x80, 0x80800) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) readv(r0, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/224, 0xe0}, {&(0x7f00000001c0)=""/247, 0xf7}, {&(0x7f00000002c0)=""/147, 0x93}, {&(0x7f0000000380)=""/136, 0x88}], 0x4) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000500)=0x7) connect$802154_dgram(r0, &(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14) ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000480)={0x2, 0xce27}) [ 1408.685348] Unsupported ieee802154 address type: 0 20:15:05 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x49000, 0x0, 0x8800000) [ 1408.700005] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1408.701598] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000002b926cc9 [ 1408.711481] Unsupported ieee802154 address type: 0 20:15:05 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xeffdffff, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:05 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x1000000, 0x80}], 0x0) [ 1408.731438] Unsupported ieee802154 address type: 0 [ 1408.759366] FAULT_INJECTION: forcing a failure. [ 1408.759366] name failslab, interval 1, probability 0, space 0, times 0 [ 1408.762341] CPU: 0 PID: 8413 Comm: syz-executor.0 Not tainted 5.10.204 #1 20:15:05 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x71da}}, './file0\x00'}) bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long={0x3, 0xffff, {0x5555555555550201}}}, 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) [ 1408.763745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1408.765511] Call Trace: [ 1408.766040] dump_stack+0x107/0x167 [ 1408.766776] should_fail.cold+0x5/0xa [ 1408.767545] ? create_object.isra.0+0x3a/0xa20 [ 1408.768475] should_failslab+0x5/0x20 [ 1408.769241] kmem_cache_alloc+0x5b/0x310 [ 1408.770060] create_object.isra.0+0x3a/0xa20 [ 1408.770937] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1408.771962] kmem_cache_alloc+0x159/0x310 [ 1408.772794] ext4_mb_new_blocks+0x64d/0x45b0 [ 1408.773686] ? trace_hardirqs_on+0x5b/0x180 [ 1408.774550] ? ext4_cache_extents+0x148/0x2d0 [ 1408.775459] ? ext4_discard_preallocations+0xd80/0xd80 [ 1408.776524] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1408.777516] ext4_ext_map_blocks+0x1d68/0x5850 [ 1408.778451] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1408.779514] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1408.780573] ? ext4_ext_release+0x10/0x10 [ 1408.781431] ? ext4_map_blocks+0x5e0/0x1940 [ 1408.782293] ? lock_release+0x680/0x680 [ 1408.783102] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1408.784068] ? lock_downgrade+0x6d0/0x6d0 [ 1408.784928] ? down_write_killable+0x180/0x180 [ 1408.785850] ext4_map_blocks+0x652/0x1940 [ 1408.786689] ? kmem_cache_alloc+0x2a6/0x310 [ 1408.787577] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1408.788507] ? jbd2__journal_start+0xf3/0x7e0 [ 1408.789428] ? __ext4_journal_start_sb+0x214/0x390 [ 1408.790413] ? __ext4_journal_start_sb+0x1db/0x390 [ 1408.791427] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1408.792513] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1408.793502] ? down_write_killable+0x180/0x180 [ 1408.794436] ext4_fallocate+0x415/0x3860 20:15:05 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x49800, 0x0, 0x8800000) [ 1408.795261] ? __x64_sys_fallocate+0xcf/0x140 [ 1408.796295] ? lock_release+0x680/0x680 [ 1408.797104] ? ext4_ext_truncate+0x250/0x250 [ 1408.797998] ? ext4_ext_truncate+0x250/0x250 [ 1408.799053] vfs_fallocate+0x48f/0xd00 [ 1408.799878] __x64_sys_fallocate+0xcf/0x140 [ 1408.800919] do_syscall_64+0x33/0x40 [ 1408.801672] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1408.802893] RIP: 0033:0x7f6d60f48b19 [ 1408.803648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1408.807231] Unsupported ieee802154 address type: 0 [ 1408.808050] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1408.808071] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1408.808082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1408.808098] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1408.814403] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1408.815835] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:15:05 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xf5ffffff, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:05 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x2000000, 0x80}], 0x0) [ 1408.852405] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1408.853325] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000002b926cc9 20:15:05 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xf7ffff7f, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1422.785061] FAULT_INJECTION: forcing a failure. [ 1422.785061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1422.785425] FAULT_INJECTION: forcing a failure. [ 1422.785425] name failslab, interval 1, probability 0, space 0, times 0 [ 1422.787488] CPU: 0 PID: 8467 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1422.790117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1422.791801] Call Trace: [ 1422.792355] dump_stack+0x107/0x167 [ 1422.793098] should_fail.cold+0x5/0xa [ 1422.793871] _copy_from_user+0x2e/0x1b0 [ 1422.794693] __copy_msghdr_from_user+0x91/0x4b0 [ 1422.795659] ? __ia32_sys_shutdown+0x80/0x80 [ 1422.796590] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.797684] ? __lock_acquire+0x1657/0x5b00 [ 1422.798588] ? __lock_acquire+0xbb1/0x5b00 [ 1422.799481] sendmsg_copy_msghdr+0xa1/0x160 [ 1422.800399] ? do_recvmmsg+0x6d0/0x6d0 [ 1422.801210] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.802301] ? lock_downgrade+0x6d0/0x6d0 [ 1422.803161] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.804252] ___sys_sendmsg+0xc6/0x170 [ 1422.805051] ? sendmsg_copy_msghdr+0x160/0x160 [ 1422.805978] ? __fget_files+0x26d/0x4c0 [ 1422.806786] ? lock_downgrade+0x6d0/0x6d0 [ 1422.807630] ? find_held_lock+0x2c/0x110 [ 1422.808471] ? __fget_files+0x296/0x4c0 [ 1422.809289] ? __fget_light+0xea/0x290 [ 1422.810089] __sys_sendmsg+0xe5/0x1b0 [ 1422.810862] ? __sys_sendmsg_sock+0x40/0x40 [ 1422.811737] ? rcu_read_lock_any_held+0x75/0xa0 [ 1422.812700] ? fput_many+0x2f/0x1a0 [ 1422.813458] ? ksys_write+0x1a9/0x260 [ 1422.814233] ? __ia32_sys_read+0xb0/0xb0 [ 1422.815064] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1422.816146] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1422.817194] ? trace_hardirqs_on+0x5b/0x180 [ 1422.818080] do_syscall_64+0x33/0x40 [ 1422.818836] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1422.819876] RIP: 0033:0x7f7353576b19 [ 1422.820648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1422.824405] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1422.825959] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1422.827406] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1422.828863] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1422.830302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1422.831743] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1422.833214] CPU: 1 PID: 8468 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1422.834067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1422.834950] Call Trace: [ 1422.835253] dump_stack+0x107/0x167 [ 1422.835671] should_fail.cold+0x5/0xa [ 1422.836127] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1422.836666] should_failslab+0x5/0x20 [ 1422.837094] kmem_cache_alloc+0x5b/0x310 20:15:19 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x3e0000000000, 0x80}], 0x0) 20:15:19 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4a000, 0x0, 0x8800000) 20:15:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 1) 20:15:19 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 55) 20:15:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x600, 0x4022812, r0, 0x0) 20:15:19 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000200)=""/176, 0xb0}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000000100)=""/56, 0x38}, {&(0x7f00000002c0)=""/165, 0xa5}], 0x4, &(0x7f00000003c0)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x40}, 0x2041) r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r3, &(0x7f0000000140)=0x9, 0xdb7b) r5 = perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x24}, r2, 0xffffffffffffffff, r3, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r6, r5, &(0x7f0000000140)=0x9, 0xdb7b) connect$802154_dgram(r6, &(0x7f0000000000)={0x24, @long={0x3, 0x3}}, 0x14) [ 1422.837810] ext4_mb_new_blocks+0x209f/0x45b0 [ 1422.838408] ? trace_hardirqs_on+0x5b/0x180 [ 1422.838886] ? ext4_cache_extents+0x148/0x2d0 [ 1422.839373] ? ext4_discard_preallocations+0xd80/0xd80 [ 1422.839966] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1422.840378] Unsupported ieee802154 address type: 0 [ 1422.840491] ext4_ext_map_blocks+0x1d68/0x5850 [ 1422.841985] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.842578] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 20:15:19 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfc000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1422.843158] ? ext4_ext_release+0x10/0x10 [ 1422.843725] ? ext4_map_blocks+0x5e0/0x1940 [ 1422.844215] ? lock_release+0x680/0x680 [ 1422.844648] ? ext4_es_lookup_extent+0x48d/0xaa0 20:15:19 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300, 0x4022812, r0, 0x0) [ 1422.845153] ? lock_downgrade+0x6d0/0x6d0 [ 1422.845733] ? down_write_killable+0x180/0x180 [ 1422.846223] ext4_map_blocks+0x652/0x1940 [ 1422.846672] ? kmem_cache_alloc+0x2a6/0x310 [ 1422.847151] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1422.847653] ? jbd2__journal_start+0xf3/0x7e0 [ 1422.848167] ? __ext4_journal_start_sb+0x214/0x390 [ 1422.848693] ? __ext4_journal_start_sb+0x1db/0x390 [ 1422.849220] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1422.849816] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1422.850359] ? down_write_killable+0x180/0x180 [ 1422.850860] ext4_fallocate+0x415/0x3860 [ 1422.851297] ? __x64_sys_fallocate+0xcf/0x140 [ 1422.851778] ? lock_release+0x680/0x680 [ 1422.852243] ? ext4_ext_truncate+0x250/0x250 [ 1422.852741] ? ext4_ext_truncate+0x250/0x250 [ 1422.853221] vfs_fallocate+0x48f/0xd00 [ 1422.853645] __x64_sys_fallocate+0xcf/0x140 [ 1422.854142] do_syscall_64+0x33/0x40 [ 1422.854566] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1422.855153] RIP: 0033:0x7f6d60f48b19 [ 1422.855569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1422.857641] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1422.858473] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1422.859282] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1422.860096] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1422.860874] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1422.861649] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1422.872939] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1422.874647] ref_ctr increment failed for inode: 0x3e83 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000caaf8e3a [ 1422.892130] perf: interrupt took too long (4188 > 3987), lowering kernel.perf_event_max_sample_rate to 47000 [ 1422.915311] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1422.916970] ref_ctr increment failed for inode: 0x3e83 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000caaf8e3a 20:15:19 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x8000000000000, 0x80}], 0x0) 20:15:19 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4a800, 0x0, 0x8800000) 20:15:19 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfe800000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1422.957320] Unsupported ieee802154 address type: 0 20:15:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 2) 20:15:19 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 56) [ 1422.985050] FAULT_INJECTION: forcing a failure. [ 1422.985050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1422.986408] CPU: 1 PID: 8492 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1422.987146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1422.988057] Call Trace: [ 1422.988344] dump_stack+0x107/0x167 [ 1422.988750] should_fail.cold+0x5/0xa [ 1422.989183] _copy_from_user+0x2e/0x1b0 [ 1422.989616] iovec_from_user+0x141/0x400 [ 1422.990067] __import_iovec+0x67/0x590 [ 1422.990497] ? __ia32_sys_shutdown+0x80/0x80 [ 1422.990988] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.991551] import_iovec+0x83/0xb0 [ 1422.991960] sendmsg_copy_msghdr+0x131/0x160 [ 1422.992429] ? do_recvmmsg+0x6d0/0x6d0 [ 1422.992851] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.993420] ? lock_downgrade+0x6d0/0x6d0 [ 1422.993875] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1422.994452] ___sys_sendmsg+0xc6/0x170 [ 1422.994879] ? sendmsg_copy_msghdr+0x160/0x160 [ 1422.995389] ? __fget_files+0x26d/0x4c0 [ 1422.995830] ? lock_downgrade+0x6d0/0x6d0 [ 1422.996297] ? find_held_lock+0x2c/0x110 [ 1422.996747] ? __fget_files+0x296/0x4c0 [ 1422.997191] ? __fget_light+0xea/0x290 [ 1422.997630] __sys_sendmsg+0xe5/0x1b0 [ 1422.998029] ? __sys_sendmsg_sock+0x40/0x40 [ 1422.998485] ? rcu_read_lock_any_held+0x75/0xa0 [ 1422.998984] ? fput_many+0x2f/0x1a0 [ 1422.999369] ? ksys_write+0x1a9/0x260 [ 1422.999774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1423.000337] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1423.000876] ? trace_hardirqs_on+0x5b/0x180 [ 1423.001336] do_syscall_64+0x33/0x40 [ 1423.001725] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1423.002267] RIP: 0033:0x7f7353576b19 [ 1423.002665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1423.004612] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1423.005427] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1423.006199] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1423.006954] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1423.007709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1423.008463] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1423.025369] FAULT_INJECTION: forcing a failure. [ 1423.025369] name failslab, interval 1, probability 0, space 0, times 0 [ 1423.027946] CPU: 0 PID: 8494 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1423.029285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1423.030916] Call Trace: [ 1423.031441] dump_stack+0x107/0x167 [ 1423.032191] should_fail.cold+0x5/0xa [ 1423.032975] ? create_object.isra.0+0x3a/0xa20 [ 1423.033874] should_failslab+0x5/0x20 [ 1423.034660] kmem_cache_alloc+0x5b/0x310 [ 1423.035464] create_object.isra.0+0x3a/0xa20 [ 1423.036375] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1423.037381] kmem_cache_alloc+0x159/0x310 [ 1423.038261] ext4_mb_new_blocks+0x209f/0x45b0 [ 1423.039168] ? trace_hardirqs_on+0x5b/0x180 [ 1423.040084] ? ext4_cache_extents+0x148/0x2d0 [ 1423.040984] ? ext4_discard_preallocations+0xd80/0xd80 [ 1423.042057] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1423.043032] ext4_ext_map_blocks+0x1d68/0x5850 [ 1423.044006] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1423.045069] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1423.046138] ? ext4_ext_release+0x10/0x10 [ 1423.046990] ? ext4_map_blocks+0x5e0/0x1940 [ 1423.047871] ? lock_release+0x680/0x680 [ 1423.048688] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1423.049649] ? lock_downgrade+0x6d0/0x6d0 [ 1423.050516] ? down_write_killable+0x180/0x180 [ 1423.051465] ext4_map_blocks+0x652/0x1940 [ 1423.052321] ? kmem_cache_alloc+0x2a6/0x310 [ 1423.053207] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1423.054124] ? jbd2__journal_start+0xf3/0x7e0 [ 1423.055042] ? __ext4_journal_start_sb+0x214/0x390 [ 1423.056065] ? __ext4_journal_start_sb+0x1db/0x390 [ 1423.057078] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1423.058164] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1423.059150] ? down_write_killable+0x180/0x180 [ 1423.060095] ext4_fallocate+0x415/0x3860 [ 1423.060917] ? __x64_sys_fallocate+0xcf/0x140 [ 1423.061835] ? lock_release+0x680/0x680 [ 1423.062643] ? ext4_ext_truncate+0x250/0x250 [ 1423.063543] ? ext4_ext_truncate+0x250/0x250 [ 1423.064447] vfs_fallocate+0x48f/0xd00 [ 1423.065249] __x64_sys_fallocate+0xcf/0x140 [ 1423.066152] do_syscall_64+0x33/0x40 [ 1423.066898] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1423.068003] RIP: 0033:0x7f6d60f48b19 [ 1423.068750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1423.072642] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1423.074146] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1423.075632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1423.077104] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1423.078573] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1423.080059] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:15:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x700, 0x4022812, r0, 0x0) 20:15:19 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa00, 0x4022812, r0, 0x0) 20:15:19 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfec00000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:19 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @none={0x0, 0x1}}, 0x2c) socket$inet(0x2, 0x6, 0x1) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000040)) [ 1423.094487] Unsupported ieee802154 address type: 0 20:15:19 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x100000000000000, 0x80}], 0x0) 20:15:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 3) [ 1423.121936] FAULT_INJECTION: forcing a failure. [ 1423.121936] name failslab, interval 1, probability 0, space 0, times 0 [ 1423.123238] CPU: 1 PID: 8509 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1423.123970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1423.124848] Call Trace: [ 1423.125131] dump_stack+0x107/0x167 [ 1423.125522] should_fail.cold+0x5/0xa [ 1423.125922] ? __alloc_skb+0x6d/0x5b0 [ 1423.126338] should_failslab+0x5/0x20 [ 1423.126742] kmem_cache_alloc_node+0x55/0x330 [ 1423.127213] __alloc_skb+0x6d/0x5b0 [ 1423.127603] netlink_sendmsg+0x998/0xdf0 [ 1423.128036] ? netlink_unicast+0x7f0/0x7f0 [ 1423.128491] ? netlink_unicast+0x7f0/0x7f0 [ 1423.128936] __sock_sendmsg+0x154/0x190 [ 1423.129352] ____sys_sendmsg+0x70d/0x870 [ 1423.129780] ? sock_write_iter+0x3d0/0x3d0 [ 1423.130223] ? do_recvmmsg+0x6d0/0x6d0 [ 1423.130658] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1423.131216] ___sys_sendmsg+0xf3/0x170 [ 1423.131626] ? sendmsg_copy_msghdr+0x160/0x160 [ 1423.132129] ? lock_downgrade+0x6d0/0x6d0 [ 1423.132571] ? finish_task_switch+0x126/0x5d0 [ 1423.133044] ? lock_downgrade+0x6d0/0x6d0 [ 1423.133488] ? __fget_files+0x296/0x4c0 [ 1423.133912] ? __fget_light+0xea/0x290 [ 1423.134323] __sys_sendmsg+0xe5/0x1b0 [ 1423.134723] ? __sys_sendmsg_sock+0x40/0x40 [ 1423.135183] ? io_schedule_timeout+0x140/0x140 [ 1423.135671] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1423.136231] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1423.136789] ? trace_hardirqs_on+0x5b/0x180 [ 1423.137246] do_syscall_64+0x33/0x40 [ 1423.137638] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1423.138173] RIP: 0033:0x7f7353576b19 [ 1423.138577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1423.140497] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1423.141294] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1423.142062] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1423.142825] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1423.143580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1423.144371] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1423.164325] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1423.165216] ref_ctr increment failed for inode: 0x3e83 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000d43e9cb1 20:15:19 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4b000, 0x0, 0x8800000) [ 1423.178947] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1423.179787] ref_ctr increment failed for inode: 0x3e83 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000d43e9cb1 20:15:19 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x200000000000000, 0x80}], 0x0) [ 1423.208359] Unsupported ieee802154 address type: 0 20:15:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 4) [ 1423.227446] FAULT_INJECTION: forcing a failure. [ 1423.227446] name failslab, interval 1, probability 0, space 0, times 0 [ 1423.228690] CPU: 1 PID: 8519 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1423.229405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1423.230300] Call Trace: [ 1423.230582] dump_stack+0x107/0x167 [ 1423.230966] should_fail.cold+0x5/0xa [ 1423.231374] ? create_object.isra.0+0x3a/0xa20 [ 1423.231869] should_failslab+0x5/0x20 [ 1423.232274] kmem_cache_alloc+0x5b/0x310 [ 1423.232702] create_object.isra.0+0x3a/0xa20 [ 1423.233174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1423.233706] kmem_cache_alloc_node+0x169/0x330 [ 1423.234191] __alloc_skb+0x6d/0x5b0 [ 1423.234576] netlink_sendmsg+0x998/0xdf0 [ 1423.235020] ? netlink_unicast+0x7f0/0x7f0 [ 1423.235484] ? netlink_unicast+0x7f0/0x7f0 [ 1423.235943] __sock_sendmsg+0x154/0x190 [ 1423.236372] ____sys_sendmsg+0x70d/0x870 [ 1423.236794] ? sock_write_iter+0x3d0/0x3d0 [ 1423.237236] ? do_recvmmsg+0x6d0/0x6d0 [ 1423.237676] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1423.238249] ? lock_downgrade+0x6d0/0x6d0 [ 1423.238706] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1423.239282] ___sys_sendmsg+0xf3/0x170 [ 1423.239708] ? sendmsg_copy_msghdr+0x160/0x160 [ 1423.240214] ? lock_downgrade+0x6d0/0x6d0 [ 1423.240664] ? find_held_lock+0x2c/0x110 [ 1423.241112] ? __fget_files+0x296/0x4c0 [ 1423.241550] ? __fget_light+0xea/0x290 [ 1423.241974] __sys_sendmsg+0xe5/0x1b0 [ 1423.242388] ? __sys_sendmsg_sock+0x40/0x40 [ 1423.242850] ? rcu_read_lock_any_held+0x75/0xa0 [ 1423.243370] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1423.243957] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1423.244506] ? trace_hardirqs_on+0x5b/0x180 [ 1423.244981] do_syscall_64+0x33/0x40 [ 1423.245388] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1423.245941] RIP: 0033:0x7f7353576b19 [ 1423.246347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1423.248352] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1423.249174] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1423.249945] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1423.250721] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1423.251479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1423.252270] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 20:15:32 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4b800, 0x0, 0x8800000) 20:15:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 5) [ 1435.983668] Unsupported ieee802154 address type: 0 [ 1435.984941] FAULT_INJECTION: forcing a failure. [ 1435.984941] name failslab, interval 1, probability 0, space 0, times 0 [ 1435.985917] Unsupported ieee802154 address type: 0 20:15:32 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xff000000, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:32 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa00, 0x4022812, r0, 0x0) 20:15:32 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 57) 20:15:32 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000), &(0x7f00000000c0)={0x0, 0xfb, 0xec, 0x4, 0x7f, "f4e81ea29520337c7ae6002dce75512c", "b5a822c4b543cb747e324ad7a0d4b4af1a16e95ab4a8b68877b8c82e76a102eb175d292de25702e0a42af2429b93b7ea1d5744984ce9408f767c7bd16f484f50704a1b65c8712c21be65602d9e2913a980e469503761110c9b6fc74472048a3d48dad57ba2058680afd223db63f98551986f39603981a06b2d97028b87aa719c664d3f661968ff0cf4f71473da0c1c31b8a258337c72762b608d1785b0dbc68dffadd3e2df57d94430bf1e8066a13c1e7aa7cc652eee0bfc207c5988a4685056d3a417fdc7b8441236c3075e0e4a9a48c016de42525e10"}, 0xec, 0x2) 20:15:32 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x8000000000000000, 0x80}], 0x0) [ 1435.986269] CPU: 1 PID: 8541 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1435.988164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1435.989064] Call Trace: [ 1435.989359] dump_stack+0x107/0x167 [ 1435.989758] should_fail.cold+0x5/0xa [ 1435.990176] should_failslab+0x5/0x20 [ 1435.990590] __kmalloc_node_track_caller+0x74/0x3b0 [ 1435.991124] ? netlink_sendmsg+0x998/0xdf0 [ 1435.991578] __alloc_skb+0xb1/0x5b0 [ 1435.991969] netlink_sendmsg+0x998/0xdf0 [ 1435.992415] ? netlink_unicast+0x7f0/0x7f0 [ 1435.992881] ? netlink_unicast+0x7f0/0x7f0 [ 1435.993339] __sock_sendmsg+0x154/0x190 [ 1435.993770] ____sys_sendmsg+0x70d/0x870 [ 1435.994205] ? sock_write_iter+0x3d0/0x3d0 [ 1435.994662] ? do_recvmmsg+0x6d0/0x6d0 [ 1435.995087] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1435.995649] ? lock_downgrade+0x6d0/0x6d0 [ 1435.996112] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1435.996686] ___sys_sendmsg+0xf3/0x170 [ 1435.997115] ? sendmsg_copy_msghdr+0x160/0x160 [ 1435.997601] ? lock_downgrade+0x6d0/0x6d0 [ 1435.998045] ? find_held_lock+0x2c/0x110 [ 1435.998488] ? __fget_files+0x296/0x4c0 [ 1435.998916] ? __fget_light+0xea/0x290 [ 1435.999340] __sys_sendmsg+0xe5/0x1b0 [ 1435.999750] ? __sys_sendmsg_sock+0x40/0x40 [ 1436.000226] ? rcu_read_lock_any_held+0x75/0xa0 [ 1436.000734] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1436.001297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1436.001866] ? trace_hardirqs_on+0x5b/0x180 [ 1436.002335] do_syscall_64+0x33/0x40 [ 1436.002739] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1436.003287] RIP: 0033:0x7f7353576b19 [ 1436.003693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1436.005686] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1436.006541] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1436.007340] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1436.008161] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1436.008953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1436.009759] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1436.016422] FAULT_INJECTION: forcing a failure. [ 1436.016422] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.017734] CPU: 1 PID: 8543 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1436.018498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1436.019390] Call Trace: [ 1436.019692] dump_stack+0x107/0x167 [ 1436.020118] should_fail.cold+0x5/0xa [ 1436.020560] ? jbd2__journal_start+0x190/0x7e0 [ 1436.021071] should_failslab+0x5/0x20 [ 1436.021478] kmem_cache_alloc+0x5b/0x310 [ 1436.021937] jbd2__journal_start+0x190/0x7e0 [ 1436.022446] __ext4_journal_start_sb+0x214/0x390 [ 1436.022980] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1436.023574] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1436.024128] ? down_write_killable+0x180/0x180 [ 1436.024641] ext4_fallocate+0x415/0x3860 [ 1436.025098] ? __x64_sys_fallocate+0xcf/0x140 [ 1436.025601] ? lock_release+0x680/0x680 [ 1436.026049] ? ext4_ext_truncate+0x250/0x250 [ 1436.026534] ? ext4_ext_truncate+0x250/0x250 [ 1436.027021] vfs_fallocate+0x48f/0xd00 [ 1436.027478] __x64_sys_fallocate+0xcf/0x140 [ 1436.027960] do_syscall_64+0x33/0x40 [ 1436.028373] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1436.028954] RIP: 0033:0x7f6d60f48b19 [ 1436.029347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1436.031387] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1436.032191] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1436.032991] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1436.033796] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1436.034584] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1436.035385] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1436.040631] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1436.042296] ref_ctr increment failed for inode: 0x3e87 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b8270de1 20:15:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2fff, 0x4022812, r0, 0x0) 20:15:32 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfffffdef, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:32 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x2) 20:15:32 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) bind$802154_dgram(r2, &(0x7f0000000000)={0x24, @none={0x0, 0xffff}}, 0x14) [ 1436.079564] Unsupported ieee802154 address type: 0 [ 1436.083359] Unsupported ieee802154 address type: 0 [ 1436.087262] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1436.088974] ref_ctr increment failed for inode: 0x3e87 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b8270de1 20:15:45 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 58) 20:15:45 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xffffff7f, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:45 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x8) 20:15:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0x4022812, r0, 0x0) 20:15:45 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4c000, 0x0, 0x8800000) 20:15:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xc00, 0x4022812, r0, 0x0) 20:15:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 6) 20:15:45 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000040), 0x14) [ 1448.666830] Unsupported ieee802154 address type: 0 [ 1448.675311] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1448.676987] ref_ctr increment failed for inode: 0x3e87 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000000a05cc80 [ 1448.682141] FAULT_INJECTION: forcing a failure. [ 1448.682141] name failslab, interval 1, probability 0, space 0, times 0 [ 1448.684491] CPU: 1 PID: 8582 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1448.685894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.686549] FAULT_INJECTION: forcing a failure. [ 1448.686549] name failslab, interval 1, probability 0, space 0, times 0 [ 1448.687598] Call Trace: [ 1448.687623] dump_stack+0x107/0x167 [ 1448.687656] should_fail.cold+0x5/0xa [ 1448.691942] ? create_object.isra.0+0x3a/0xa20 [ 1448.692908] should_failslab+0x5/0x20 [ 1448.693690] kmem_cache_alloc+0x5b/0x310 [ 1448.694540] create_object.isra.0+0x3a/0xa20 [ 1448.695453] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1448.696512] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1448.697553] ? netlink_sendmsg+0x998/0xdf0 [ 1448.698440] __alloc_skb+0xb1/0x5b0 [ 1448.699201] netlink_sendmsg+0x998/0xdf0 [ 1448.700042] ? netlink_unicast+0x7f0/0x7f0 [ 1448.700931] ? netlink_unicast+0x7f0/0x7f0 [ 1448.701815] __sock_sendmsg+0x154/0x190 [ 1448.702628] ____sys_sendmsg+0x70d/0x870 [ 1448.703473] ? sock_write_iter+0x3d0/0x3d0 [ 1448.704368] ? do_recvmmsg+0x6d0/0x6d0 [ 1448.705176] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1448.706262] ? lock_downgrade+0x6d0/0x6d0 [ 1448.707128] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1448.708221] ___sys_sendmsg+0xf3/0x170 [ 1448.709027] ? sendmsg_copy_msghdr+0x160/0x160 [ 1448.709994] ? lock_downgrade+0x6d0/0x6d0 [ 1448.710849] ? find_held_lock+0x2c/0x110 [ 1448.711696] ? __fget_files+0x296/0x4c0 [ 1448.712556] ? __fget_light+0xea/0x290 [ 1448.713370] __sys_sendmsg+0xe5/0x1b0 [ 1448.714163] ? __sys_sendmsg_sock+0x40/0x40 [ 1448.715061] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.716046] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.717137] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.718202] ? trace_hardirqs_on+0x5b/0x180 [ 1448.719087] do_syscall_64+0x33/0x40 [ 1448.719849] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1448.720912] RIP: 0033:0x7f7353576b19 [ 1448.721675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.725457] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1448.727024] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1448.728486] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1448.729950] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1448.731410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1448.732878] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1448.734373] CPU: 0 PID: 8569 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1448.735772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.737462] Call Trace: [ 1448.738021] dump_stack+0x107/0x167 [ 1448.738786] should_fail.cold+0x5/0xa [ 1448.739590] ? jbd2__journal_start+0x190/0x7e0 [ 1448.740563] should_failslab+0x5/0x20 [ 1448.741342] kmem_cache_alloc+0x5b/0x310 [ 1448.742303] jbd2__journal_start+0x190/0x7e0 [ 1448.743296] __ext4_journal_start_sb+0x214/0x390 [ 1448.744277] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1448.745352] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1448.746339] ? down_write_killable+0x180/0x180 [ 1448.747280] ext4_fallocate+0x415/0x3860 [ 1448.748109] ? __x64_sys_fallocate+0xcf/0x140 [ 1448.749027] ? lock_release+0x680/0x680 [ 1448.749835] ? ext4_ext_truncate+0x250/0x250 [ 1448.750727] ? ext4_ext_truncate+0x250/0x250 [ 1448.751606] vfs_fallocate+0x48f/0xd00 [ 1448.752416] __x64_sys_fallocate+0xcf/0x140 [ 1448.753295] do_syscall_64+0x33/0x40 [ 1448.754045] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1448.755080] RIP: 0033:0x7f6d60f48b19 [ 1448.755839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.759596] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1448.761138] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1448.762570] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1448.764002] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1448.765459] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.766901] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:15:45 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xfffffff5, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1448.795952] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1448.797628] ref_ctr increment failed for inode: 0x3e87 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000000a05cc80 20:15:45 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x3e00) 20:15:45 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000000)={0x3, 0x0, 0xe}) 20:15:45 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4c800, 0x0, 0x8800000) [ 1448.861579] Unsupported ieee802154 address type: 0 20:15:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3f00, 0x4022812, r0, 0x0) 20:15:45 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0xffffffff, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1448.882790] Unsupported ieee802154 address type: 0 20:15:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf23, 0x4022812, r0, 0x0) 20:15:45 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x80000) 20:15:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf24, 0x4022812, r0, 0x0) 20:15:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1461.710471] FAULT_INJECTION: forcing a failure. [ 1461.710471] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1461.711872] CPU: 0 PID: 8623 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1461.712671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1461.713578] Call Trace: [ 1461.713891] dump_stack+0x107/0x167 [ 1461.714320] should_fail.cold+0x5/0xa [ 1461.714769] _copy_from_iter_full+0x201/0xa60 [ 1461.715290] ? __virt_addr_valid+0x128/0x350 [ 1461.715805] ? __check_object_size+0x319/0x440 [ 1461.716337] netlink_sendmsg+0x879/0xdf0 [ 1461.716821] ? netlink_unicast+0x7f0/0x7f0 [ 1461.717326] ? netlink_unicast+0x7f0/0x7f0 [ 1461.717825] __sock_sendmsg+0x154/0x190 [ 1461.718288] ____sys_sendmsg+0x70d/0x870 [ 1461.718766] ? sock_write_iter+0x3d0/0x3d0 [ 1461.719263] ? do_recvmmsg+0x6d0/0x6d0 [ 1461.719725] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1461.720357] ? lock_downgrade+0x6d0/0x6d0 [ 1461.720841] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1461.721431] ___sys_sendmsg+0xf3/0x170 [ 1461.721892] ? sendmsg_copy_msghdr+0x160/0x160 [ 1461.722428] ? lock_downgrade+0x6d0/0x6d0 [ 1461.722916] ? find_held_lock+0x2c/0x110 [ 1461.723402] ? __fget_files+0x296/0x4c0 [ 1461.723872] ? __fget_light+0xea/0x290 [ 1461.724327] __sys_sendmsg+0xe5/0x1b0 [ 1461.724784] ? __sys_sendmsg_sock+0x40/0x40 [ 1461.725289] ? rcu_read_lock_any_held+0x75/0xa0 [ 1461.725837] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1461.726445] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1461.726855] FAULT_INJECTION: forcing a failure. [ 1461.726855] name failslab, interval 1, probability 0, space 0, times 0 [ 1461.727048] ? trace_hardirqs_on+0x5b/0x180 [ 1461.727062] do_syscall_64+0x33/0x40 [ 1461.727081] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1461.730838] RIP: 0033:0x7f7353576b19 [ 1461.731243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1461.733355] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1461.734234] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1461.735048] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1461.735832] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1461.736670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1461.737448] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1461.738299] CPU: 1 PID: 8628 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1461.739692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1461.741371] Call Trace: [ 1461.741903] dump_stack+0x107/0x167 [ 1461.742644] should_fail.cold+0x5/0xa [ 1461.743413] ? create_object.isra.0+0x3a/0xa20 [ 1461.744354] should_failslab+0x5/0x20 [ 1461.745122] kmem_cache_alloc+0x5b/0x310 20:15:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000, 0x4022812, r0, 0x0) 20:15:58 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 59) 20:15:58 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) lseek(0xffffffffffffffff, 0x52d0, 0x4) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) connect$802154_dgram(r2, &(0x7f0000000000), 0x14) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:15:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 7) 20:15:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4d000, 0x0, 0x8800000) 20:15:58 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x3e0000) [ 1461.745946] create_object.isra.0+0x3a/0xa20 [ 1461.747001] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1461.748053] kmem_cache_alloc+0x159/0x310 [ 1461.748933] jbd2__journal_start+0x190/0x7e0 [ 1461.749849] __ext4_journal_start_sb+0x214/0x390 [ 1461.750829] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1461.751915] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1461.752913] ? down_write_killable+0x180/0x180 [ 1461.753860] ext4_fallocate+0x415/0x3860 [ 1461.754687] ? __x64_sys_fallocate+0xcf/0x140 [ 1461.755618] ? lock_release+0x680/0x680 [ 1461.756448] ? ext4_ext_truncate+0x250/0x250 [ 1461.757362] ? ext4_ext_truncate+0x250/0x250 [ 1461.758259] vfs_fallocate+0x48f/0xd00 [ 1461.759053] __x64_sys_fallocate+0xcf/0x140 [ 1461.759941] do_syscall_64+0x33/0x40 [ 1461.760699] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1461.761748] RIP: 0033:0x7f6d60f48b19 [ 1461.762511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1461.766292] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1461.767850] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1461.769328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1461.770795] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1461.772254] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1461.773729] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1461.789098] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1461.790709] ref_ctr increment failed for inode: 0x3e7c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000eb81c398 [ 1461.796893] Unsupported ieee802154 address type: 0 20:15:58 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x1000000) 20:15:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 8) [ 1461.814965] Unsupported ieee802154 address type: 0 [ 1461.816981] FAULT_INJECTION: forcing a failure. [ 1461.816981] name failslab, interval 1, probability 0, space 0, times 0 [ 1461.819520] CPU: 1 PID: 8636 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1461.820943] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1461.822652] Call Trace: [ 1461.823200] dump_stack+0x107/0x167 [ 1461.823961] should_fail.cold+0x5/0xa [ 1461.824779] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1461.826126] should_failslab+0x5/0x20 [ 1461.826910] __kmalloc+0x72/0x390 [ 1461.827647] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1461.828981] genl_family_rcv_msg_doit+0xda/0x330 [ 1461.829968] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1461.831329] ? cap_capable+0x1d6/0x240 [ 1461.832148] ? security_capable+0x95/0xc0 [ 1461.833019] ? ns_capable+0xe2/0x110 [ 1461.833799] genl_rcv_msg+0x33c/0x5a0 [ 1461.834590] ? genl_get_cmd+0x480/0x480 [ 1461.835412] ? handle_nan_filter+0x680/0x680 [ 1461.836328] ? lock_release+0x680/0x680 [ 1461.837169] ? netlink_deliver_tap+0xf4/0xcd0 [ 1461.838101] netlink_rcv_skb+0x14b/0x430 [ 1461.838941] ? genl_get_cmd+0x480/0x480 [ 1461.839773] ? netlink_ack+0xab0/0xab0 [ 1461.840595] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1461.841541] ? is_vmalloc_addr+0x7b/0xb0 [ 1461.842374] genl_rcv+0x24/0x40 [ 1461.843059] netlink_unicast+0x549/0x7f0 [ 1461.843911] ? netlink_attachskb+0x870/0x870 [ 1461.844827] ? __virt_addr_valid+0x128/0x350 [ 1461.845746] netlink_sendmsg+0x90f/0xdf0 [ 1461.846578] ? netlink_unicast+0x7f0/0x7f0 [ 1461.847463] ? netlink_unicast+0x7f0/0x7f0 [ 1461.848324] __sock_sendmsg+0x154/0x190 [ 1461.849161] ____sys_sendmsg+0x70d/0x870 [ 1461.849996] ? sock_write_iter+0x3d0/0x3d0 [ 1461.850870] ? do_recvmmsg+0x6d0/0x6d0 [ 1461.851680] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1461.852769] ? lock_downgrade+0x6d0/0x6d0 [ 1461.853625] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1461.854708] ___sys_sendmsg+0xf3/0x170 [ 1461.855512] ? sendmsg_copy_msghdr+0x160/0x160 [ 1461.856483] ? lock_downgrade+0x6d0/0x6d0 [ 1461.857349] ? find_held_lock+0x2c/0x110 [ 1461.858204] ? __fget_files+0x296/0x4c0 [ 1461.859036] ? __fget_light+0xea/0x290 [ 1461.859848] __sys_sendmsg+0xe5/0x1b0 [ 1461.860652] ? __sys_sendmsg_sock+0x40/0x40 [ 1461.861544] ? rcu_read_lock_any_held+0x75/0xa0 [ 1461.862505] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1461.863574] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1461.864623] ? trace_hardirqs_on+0x5b/0x180 [ 1461.865511] do_syscall_64+0x33/0x40 [ 1461.866280] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1461.867324] RIP: 0033:0x7f7353576b19 [ 1461.868084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1461.871872] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1461.873431] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1461.874914] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1461.876411] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1461.877886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1461.879389] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 20:15:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4d800, 0x0, 0x8800000) 20:15:58 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x2000000) 20:15:58 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 60) [ 1461.917399] FAULT_INJECTION: forcing a failure. [ 1461.917399] name failslab, interval 1, probability 0, space 0, times 0 [ 1461.918721] CPU: 0 PID: 8646 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1461.919460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1461.920358] Call Trace: [ 1461.920656] dump_stack+0x107/0x167 [ 1461.921048] should_fail.cold+0x5/0xa [ 1461.921477] ? create_object.isra.0+0x3a/0xa20 [ 1461.921994] should_failslab+0x5/0x20 [ 1461.922417] kmem_cache_alloc+0x5b/0x310 [ 1461.922880] ? lock_chain_count+0x20/0x20 [ 1461.923346] create_object.isra.0+0x3a/0xa20 [ 1461.923834] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1461.924411] __kmalloc+0x16e/0x390 [ 1461.924814] ext4_find_extent+0xa3d/0xd30 [ 1461.925280] ext4_ext_map_blocks+0x1c8/0x5850 [ 1461.925791] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1461.926384] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1461.926978] ? ext4_ext_release+0x10/0x10 [ 1461.927441] ? ext4_map_blocks+0x5e0/0x1940 [ 1461.927926] ? lock_release+0x680/0x680 [ 1461.928368] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1461.928895] ? lock_downgrade+0x6d0/0x6d0 [ 1461.929354] ? down_write+0xe0/0x160 [ 1461.929751] ? down_write_killable+0x180/0x180 [ 1461.930241] ext4_map_blocks+0x652/0x1940 [ 1461.930686] ? kmem_cache_alloc+0x2a6/0x310 [ 1461.931147] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1461.931643] ? jbd2__journal_start+0xf3/0x7e0 [ 1461.932120] ? __ext4_journal_start_sb+0x214/0x390 [ 1461.932656] ? __ext4_journal_start_sb+0x1db/0x390 [ 1461.933180] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1461.933749] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1461.934289] ext4_fallocate+0x415/0x3860 [ 1461.934732] ? __x64_sys_fallocate+0xcf/0x140 [ 1461.935210] ? lock_release+0x680/0x680 [ 1461.935662] ? ext4_ext_truncate+0x250/0x250 [ 1461.936175] ? ext4_ext_truncate+0x250/0x250 [ 1461.936677] vfs_fallocate+0x48f/0xd00 [ 1461.937126] __x64_sys_fallocate+0xcf/0x140 [ 1461.937600] do_syscall_64+0x33/0x40 [ 1461.938017] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1461.938589] RIP: 0033:0x7f6d60f48b19 [ 1461.939003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1461.941023] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1461.941869] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1461.942664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1461.943474] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1461.944288] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1461.945094] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:15:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:15:58 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x3e0000000000) 20:15:58 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @short}, 0x14) r1 = eventfd(0x2b83) write$binfmt_elf64(r1, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x40, 0x3, 0x66, 0x7, 0x0, 0x3, 0x0, 0x338, 0x40, 0x2cc, 0xa88, 0x80, 0x38, 0x2, 0x4, 0x5, 0x2}, [{0x5, 0x5, 0x5d, 0x8, 0x44, 0x7, 0x1}, {0x5, 0xfffff7d7, 0x3da0dbc7, 0x3e, 0x6c, 0x7, 0x7, 0xffffffffffffffe1}], "2bda610ac4c7169f4a32d665e9f92869f68c36cd7c4f7f56b54f780ae204e2898efb135b1e4215b7c5431c37df6d3a02126f0d6df9a471283b827b36ab36caeac1aa2163d6df755187d1245934c3d18ddd7a84298e99b183e90e2de8c8dc7f511aa1f92de463caa3406171dc1a7c30469ec2bfa0626cfe884be08de87bacaf651f0eef1c1afdb757e4456408210bd4b93820dc48ee4c7de954c09331177876a6d37991c500e717fcad8bd2ea7de64d3c70d6a5b1465fe157ccf4df32b71fe8f63480263be9", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xb75) [ 1461.981992] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1461.982844] ref_ctr increment failed for inode: 0x3e7c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000eb81c398 20:15:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1020, 0x4022812, r0, 0x0) 20:15:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 9) [ 1462.063425] FAULT_INJECTION: forcing a failure. [ 1462.063425] name failslab, interval 1, probability 0, space 0, times 0 [ 1462.064757] CPU: 0 PID: 8662 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1462.065492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.066401] Call Trace: [ 1462.066705] dump_stack+0x107/0x167 [ 1462.067125] should_fail.cold+0x5/0xa [ 1462.067553] ? create_object.isra.0+0x3a/0xa20 [ 1462.068056] should_failslab+0x5/0x20 [ 1462.068481] kmem_cache_alloc+0x5b/0x310 [ 1462.068933] create_object.isra.0+0x3a/0xa20 [ 1462.069415] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1462.069974] __kmalloc+0x16e/0x390 [ 1462.070362] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 1462.071041] genl_family_rcv_msg_doit+0xda/0x330 [ 1462.071550] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1462.072264] ? cap_capable+0x1d6/0x240 [ 1462.072705] ? security_capable+0x95/0xc0 [ 1462.073180] ? ns_capable+0xe2/0x110 [ 1462.073602] genl_rcv_msg+0x33c/0x5a0 [ 1462.074044] ? genl_get_cmd+0x480/0x480 [ 1462.074492] ? handle_nan_filter+0x680/0x680 [ 1462.075002] ? lock_release+0x680/0x680 [ 1462.075449] ? netlink_deliver_tap+0xf4/0xcd0 [ 1462.075964] netlink_rcv_skb+0x14b/0x430 [ 1462.076424] ? genl_get_cmd+0x480/0x480 [ 1462.076866] ? netlink_ack+0xab0/0xab0 [ 1462.077304] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1462.077818] ? is_vmalloc_addr+0x7b/0xb0 [ 1462.078279] genl_rcv+0x24/0x40 [ 1462.078652] netlink_unicast+0x549/0x7f0 [ 1462.079117] ? netlink_attachskb+0x870/0x870 [ 1462.079614] ? __virt_addr_valid+0x128/0x350 [ 1462.080112] netlink_sendmsg+0x90f/0xdf0 [ 1462.080584] ? netlink_unicast+0x7f0/0x7f0 [ 1462.081065] ? netlink_unicast+0x7f0/0x7f0 [ 1462.081546] __sock_sendmsg+0x154/0x190 [ 1462.081999] ____sys_sendmsg+0x70d/0x870 [ 1462.082457] ? sock_write_iter+0x3d0/0x3d0 [ 1462.082932] ? do_recvmmsg+0x6d0/0x6d0 [ 1462.083378] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1462.083971] ? lock_downgrade+0x6d0/0x6d0 [ 1462.084444] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1462.085035] ___sys_sendmsg+0xf3/0x170 [ 1462.085475] ? sendmsg_copy_msghdr+0x160/0x160 [ 1462.085999] ? lock_downgrade+0x6d0/0x6d0 [ 1462.086465] ? find_held_lock+0x2c/0x110 [ 1462.086923] ? __fget_files+0x296/0x4c0 [ 1462.087380] ? __fget_light+0xea/0x290 [ 1462.087829] __sys_sendmsg+0xe5/0x1b0 [ 1462.088268] ? __sys_sendmsg_sock+0x40/0x40 [ 1462.088737] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.089243] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1462.089825] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.090375] ? trace_hardirqs_on+0x5b/0x180 [ 1462.090839] do_syscall_64+0x33/0x40 [ 1462.091240] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1462.091790] RIP: 0033:0x7f7353576b19 [ 1462.092195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.094201] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1462.095058] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1462.095857] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1462.096664] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1462.097460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1462.098250] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1462.111170] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1462.112831] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bbc56572 [ 1462.129319] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1462.130906] ref_ctr increment failed for inode: 0x3e6f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bbc56572 20:16:10 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x3}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000, 0x4022812, r0, 0x0) 20:16:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 10) 20:16:10 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4e000, 0x0, 0x8800000) 20:16:10 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x8000000000000) 20:16:10 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff0f, 0x4022812, r0, 0x0) 20:16:10 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r3, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r3, 0x891c, &(0x7f00000000c0)={'ip_vti0\x00', {0x2, 0x0, @initdev}}) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x1, 0x0, 0x1, 0x80000000}, {0x3, 0x40, 0xe2, 0x80}, {0xfffa, 0x84, 0x0, 0x5974bd73}, {0x80, 0x6, 0x7, 0x7}, {0x5, 0x3, 0x6, 0x5ff3}, {0xfff8, 0x0, 0xff, 0x6}, {0x9, 0x20, 0x0, 0x4}, {0x7, 0x7, 0xa9, 0x8}]}, 0x10) 20:16:10 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 61) [ 1474.253957] Unsupported ieee802154 address type: 0 20:16:10 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x100000000000000) [ 1474.270909] Unsupported ieee802154 address type: 0 [ 1474.282449] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1474.284093] ref_ctr increment failed for inode: 0x3e7c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000008df97dc0 [ 1474.290263] FAULT_INJECTION: forcing a failure. [ 1474.290263] name failslab, interval 1, probability 0, space 0, times 0 [ 1474.292854] CPU: 0 PID: 8684 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1474.294234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1474.295894] Call Trace: [ 1474.296426] dump_stack+0x107/0x167 [ 1474.297177] should_fail.cold+0x5/0xa [ 1474.297961] ? ieee80211_check_fast_xmit+0x6c3/0x12a0 [ 1474.299020] should_failslab+0x5/0x20 [ 1474.299790] __kmalloc_track_caller+0x79/0x370 20:16:10 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x14) [ 1474.300785] ? ieee80211_check_fast_xmit+0xa5b/0x12a0 [ 1474.301824] kmemdup+0x23/0x50 [ 1474.302470] ieee80211_check_fast_xmit+0xa5b/0x12a0 [ 1474.303457] ? ieee80211_lookup_ra_sta+0x6a0/0x6a0 [ 1474.304450] ? __cfg80211_wdev_from_attrs+0x371/0x530 [ 1474.305505] ieee80211_check_fast_xmit_iface+0x173/0x320 [ 1474.306590] ieee80211_set_noack_map+0x48/0x60 [ 1474.307500] nl80211_set_noack_map+0x1e6/0x4d0 [ 1474.308446] genl_family_rcv_msg_doit+0x22d/0x330 [ 1474.309451] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1474.310795] ? cap_capable+0x1d6/0x240 [ 1474.311609] ? ns_capable+0xe2/0x110 [ 1474.312367] genl_rcv_msg+0x33c/0x5a0 [ 1474.313164] ? genl_get_cmd+0x480/0x480 [ 1474.313975] ? handle_nan_filter+0x680/0x680 [ 1474.314856] ? lock_release+0x680/0x680 [ 1474.315673] ? netlink_deliver_tap+0xf4/0xcd0 [ 1474.316580] netlink_rcv_skb+0x14b/0x430 [ 1474.317410] ? genl_get_cmd+0x480/0x480 [ 1474.318206] ? netlink_ack+0xab0/0xab0 [ 1474.319000] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1474.319916] ? is_vmalloc_addr+0x7b/0xb0 [ 1474.320761] genl_rcv+0x24/0x40 [ 1474.321423] netlink_unicast+0x549/0x7f0 [ 1474.322259] ? netlink_attachskb+0x870/0x870 [ 1474.323137] ? __virt_addr_valid+0x128/0x350 [ 1474.324046] netlink_sendmsg+0x90f/0xdf0 [ 1474.324874] ? netlink_unicast+0x7f0/0x7f0 [ 1474.325746] ? netlink_unicast+0x7f0/0x7f0 [ 1474.326592] __sock_sendmsg+0x154/0x190 [ 1474.327387] ____sys_sendmsg+0x70d/0x870 [ 1474.328205] ? sock_write_iter+0x3d0/0x3d0 [ 1474.329064] ? do_recvmmsg+0x6d0/0x6d0 [ 1474.329845] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1474.330896] ? lock_downgrade+0x6d0/0x6d0 [ 1474.331739] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1474.332811] ___sys_sendmsg+0xf3/0x170 [ 1474.333602] ? sendmsg_copy_msghdr+0x160/0x160 [ 1474.334526] ? lock_downgrade+0x6d0/0x6d0 [ 1474.335375] ? find_held_lock+0x2c/0x110 [ 1474.336202] ? __fget_files+0x296/0x4c0 [ 1474.337021] ? __fget_light+0xea/0x290 [ 1474.337809] __sys_sendmsg+0xe5/0x1b0 [ 1474.338570] ? __sys_sendmsg_sock+0x40/0x40 [ 1474.339442] ? rcu_read_lock_any_held+0x75/0xa0 [ 1474.340394] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1474.341474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1474.342498] ? trace_hardirqs_on+0x5b/0x180 [ 1474.343360] do_syscall_64+0x33/0x40 [ 1474.344105] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1474.345134] RIP: 0033:0x7f7353576b19 [ 1474.345885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:16:10 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x200000000000000) 20:16:10 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @long}, 0xffffffffffffff04) [ 1474.349626] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1474.351234] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1474.352677] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1474.354133] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1474.355558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1474.357010] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 20:16:10 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x8000000000000000) [ 1474.378453] FAULT_INJECTION: forcing a failure. [ 1474.378453] name failslab, interval 1, probability 0, space 0, times 0 [ 1474.381233] CPU: 0 PID: 8677 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1474.382615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1474.384298] Call Trace: [ 1474.384835] dump_stack+0x107/0x167 [ 1474.385579] should_fail.cold+0x5/0xa [ 1474.386359] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1474.387292] should_failslab+0x5/0x20 [ 1474.388062] kmem_cache_alloc+0x5b/0x310 [ 1474.388895] ext4_mb_new_blocks+0x64d/0x45b0 [ 1474.389805] ? trace_hardirqs_on+0x5b/0x180 [ 1474.390684] ? ext4_cache_extents+0x148/0x2d0 [ 1474.391601] ? ext4_discard_preallocations+0xd80/0xd80 [ 1474.392676] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1474.393648] ext4_ext_map_blocks+0x1d68/0x5850 [ 1474.394592] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1474.395666] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1474.396764] ? ext4_ext_release+0x10/0x10 [ 1474.397606] ? ext4_map_blocks+0x5e0/0x1940 [ 1474.398479] ? lock_release+0x680/0x680 [ 1474.399287] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1474.400240] ? lock_downgrade+0x6d0/0x6d0 [ 1474.401110] ? down_write_killable+0x180/0x180 [ 1474.402044] ext4_map_blocks+0x652/0x1940 20:16:10 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4e800, 0x0, 0x8800000) [ 1474.402890] ? kmem_cache_alloc+0x2a6/0x310 [ 1474.403886] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1474.404811] ? jbd2__journal_start+0xf3/0x7e0 [ 1474.405722] ? __ext4_journal_start_sb+0x214/0x390 [ 1474.406708] ? __ext4_journal_start_sb+0x1db/0x390 [ 1474.407702] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1474.408779] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1474.409761] ? down_write_killable+0x180/0x180 [ 1474.410694] ext4_fallocate+0x415/0x3860 [ 1474.411512] ? __x64_sys_fallocate+0xcf/0x140 [ 1474.412419] ? lock_release+0x680/0x680 [ 1474.413245] ? ext4_ext_truncate+0x250/0x250 [ 1474.414139] ? ext4_ext_truncate+0x250/0x250 [ 1474.415030] vfs_fallocate+0x48f/0xd00 [ 1474.415821] __x64_sys_fallocate+0xcf/0x140 [ 1474.416705] do_syscall_64+0x33/0x40 [ 1474.417453] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1474.418488] RIP: 0033:0x7f6d60f48b19 [ 1474.419241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1474.422960] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1474.424503] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1474.425945] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1474.427391] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1474.428821] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1474.430256] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:16:10 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1474.464174] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1474.465125] ref_ctr increment failed for inode: 0x3e7c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000008df97dc0 20:16:23 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 62) 20:16:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 11) 20:16:23 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff2f, 0x4022812, r0, 0x0) 20:16:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x4}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:23 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r0, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$KDSETMODE(r1, 0x4b3a, 0x0) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000540)={0x0, 0x0, 0x3, 0x0, '\x00', [{0xffffffff, 0x4, 0x8, 0x1000, 0x1ff, 0x101}, {0x3, 0xfffeffff, 0x6, 0x1, 0x0, 0x9}], ['\x00', '\x00', '\x00']}) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x2, 0x8, &(0x7f0000000400)=[{&(0x7f0000000000)="312d8298", 0x4, 0x7, 0x10001}, {&(0x7f0000000040)="118c2deac6fdee11a2acc9ea19dc09085ef6f123a9e51d8a8e1058716706c68a3f146f238aa0cbac41726bc12364a3110a9920eeb3e3ca02e3967c55f42c56acb512a9b3230f9f07c3646e9976bfab7a0d32398603a866095764a48fefd68ab5f676d19b", 0x64, 0x4, 0x200}, {&(0x7f00000000c0)="98bc1ceb920c7396832918ca0fdc3315cee49f4f829574788a7404691dabdbdb36344ea2634b0e2903d904893ccfba0219e5016375785572ac06dcc7483dc26d6951ff361cdeeba5833f84a8c0d881f935be76c28db1af39ffe879f671bc2e5903eba4867d9350f2e972dd073d1ce2b37332bac048df2a99a219f68b9de986f6f2c2a629df5c1601864fe6d2691ba52d9c777181507e7da15d9166566f5817bc3a7edcb079", 0xa5, 0x3, 0x80000000}, {&(0x7f0000000180)="59ca916060d0be50de3a3642e769342ed222ce9e4a635a9f8a1d4ddd6da986af3d484a8499add3c0c5f073005a7787bec4eb0a687eef66215cd0ca6005d9e31efa", 0x41, 0x3, 0x5}, {&(0x7f0000000280)="e655b6da5c8a13a4a982938cf6fb0e4978ae95cd91a0c7f4ef978ff4c1ba5d97dd48e403f0d5706c6a02f9f9852733921ec9b206478071089c55cba1c7ddee2214782116d27bd0ff92353bb0846926224cdeae7102c2761f70da9540141f9f6aa21483470823f20e5a3aad5de5b113ca77aa98ac12767854591a61932c70b7864e3ad58084d94fd888dcc2250b749335fa4195f422f5cd9923ee3c9e1482fdecb97066fa33ae3e5832b2f9ef97149c9db6f9265fcd807e90a9dbe43b", 0xbc, 0x1, 0xf261}, {&(0x7f0000000200)="a0c4f8dff697366d6541c47bdefc961bb93bcc227e0bef", 0x17, 0x1, 0x65fbc4d1}, {&(0x7f0000000340)="e6a47184c1da1b0a2bb9503b38d9d2bffc", 0x11, 0x2, 0x3}, {&(0x7f0000000380)="ff3dbdfcfbc4da64fc56bfe51cee55af5a9e1f5411cf8481746acad88614e5e9ed110a4deff29827ff75772fce71927045d2ad9f50023909efe67b5f00f95b909d67a4188b4abc248564c84fe546e7fca968afc8e49aca5c95cee9b6f304ae0a24fcd27f71f923978ab96687e5af", 0x6e, 0x0, 0xfb}], 0x80000) 20:16:23 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4f000, 0x0, 0x8800000) 20:16:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2010, 0x4022812, r0, 0x0) 20:16:23 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) getsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) [ 1486.972338] FAULT_INJECTION: forcing a failure. [ 1486.972338] name failslab, interval 1, probability 0, space 0, times 0 [ 1486.973642] CPU: 0 PID: 8715 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1486.974384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1486.975296] Call Trace: [ 1486.975597] dump_stack+0x107/0x167 [ 1486.976003] should_fail.cold+0x5/0xa [ 1486.976420] ? ieee80211_check_fast_xmit+0x6c3/0x12a0 [ 1486.977009] should_failslab+0x5/0x20 [ 1486.977430] __kmalloc_track_caller+0x79/0x370 [ 1486.977958] ? ieee80211_check_fast_xmit+0xa5b/0x12a0 [ 1486.978527] kmemdup+0x23/0x50 [ 1486.978887] ieee80211_check_fast_xmit+0xa5b/0x12a0 [ 1486.979435] ? ieee80211_lookup_ra_sta+0x6a0/0x6a0 [ 1486.979991] ? __cfg80211_wdev_from_attrs+0x371/0x530 [ 1486.980566] ieee80211_check_fast_xmit_iface+0x173/0x320 [ 1486.981179] ieee80211_set_noack_map+0x48/0x60 [ 1486.981693] nl80211_set_noack_map+0x1e6/0x4d0 [ 1486.982205] genl_family_rcv_msg_doit+0x22d/0x330 [ 1486.982756] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1486.983505] ? cap_capable+0x1d6/0x240 [ 1486.983963] ? ns_capable+0xe2/0x110 [ 1486.984392] genl_rcv_msg+0x33c/0x5a0 [ 1486.984840] ? genl_get_cmd+0x480/0x480 [ 1486.985297] ? handle_nan_filter+0x680/0x680 [ 1486.985805] ? lock_release+0x680/0x680 [ 1486.986261] ? netlink_deliver_tap+0xf4/0xcd0 [ 1486.986780] netlink_rcv_skb+0x14b/0x430 [ 1486.987239] ? genl_get_cmd+0x480/0x480 [ 1486.987693] ? netlink_ack+0xab0/0xab0 [ 1486.988145] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1486.988676] ? is_vmalloc_addr+0x7b/0xb0 [ 1486.989143] genl_rcv+0x24/0x40 [ 1486.989510] netlink_unicast+0x549/0x7f0 [ 1486.989972] ? netlink_attachskb+0x870/0x870 [ 1486.990455] ? __virt_addr_valid+0x128/0x350 [ 1486.990964] netlink_sendmsg+0x90f/0xdf0 [ 1486.991434] ? netlink_unicast+0x7f0/0x7f0 [ 1486.991918] ? netlink_unicast+0x7f0/0x7f0 [ 1486.992399] __sock_sendmsg+0x154/0x190 [ 1486.992862] ____sys_sendmsg+0x70d/0x870 [ 1486.993328] ? sock_write_iter+0x3d0/0x3d0 [ 1486.993809] ? do_recvmmsg+0x6d0/0x6d0 [ 1486.994248] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1486.994846] ? lock_downgrade+0x6d0/0x6d0 [ 1486.995324] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1486.995923] ___sys_sendmsg+0xf3/0x170 [ 1486.996352] Unsupported ieee802154 address type: 0 [ 1486.996930] ? sendmsg_copy_msghdr+0x160/0x160 [ 1486.997465] ? lock_downgrade+0x6d0/0x6d0 [ 1486.997940] ? find_held_lock+0x2c/0x110 [ 1486.998417] ? __fget_files+0x296/0x4c0 [ 1486.998878] ? __fget_light+0xea/0x290 [ 1486.999324] __sys_sendmsg+0xe5/0x1b0 [ 1486.999763] ? __sys_sendmsg_sock+0x40/0x40 [ 1487.000256] ? rcu_read_lock_any_held+0x75/0xa0 [ 1487.000815] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1487.001410] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1487.001988] ? trace_hardirqs_on+0x5b/0x180 [ 1487.002511] do_syscall_64+0x33/0x40 [ 1487.002944] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1487.003542] RIP: 0033:0x7f7353576b19 [ 1487.003969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1487.006068] RSP: 002b:00007f7350aec188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1487.006930] RAX: ffffffffffffffda RBX: 00007f7353689f60 RCX: 00007f7353576b19 [ 1487.007779] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 1487.008576] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1487.009408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1487.010193] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1487.014227] FAULT_INJECTION: forcing a failure. [ 1487.014227] name failslab, interval 1, probability 0, space 0, times 0 [ 1487.016726] CPU: 1 PID: 8727 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1487.018118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1487.019792] Call Trace: [ 1487.020328] dump_stack+0x107/0x167 [ 1487.021096] should_fail.cold+0x5/0xa [ 1487.021873] ? create_object.isra.0+0x3a/0xa20 [ 1487.022802] should_failslab+0x5/0x20 [ 1487.023571] kmem_cache_alloc+0x5b/0x310 [ 1487.024399] create_object.isra.0+0x3a/0xa20 [ 1487.025295] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1487.026328] kmem_cache_alloc+0x159/0x310 [ 1487.027174] ext4_mb_new_blocks+0x64d/0x45b0 [ 1487.028076] ? trace_hardirqs_on+0x5b/0x180 [ 1487.028978] ? ext4_cache_extents+0x148/0x2d0 [ 1487.029887] ? ext4_discard_preallocations+0xd80/0xd80 [ 1487.030946] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1487.031921] ext4_ext_map_blocks+0x1d68/0x5850 [ 1487.032872] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1487.033944] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1487.035017] ? ext4_ext_release+0x10/0x10 [ 1487.035871] ? ext4_map_blocks+0x5e0/0x1940 [ 1487.036754] ? lock_release+0x680/0x680 [ 1487.037566] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1487.038528] ? lock_downgrade+0x6d0/0x6d0 [ 1487.039404] ? down_write_killable+0x180/0x180 [ 1487.040358] ext4_map_blocks+0x652/0x1940 [ 1487.041219] ? kmem_cache_alloc+0x2a6/0x310 [ 1487.042089] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1487.043002] ? jbd2__journal_start+0xf3/0x7e0 [ 1487.043914] ? __ext4_journal_start_sb+0x214/0x390 [ 1487.044907] ? __ext4_journal_start_sb+0x1db/0x390 [ 1487.045913] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1487.046978] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1487.047954] ? down_write_killable+0x180/0x180 [ 1487.048924] ext4_fallocate+0x415/0x3860 [ 1487.049742] ? __x64_sys_fallocate+0xcf/0x140 [ 1487.050651] ? lock_release+0x680/0x680 [ 1487.051459] ? ext4_ext_truncate+0x250/0x250 [ 1487.052351] ? ext4_ext_truncate+0x250/0x250 [ 1487.053249] vfs_fallocate+0x48f/0xd00 [ 1487.054047] __x64_sys_fallocate+0xcf/0x140 [ 1487.054925] do_syscall_64+0x33/0x40 [ 1487.055680] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1487.056733] RIP: 0033:0x7f6d60f48b19 [ 1487.057486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1487.061236] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1487.062794] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1487.064235] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1487.065701] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1487.067140] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1487.068577] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1487.080743] Unsupported ieee802154 address type: 0 20:16:23 executing program 5: kexec_load(0x10, 0x0, &(0x7f0000000240), 0x0) kexec_load(0x4, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000000)="6b02e91f02d056d76743598f15e37ed1bc4d69408f00483961a0d76d7a8410fb9b2e859fa390fcaac72dd8ad58131ee5cd4c794f5fed8636b2f367a7bcdda2f5464950c243374d1222e7049de3694f1781ac1db738f2a70ef48bbe4b0c1b28821ac29c4c91c4b13eaaecdc1995918eeec9b52d7812588224e652423ab310d4e37827025d044de9", 0x87, 0x7fff, 0x7}], 0x140000) 20:16:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) (fail_nth: 12) [ 1487.085768] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1487.087705] ref_ctr increment failed for inode: 0x3e82 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b028549 20:16:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x5}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1487.103042] FAULT_INJECTION: forcing a failure. [ 1487.103042] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1487.105555] CPU: 1 PID: 8741 Comm: syz-executor.1 Not tainted 5.10.204 #1 [ 1487.106923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1487.108574] Call Trace: [ 1487.109116] dump_stack+0x107/0x167 [ 1487.109849] should_fail.cold+0x5/0xa [ 1487.110623] _copy_to_user+0x2e/0x180 [ 1487.111404] simple_read_from_buffer+0xcc/0x160 [ 1487.112352] proc_fail_nth_read+0x198/0x230 [ 1487.113244] ? proc_sessionid_read+0x230/0x230 [ 1487.114174] ? security_file_permission+0x24e/0x570 [ 1487.115179] ? perf_trace_initcall_start+0x101/0x380 [ 1487.116211] ? proc_sessionid_read+0x230/0x230 [ 1487.117154] vfs_read+0x228/0x580 [ 1487.117859] ksys_read+0x12d/0x260 [ 1487.118574] ? vfs_write+0xa70/0xa70 [ 1487.119335] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1487.120396] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1487.121451] do_syscall_64+0x33/0x40 [ 1487.122202] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1487.123230] RIP: 0033:0x7f735352969c [ 1487.123981] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1487.127690] RSP: 002b:00007f7350aec170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1487.129247] RAX: ffffffffffffffda RBX: 0000000000000024 RCX: 00007f735352969c [ 1487.130682] RDX: 000000000000000f RSI: 00007f7350aec1e0 RDI: 0000000000000005 [ 1487.132113] RBP: 00007f7350aec1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1487.133558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1487.134988] R13: 00007ffd229336af R14: 00007f7350aec300 R15: 0000000000022000 [ 1487.150918] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1487.152535] ref_ctr increment failed for inode: 0x3e82 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b028549 20:16:23 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0xd3, 0x8, &(0x7f00000003c0)=[{&(0x7f0000000000), 0x0, 0x5, 0x8}, {&(0x7f0000000040)="5478c8dfb3928888b7ddb54a4eff5b144d98ab5fe54a7a467791643740ba4b422d004f3de18e7e78cb95fd1469f893cfaedf", 0x32, 0x3, 0x1}, {&(0x7f0000000080)="03053127afe719f7dd505ddb5ff6fcf4da70c394805b0cf342718113827c4c16c16663dc596600b364ae098bb9b3dc3dd13e9c1db94e234b814b8177ff3544d1cf2fd5ce96b49b04fa4ea8ecfb598dd5d1433ef349c06d94512fe3ab7a5bdad8", 0x60}, {&(0x7f0000000100)="c44be5c5dfc3e7eb306308371e81016d844e5092566ef24db1a28f3ef12f7e0e955be23e897097a997c925946704bc00d1ce93823f8b28c96f8aa8bfe71abcfde55e875fdc2dba1058cb83192105dcb4106d8c56285a5e33549fdbc215e9a7b591112f21cd61769d25cc3a8f8e6ae2c4598114a345aeb19e0c9ebc2b69f5996f23ebfcd1be43eec9bfaa270d30221c357f5237f21b5ba92711e6927ffdc04c82dc98dfc3124a0699cd9b08e8f158eb59cc372f66dec01e01efd0ca979a57433d24b219346e498160bf249b76", 0xcc, 0x3, 0x92}, {&(0x7f0000000200)="2284f60ce0e6a35104ad42be93aaee5c90940aa803f2526629ee0de5758c065e4a1d0bd6fe052dcd05157a6143", 0x2d, 0xffffffffffff039c, 0x80000000}, {&(0x7f0000000280)="2cc06351707f22d8daffd3608ef19c77ec55328be8b95c56bbed6f012456bc11f9f6b7acca1af723a78dab357885d4798bb2c2f5d20901c09ac8c8d6775ddad7c890bd2b2815919bff1d88b5d8431dfa", 0x50, 0x7fffffff8, 0x51fa7ee7}, {&(0x7f0000000300)="bcb374bd25ff0c92e886bed5b4fb11eca5abd8dad8d62f06132cb82e543a6e0045a0b81a", 0x24, 0x2, 0x7fff}, {&(0x7f0000000340)="1617ee94e2d9d2652fab7d5a11957bbb7b7ae0a33681827d6639d56c999a30b0e1159dbace88e959eeb98bae610e627d0599a3a12cf421466f75f320556a375bc8bf3ed9f891910d46c3c5d19e43aa8ce7f961cdb15c25e3e856392186ba57104e478018af49512c3cc8a69423882ba4", 0x70, 0xbf, 0x8a7e}], 0x320000) kexec_load(0x8, 0x6, &(0x7f0000000800)=[{&(0x7f0000000000)="614952157b45d26795b05aba634bfdfafea39e026883eb5988fd9a912c68eee2d6c60c808ea7995e480a3bd1c7dbac2a8215ea4fb0df", 0x36, 0x1, 0x3ba9}, {&(0x7f00000004c0)="2c2ea740ae6d3bcc8cc170748ef4928fd174af87443ea4d0d4bf68d6bf375d8ee241e7c9861fbd88214a7c6c2b3e37a41418141144e15114bb59becd80a611fb9fc7a648a2264c2509265e3e3a254b25c82b17d8e20b56c699a57b84c1a6ca5aa89ddd834b59", 0x66, 0x2, 0x1}, {&(0x7f0000000540)="a1199c0507e7ea341b14421b72d755a3584c5d926da72c9ce4d2522d05e1c303a4075828f25151f2679284a5cac97ebf75bd2966b9bffe46d096970ed4", 0x3d, 0x1000, 0x9}, {&(0x7f0000000580)="60529e85530138daad24fca3aa993a7889c772412260ba5f6ef4fb78c5394a0227cba8b37dcac7a424aa288bed7e76294c32a03ae42543aaae74cb9e23385bce035d14bdb03fd0c0437c25cf9b0b0e19d7885a4fb38a83eab939a525e797a7b9931c1b9fc80757482812f60199a2dec12870880033053f1cbe9217dde9b136db186b49c7ec7d57360f922a44df167a30429da849cf0a36de4a5dda4b08d97ee3833e47b834ab8601cbd4f3f7fb727280535af0acde8660cc32", 0xb9, 0x80000001, 0x1200000000}, {&(0x7f0000000640)="5c1256ad57014c0aa925f5443c854ed5a66f27e863a716c57589af875e293d7a73f1c322013307044c532db4226d79016c8a741c3c03e07337c302f646f70d84c7a1d187ea39b0ce9358e32f9399c5fdac4c67a62f91929c463b2498240bb7f381f5ae53881481cb1bd715fadfb9936e3948325430ad7f8df1704257a61afb7cd7b8efaf4df6f45c68db6e5862e1fe982b51", 0x92, 0x0, 0x6}, {&(0x7f0000000700)="199b14f40970e591a55c321f8423b460e046c3a3236a8884b48735f116a8cd638827f963deb896dbb9f102bbfaa61048e705aca24d9a9b96489c214f0e76feb2778db898a6d8c949f37278d0d689a85b0d450a78c3ccbbda493f8bb77e8e206d2953517b427a1838b6e530b015f33ab22dd73d636b68b1bf198a4f36f0e4042b9677cdbb4df28a0554009ad4d44f8a41165c7e4789bca7ae8cc6f31e875cc04afc4cc51390aedb25af962a27e833e810aa89ce89bbbc054df2ea052f38d2ece6228f19f393421464e5ca4b1ce89cc9120f1c73460045f0a60670e6a093ba5577bcd4f207319b0044169bc570c9f037c147e2", 0xf2, 0x4e8, 0x7}], 0x0) 20:16:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x6}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:23 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0xa, &(0x7f0000000000)=[{0x1, 0x0, 0x0, 0x3}, {0x5, 0xd2, 0x4, 0x5}, {0x200, 0x20, 0x0, 0xdf}, {0x4, 0x9, 0x0, 0x7}, {0x80, 0x8, 0x8, 0x3b}, {0x2b1e, 0x5, 0x1, 0x772a}, {0x7, 0x7, 0x38, 0x80000001}, {0x8000, 0x4, 0x1, 0x4}, {0x3f00, 0x0, 0xc7, 0x8}, {0x0, 0x2, 0x20, 0x3}]}, 0x10) bind$802154_dgram(r0, &(0x7f0000000080), 0x14) 20:16:23 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4f800, 0x0, 0x8800000) 20:16:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x230f, 0x4022812, r0, 0x0) [ 1487.217980] Unsupported ieee802154 address type: 0 [ 1487.220819] Unsupported ieee802154 address type: 0 20:16:35 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x240f, 0x4022812, r0, 0x0) 20:16:35 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x7}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:35 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x50000, 0x0, 0x8800000) 20:16:35 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:16:35 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:35 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x509200, 0x4) pidfd_getfd(r0, r0, 0x0) r1 = epoll_create(0x8001) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r1, 0xc0096616, &(0x7f0000000280)=ANY=[@ANYBLOB="0200"]) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:16:35 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1517f, 0x4022812, r0, 0x0) 20:16:35 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 63) [ 1498.891020] FAULT_INJECTION: forcing a failure. [ 1498.891020] name failslab, interval 1, probability 0, space 0, times 0 [ 1498.892234] CPU: 1 PID: 8776 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1498.892934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1498.893767] Call Trace: [ 1498.894058] dump_stack+0x107/0x167 [ 1498.894427] should_fail.cold+0x5/0xa [ 1498.894809] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1498.895272] should_failslab+0x5/0x20 [ 1498.895652] kmem_cache_alloc+0x5b/0x310 [ 1498.896065] ext4_mb_new_blocks+0x64d/0x45b0 [ 1498.896505] ? trace_hardirqs_on+0x5b/0x180 [ 1498.896944] ? ext4_cache_extents+0x148/0x2d0 [ 1498.897387] ? ext4_discard_preallocations+0xd80/0xd80 [ 1498.897905] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1498.898381] ext4_ext_map_blocks+0x1d68/0x5850 [ 1498.898848] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1498.899364] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1498.899899] ? ext4_ext_release+0x10/0x10 [ 1498.900345] ? ext4_map_blocks+0x5e0/0x1940 [ 1498.900781] ? lock_release+0x680/0x680 [ 1498.901182] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1498.901648] ? lock_downgrade+0x6d0/0x6d0 [ 1498.902096] ? down_write_killable+0x180/0x180 [ 1498.902554] ext4_map_blocks+0x652/0x1940 [ 1498.902967] ? kmem_cache_alloc+0x2a6/0x310 [ 1498.903392] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1498.903885] ? jbd2__journal_start+0xf3/0x7e0 [ 1498.904352] ? __ext4_journal_start_sb+0x214/0x390 [ 1498.904859] ? __ext4_journal_start_sb+0x1db/0x390 [ 1498.905391] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1498.905914] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1498.906390] ? down_write_killable+0x180/0x180 [ 1498.906862] ext4_fallocate+0x415/0x3860 [ 1498.907283] ? __x64_sys_fallocate+0xcf/0x140 [ 1498.907735] ? lock_release+0x680/0x680 [ 1498.908132] ? ext4_ext_truncate+0x250/0x250 [ 1498.908587] ? ext4_ext_truncate+0x250/0x250 [ 1498.909062] vfs_fallocate+0x48f/0xd00 [ 1498.909451] __x64_sys_fallocate+0xcf/0x140 [ 1498.909901] do_syscall_64+0x33/0x40 [ 1498.910290] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1498.910797] RIP: 0033:0x7f6d60f48b19 [ 1498.911178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1498.913036] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1498.913814] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1498.914562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1498.915279] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1498.916032] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1498.916754] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:16:35 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:35 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x8}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:35 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x50800, 0x0, 0x8800000) 20:16:35 executing program 5: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000280)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'}) dup2(0xffffffffffffffff, r0) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x80000001, 0x3, &(0x7f00000001c0)=[{&(0x7f00000002c0)="e30002b6329906fb1ae376f45119c326716e899347520880d58c0dea4f7643fc2f2702e6b69ffc0ebd8c7db9061fe14cf9951828070948864f7a6dbde07be1bc0810f617df496cbe21c28c91b702563b58dad96e79d37b12d9438501df9647334df5f3599e9ac3003356e447480e43357b747bd99dbcb6c0fdbc88e8b3b0319951", 0x81, 0x3, 0x1000}, {&(0x7f00000000c0)="ce245842dee1065c6e90cbed426755bce914cec486039087ffc556e15891cdbec37f3f21", 0x24, 0x80000000, 0x7f}, {&(0x7f0000000100)="e67d0b71cdba855d224d380ffddd8041825f9b1918976fcc058a8b13847fa53c4e65ce25df0f2f113b4c3ec23747c360769aea5e0438abde34b9e75664261f49e7facf6ae554dd299daedb33766e624e1cde172b7e2306410f05ad92702f8df8f18d6f64e001631edcb0dbe3d117621242ffd678668e9e352e1d7ce6dfce34499af985b07b48d91cfd83397c51aa204be4937c229a464ed02d70eab83a5a4c05f5e0", 0xa2, 0x6}], 0x280000) 20:16:35 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:16:35 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:35 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000, 0x4022812, r0, 0x0) 20:16:47 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x11}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x2, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:16:47 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x9, 0x3, &(0x7f00000001c0)=[{&(0x7f0000000000)="8bc025f2ab77e56fd2adc66fa86facf70a0787939c3dae34c5d0c3481df1e47eae22787a86fb74a28b64a5712eda886b0607ad3e600d1b8504deb2b39beb14b6c5ef47288f343d169460c52f89c482f0dd5f6ef01ab4303784cd5d6734d667c344ab1aec6d8670f44efa7c28906d12e220419f0ca2fc50893765bf320e0170f74e752bf90428060e196e98f31ffb689cc2d9281dc176d614c7d7d9ea4c2e67f7ad397ecab6512cf00ed263cc2aaa13dda7b2400408cc199cd19085a7f774753aef76b584e0c1a1aeac6e707cf3aed84dcc7e", 0xd2, 0xfff, 0x756c}, {&(0x7f0000000280)="f1fc81e1090ce70bb95b5f49963326644bbb3bf8937640035dc120217feec23880f121aa32e24a72aba3870ecad2bc4ffcfa74cea7df0fc96b06474672d60b78b09436535db43f1f7486c25673b359e8897866cde9704df443a2d91fbcd2149e25fe95fc9af4eaa030abcf8afca66e7b371363f62c8dc1ebe0154a8c32bcdf31a796f50c0f7798b7b09989e5bb18b791bd445567bfc5143cc5348db4e7a545aabd9165bc69ac909ba1eaaf514e259cde73c60cbc08c09f3eff2285874ecc1ad2e9d9abf839341b50bf06da46dbb2a2e04f68469ca5471620cd2e193b3b31182225a1f0bd5fb57be3c9062bde67313c75642428a21354e0923a46472f98dd146c151c3c5ace46575f117d639eaafad7e17bacdb50300458f48d1601b78c001cbc134f426c78090d2975575fc91998bd6c63ffe91cfa15796b50a11b18b4bed80747793629d7995713dfdd0cd366a2e0c933f898bf20b5e62f53fa30593a536ce0aeee0ab813174bb47b02f10eebb46d91967cd69ee943e7b534822ea115bccb6026aef9d2c8d954319450c142963a4372cde44529d2df3be0d4a27e0893dd903218b8b9f8f3246a856aa0bcf9bbee52840acbadebc0485f43368cff66163d6dc46da70422506985cfc8c4a57665ae3b0bec9e0ae37c07918385966d9d8b87cd8f4ed5d83aeaa0c43eb13b40fc5c7dd024c522f279f4c575adf2cb77232ddc5d36798c2b36bc81ecd4b136afe4f27206312e8bf25022a51f41ac40e45a4be479a197ccd9cb5f0368241f382ade5e3f4121c5df68de3e098fb420eacc9ab98f4d414d25a098c96986f55ffe7968e4321d7cab4f996f18faee7391ba257f519430d1c6b4d9a1cc07c0a08ab243c78c61b7b79beae69e2e541aa9759c2470fdadeded82b827098033b69258bc90f874d10bc75b9b7ca1b2d7a3c037dc963318a2b2f4060338a2de12feaf6797f8f2bbecc519ab7e86a3684018ae2844c079cbd08c7882a0c747dfabe890ef0616fc0c85b8a4d8d19e30b0115466e41350d83245dfe3a1e2aa195a14be411c0f7b28b642198bd4a43d9800ffdc8a733ff027a1a2278eb62ade5c2685601698a11cc649c9bbd0fc854934f75cc0ebf737bdfeb00d44ef0bda832b843ef6df478786c00deec5c90add697f13752435533874650f776266c2b59cc794b9ec58bb4bc834cbf505b26675c7b3ecaafcc03ca62e1145f99f3398e7aa67b56f5900f0f559d0792876ac7ea1050aa524fb4eb78c69d0c8a91dca07dd575fa73c7d9001d5653e09ba1a50ec6cd4221ef99f063373d445b74cd9524192c4543a0aeb839d43b0fdd6f86ce6ed9ec35857c44152a997f0334528cd7408b6379abab4f494b11952ab2e386123f5593eb08bc7601d121ea72cb8d8e6df53d2a4660a0442e9b6a656e71276b7adc7e60c7df896f493e49b170f06467431448d9c30bd6b85472a2f38ab16f427315963159ea486c997a298083303b68d287801a8999d7d2b89b09cad23adec18318e16bd003316c17b75b5251148db7d149ee318531fd8b4d6709335d1e2e09c2788b52f918d0966de23336ff611292b7e3f92ac8435d97eadf6ec8b21834b2bcebe8a37cc0dd5b10640d54fa4b5f2ca0e79576d650e0d481b86e16ac80f09cae3a96fbb956837f09e7ace6f1ece57fc68758c049e8ba5effe05acdcb978d4c884a2da01dc4e297d7c3dc3c3019206ca329bc7408f5f1865cc05ed5e7d95fde0685eee5466efd45e6a31d68950581b25e3dc1c63bee44259b9d9a3171bfdc4a0417bd073573eadc479c54dda6e89c46bbeb00089ea8ff7465b2bdd8dd3fccc6020b0ca310471d619ad8beaa9047ba26ca9d221aaf54a8c16b99db99415b8bc5a66fa163158abf2e3109d0074e0688ccfb913392f1815f158dd8af0dedb54616652b8dc7c1852fc62271560bbd6740a6f525166115617ed20ff8040f9b8bfccf9280489c6a4e1f5c576e4b4ea3b2fc83b37a842b6bc0a03b5f98ec7965d927bbbd4ebe2d681db32439b53fb477a4071708d984637504f548face943023a14d30a63de3d40f14887652ca534be21b31807616b4c42b74ca8296e7296943d2908b248d4a1d1e6b35b661c586ebd2727b3c7e745b54efca26c655f3f9614930b736c1250b03e82b883488d2dade9ce68d717e1d33f24ae61293062bd754bb066f5ab585d7358e1afd149f0f31c10d3fbc94068d6e765ebb9666bcac6de95d73cdcc6610310d136bcaaa929d745e54ced9e9cae389f7d3b5deedb9ab6f3e78656203997a01fb628ae0a853c79a200e421c993aae0540d3983d7438d574e0cd1cb9b3cc9b66705b5dce185c3978874fc6e4df57229ad2263210c7f751292d7972847f9ca4d6643e9d2cb7f2aafb3d8de39108f5ab80436f6598f08b42f88cd2a5bdc99f842c8d8c459b632b3e058391364405149f58bc275cac7355c183055426ddfe6c6eca3194f8dfeae6943c23b492ff4162ca04106dff4fb76edfec337cd30f2967157014bb633930adf2eaeb5e2ea07dbe29f544fca27a8824e3a096761a2315bb9bcd51c72d7dfa66e258077ddb73127461f9e02b8f9149d4fdd529aa6d0db319f572a4d54c017d09ca1502feef362c0a27e66cfb678166482cdee61e3118ee0177eabf6bbe92167a1e89061714bc1dfea98290a461ff466b0190675fcb182e9437511597e109c85cf770052877437440eea615d4f42f39a237c2b9e2cb9c9b3ef885b05ce56041d1c7687724024f8010d037c7e58db2aa90a1b8d8e2d409f624737341c88f2bbb61e15ea5f4134cb2fea5f541eefb27ab5b3f3d911f9e05d6956d2bb2fa36b903d1a10036c850aa9168f09a35f245342f73c31d91fcdc4ebc9020e77c2e1123897cae9453e773fa1802eb88e519a0ac33ff42230e9cab5f46aba1fdf4698518dd52783f92b1b79aa92c706fe8c691a014d1805babda1e66a7afbe7f085b5146031f5bd9b79c15998c27754a527efc025771033b5e33a625f741053bce9883ac1a39130b6bdc9ba286fb356a25957e41a8325173341c866f6193d5ef00ab91769e459cc2ada70c5f1eabf2adafd12e57b674bae0dd88f643a99481fbc9719faeb1c726862788ccb5577ec8e059662bc319fd30f5e0ec9615e90a22cb9a52d62606622ac1b72b0f6d34a429b456e9f6036480e6d21bc2adc7094e6526509fbd0383e4c3c67d67f46d5cf9204f51f50b0eb0550ace89a95cc047364f54c8c31efd26da6f00ab858dd54468106446d1c701aecc753b66f9a54d899c3f79053ab503d76204d5c444d0b073e6045e255116087e9ed58d93b99fa60717e6a204d1a67c96b90da4004ed95fd961a3dedd079b18b4d2fb9f569aab4ef0a1a799f5b5a83cb05a5bee897cd413e411465a2861031bc10dd9b981760fb15e22c88731531368b88a9a68e11f8f98e3d38db60a904cdb4b8c2ab67d0ab4cf69042ea782ebe2ab517089cddfccbf124dd17afee720f2f5f6ee961ca45891aac6cf69885c1808424d3876471cf598a404928cb36ffc422c8117f2921172332df17c053f5c47e3ce505c00ec0a93162217f7e47afb54cee6a5bba78da948f49fac558ed09c37555cd077bd71f29bf8dce1176e173a5685c99dd88347e37f8f8409b7eb623cd60d7273902b2b3f7a46584c2f917167f052606f069f95e5524ab745e101c7485c1a19ea1faf0c45e454211ef7a21ca44a15c5e069c6afa0ec9d95effa49200cfe2b149553674f76da84b341ec2a8cb3a661dc2c028d6a8b34cc2acf861f3ac3bd89d06e493d6c6b4910a8ddce82a15dc303284a38e63642ff763748a24296016bd64feaa765e252829430e6ee5e71167efe3a1c54bbe7f175e2a663530d49876add0d3f19f9f1e94ffb18a5fc399f2dda59a0849eabba53a3650a47da719d6ef172e0622deaa0492dd151d9f419a5107a9faa431b3cee64f0d6cfb699e3bdec9b0380addc41df06660e5c1e7545d846c7fa7f4a117d9e5e88a1e1e703d3086a008c9c2bc89a4a62f2dcc438237c324c22e962036a7246eded314f96a155f2111503e64532cd1d0de9cfa7b0762063cc435aca6ee4de38b592b4ab676e5c7aefb3474c905f6a62253ec1d20e006e9ff1c40fd9e11a9ece391c180e5f71553fb778ba493e20d841af6be54000d3d4349bd9b5f87f33c6c125faef27c0c4709782f43fa9d147ecf6852c4f4f98ec812f9dac848b12d646bc7cfdd194e28e785436beabbe9478434554d599c6c7a9ad35ba9a869e1b18c37b77e8f1593b6e836af23133123b1f078cc9e33c48ddd5907c3dabdcce6c9ce457aafded3a65f89b9c90f325e12adcd90cab241324913198caeeef80fa6f43e8e6279800c51b77fd91e05f1a37a7c0688a93f72cb67473c74304bc2d0da42e5abbcca610de303d62c88a2ff139ce14467cd9f40f49478b1c4146dffbb991fcb0765602797bfd3f46bcab11903b322c66d0d4be7fa5b2d57596c1758cd51523a75dd1b4b2cb99f9629b660f46836a0c35ce388f74643df0f2bd3019d9195fddc6cda3fa133b21129b2c80a5e390182e401cb58a2c0e2f62e114d1a8ca200397f78de312b23f49e20c8e1db8b129ee8a25bd96f1a113711d1b2bfaa89ad7b121d2de7a20f0595cd6e460e3447ae4e748852eb49891cf27ce1fd13df5698d4b21554a8c302a74fb206ba1e813ebc765c28f36ea4f3ed428c479b21b8f3d3245d6b4da828dda8677ae7b1035bbfcc0045935d23622b0a6c155071b6c49ff9ed6537acc2df9017490e6112644779c9f3b8ede93d99e07fac259e2834319ca3454faf2bb7da0b3c5e32b3908dc5a50a985d3cbb6dc645e87e133079d84a590ea4cbfcac559869066a985edefa74e01b8adbf6e0a40be78faff062baece4f6159edec4323bb79cf0b0583e303d234001e4c2ceac4a76391c3a14176576feb705274f666f5bf6a25936c7bddc0d818e55a8f7dfa1cbca4e4c04fb8720e422d8292347d486ed9af000094d64cd294b4f1d9089963723a6f60f13d211b804a994cea18be19ab29a3c052939865a2c57daf4ad53817da66db8fb3617c50094e6c9f0eadbc8efc34bbe411629118b070c73dc1aa991c19b01c54922024d425aabc5a07d8d7d4bdbb277bfc1544cff95caf5c3aaddde034af6a31ef4a21624ec22135f93c1fe67991c6d87de36df67376690ae5113e079def90c554f77bf617e86d44cfed6ec9f35eed2969ffeed4f7ec9edd48aaa53a5ebc863d04da70d8e29bd45bb5d7087b3ab0618ca93861dea5debf892f6e24691d27bac3168621d539e3dded921b0c9340d710ef8ef2f80e11790026b28eebc73ba43f0fd868e212af3654fdfa8e26dbdbc17f708eb9b253e81d88a0fcae6a4b80ee4e133df187937cfc7dce41a6df57176c4d9a9203c85dac363e29551868cacf2555b1efc574bd374b8fada2d2ccb5fafd190ad9a57dfa7db20f868d88c36a15fdd5df552e7dcd13590baefee37d67863aa075a1791485c76a15a131405e0699465cf6a3ca2515fdfeb62ca75c03186c74c9ef3d0fa5d35a52bde8abcbbb56c0c8c09af1326d2001f2a3ab50bbc6088a2bba174cf3729c3bd3e52d59292340f0161f93eacf06fa3141ec3db39c25616847bdfacdfaeb971d6a38738734b59c54c8c85c5f031ae511cfa8f3ee2a60efd6cdeb80a631cf2ab18434877375d6c37fa525a8c0c20a8592c719fa636249a110b24495b96e46d1b9ed480d9bb9ec311c8a3a7a7f84e55112278ed28ee8e18df6fabd5918c1d48b75b0fc9c1a6e91a40e8afe113bd38a2", 0x1000, 0x3, 0x5}, {&(0x7f0000000100)="ae91e6ba345855020ea3d20dcd972afe1e95a82178c4c9b44a1cb0ac12243c4fde6643b7b5061c84ae4b78856ff91e5aba1a2d28494d060a70fc9ff59f9203d16bf8a4c2fc7eb6b9df0f1df63ed8f38048d50a96faf11c6f1bc86585ab78b7cace1fd824b1d90d9307545e9d7dfc8a6704c3761d7a836f83decf620fde0fc27920ba92f8ef046e0ae16eb817c5a10d2899d34ff6d2", 0x95, 0x6, 0x1}], 0x60001) 20:16:47 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300000, 0x4022812, r0, 0x0) 20:16:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2fff, 0x4022812, r0, 0x0) 20:16:47 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 64) 20:16:47 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x80000, 0x0, 0x8800000) 20:16:47 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:47 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x80500, 0x0, 0x8800000) 20:16:47 executing program 5: kexec_load(0x0, 0x0, &(0x7f0000000000), 0x0) [ 1510.810941] FAULT_INJECTION: forcing a failure. [ 1510.810941] name failslab, interval 1, probability 0, space 0, times 0 [ 1510.813498] CPU: 1 PID: 8819 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1510.814955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1510.816720] Call Trace: [ 1510.817306] dump_stack+0x107/0x167 [ 1510.818094] should_fail.cold+0x5/0xa [ 1510.818918] ? create_object.isra.0+0x3a/0xa20 [ 1510.819897] should_failslab+0x5/0x20 [ 1510.820711] kmem_cache_alloc+0x5b/0x310 [ 1510.821593] create_object.isra.0+0x3a/0xa20 [ 1510.822532] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1510.823619] kmem_cache_alloc+0x159/0x310 [ 1510.824513] ext4_mb_new_blocks+0x209f/0x45b0 [ 1510.825503] ? trace_hardirqs_on+0x5b/0x180 [ 1510.826431] ? ext4_cache_extents+0x148/0x2d0 [ 1510.827382] ? ext4_discard_preallocations+0xd80/0xd80 [ 1510.828500] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1510.829529] ext4_ext_map_blocks+0x1d68/0x5850 [ 1510.830523] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1510.831630] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1510.832747] ? ext4_ext_release+0x10/0x10 [ 1510.833635] ? ext4_map_blocks+0x5e0/0x1940 [ 1510.834549] ? lock_release+0x680/0x680 [ 1510.835391] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1510.836390] ? lock_downgrade+0x6d0/0x6d0 [ 1510.837317] ? down_write_killable+0x180/0x180 [ 1510.838306] ext4_map_blocks+0x652/0x1940 [ 1510.839191] ? kmem_cache_alloc+0x2a6/0x310 [ 1510.840103] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1510.841072] ? jbd2__journal_start+0xf3/0x7e0 [ 1510.842034] ? __ext4_journal_start_sb+0x214/0x390 [ 1510.843069] ? __ext4_journal_start_sb+0x1db/0x390 [ 1510.844118] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1510.845258] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1510.846286] ? down_write_killable+0x180/0x180 [ 1510.847271] ext4_fallocate+0x415/0x3860 [ 1510.848132] ? __x64_sys_fallocate+0xcf/0x140 [ 1510.849089] ? lock_release+0x680/0x680 [ 1510.849929] ? ext4_ext_truncate+0x250/0x250 [ 1510.850867] ? ext4_ext_truncate+0x250/0x250 [ 1510.851794] vfs_fallocate+0x48f/0xd00 [ 1510.852629] __x64_sys_fallocate+0xcf/0x140 [ 1510.853552] do_syscall_64+0x33/0x40 20:16:47 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1510.854338] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1510.855547] RIP: 0033:0x7f6d60f48b19 [ 1510.856338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1510.860258] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1510.861888] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1510.863394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1510.864916] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1510.866446] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 20:16:47 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x1c}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1510.867999] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:16:47 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x100000, 0x0, 0x8800000) 20:16:47 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:47 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x4022812, r0, 0x0) 20:16:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:16:47 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x27}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:47 executing program 5: kexec_load(0x0, 0xa23, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x5, 0x1, &(0x7f0000000100)=[{&(0x7f0000000000)="ea716f1d27b2f6a7d1423e1ab98cdae591f8a02ab02b9292342007e427bea4e2b6853fcb8aaf21060930ce5ff99d53c41402546521091d83bd7fbdef84cdf969c8b86ef6e5bef803db57b2020cb0e9a0c2822ba292e75fef6750ef957037b1940d3be956eda9842de22dea3dd61215d7f3559c260a5615c02007b5f6e76ac782f68c3415e1a791c21b55bf79f025c996f3d54379737492e45c5de457cff0d0d4562eea9d8ceeab1b6acdac2b78d17274bfefafdebf7fea69268bced0b810f261b59db24cc2a797ee033fabe63cb084c221d98234fe021f0b95eafa9c8445e6f57feca8a04d01b91bd4", 0xe9, 0x0, 0x7}], 0x80000) 20:16:47 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0x4022812, r0, 0x0) 20:16:47 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x180000, 0x0, 0x8800000) [ 1511.051642] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1511.052495] ref_ctr increment failed for inode: 0x3e79 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b5656144 [ 1511.066914] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1511.067758] ref_ctr increment failed for inode: 0x3e79 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000b5656144 20:16:59 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3f00, 0x4022812, r0, 0x0) 20:16:59 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x4022812, r0, 0x0) 20:16:59 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 65) 20:16:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x4, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:16:59 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfc}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:16:59 executing program 5: bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffe0, @none, 0x9}, 0xe) 20:16:59 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x200000, 0x0, 0x8800000) [ 1523.632691] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1523.634490] ref_ctr increment failed for inode: 0x3e89 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000e90af0a4 20:17:00 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r0, &(0x7f0000000140)=0x9, 0xdb7b) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) [ 1523.657382] FAULT_INJECTION: forcing a failure. [ 1523.657382] name failslab, interval 1, probability 0, space 0, times 0 [ 1523.660373] CPU: 0 PID: 8880 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1523.661771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1523.663486] Call Trace: [ 1523.664024] dump_stack+0x107/0x167 [ 1523.664757] should_fail.cold+0x5/0xa [ 1523.665551] ? jbd2__journal_start+0x190/0x7e0 [ 1523.666472] should_failslab+0x5/0x20 [ 1523.667278] kmem_cache_alloc+0x5b/0x310 [ 1523.668106] jbd2__journal_start+0x190/0x7e0 [ 1523.668996] __ext4_journal_start_sb+0x214/0x390 [ 1523.669975] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1523.671042] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1523.672060] ? down_write_killable+0x180/0x180 [ 1523.673032] ext4_fallocate+0x415/0x3860 [ 1523.673858] ? __x64_sys_fallocate+0xcf/0x140 [ 1523.674766] ? lock_release+0x680/0x680 [ 1523.675566] ? ext4_ext_truncate+0x250/0x250 [ 1523.676494] ? ext4_ext_truncate+0x250/0x250 [ 1523.677403] vfs_fallocate+0x48f/0xd00 [ 1523.678196] __x64_sys_fallocate+0xcf/0x140 [ 1523.679066] do_syscall_64+0x33/0x40 [ 1523.679817] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1523.680889] RIP: 0033:0x7f6d60f48b19 [ 1523.681919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1523.686364] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1523.688197] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1523.689916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1523.691631] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1523.693350] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1523.695057] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:17:00 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x280000, 0x0, 0x8800000) 20:17:00 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x300}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x5, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:00 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1523.736181] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1523.738073] ref_ctr increment failed for inode: 0x3e89 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000e90af0a4 20:17:00 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000002}]}, 0x20}}, 0x0) kexec_load(0x7, 0x1, &(0x7f0000000080)=[{&(0x7f0000000000)="9913265a8d3c38fa788af09259d5ca73ea346494d2c2aebd4b4cf4022c860f3377b88d1b412cd0754dfa9874331a35a3890a6c406d282c0b3d7aa8a18daed8a6534eb2f2a7b8bc3b7ebb7716fe621047be194d65fa00a4e08e7ede3759ee47b846fec75d4b3d72cef9016faf6166a6fdcf", 0x71, 0x4, 0x2}], 0x0) kexec_load(0x1, 0x5, &(0x7f0000000440)=[{&(0x7f00000000c0)="cca1409a2e8b3ed147be0e9b971963c3691951d0abc294eabbbb88075b1d9411487db194c9fb47312213ee7ae5ed57039a2e4d43d7a26dd76cd08f2cffbd619ff3f28ea101c27828dde35cb79dbdd7136be8ca47e40d488c0891a3c478077a5b2886faaa2f8216a2a91d8425db8b136c65e98dd6b98ecdaaf19db0f80f4b540e1b453c98ed7bb4c41bb038b682c276bc25c5a6cb7a361c1f84258d722018f24962749285d8595967d74b", 0xaa, 0x400, 0x5a2e}, {&(0x7f0000000180)="f1f354486a9d622242ae95bdd1f7aab085b5e80521d5407b23a36f67703acb3219334eb386f095094f518791303de3d9e94d5ebe65c43fed3a114cd4e58f32bb685bca451f1df5843bff3a0a7d551517bc53ed5afe0c369a9e19f0442885f7245e0428ab98e12c", 0x67, 0x2, 0x8000000000000000}, {&(0x7f0000000280)="a7c196504ab59486751ce0747dc46b4031054a452e698498263c20d2eb1f14cdabfe33f9b192cb57605f7ef44d0b438d2edffd6076c0e6f7d408c59ca59fcaefb21cd0d3025bde1db8317460ca2721f9944d2633bfbe3fffb5759641d91e0e1ea8e5e588874b6d568065da4243babcd8c0dda6dadbca97163cac49e65420deebd8de8baf1c215c6e67053170e9f491bfee3fc2b5ddb64db31326dd018bcd1a1f79db3776499c3bd1f5cc6f35a1170ebdd095bf74dfb87632152e8617271c5fd5c3b9684e976b93b362a58add725e8178f4094d4a597b7f7400f1cdad640ae978", 0xe0, 0x0, 0x7f}, {&(0x7f0000000380)="d351506b45ca50e70413f1e908137603955e16f351282ae630d0edfd47fd1b182d86c786a5903222ea2a533862941fb57f00b8af7f051104e103d17011f708ca42a7be994c3fce273dd19c9f1e6d1a8b676e07f64730ce0c3955d0b38f91cdf7c334db3830ce659dfda30f3fcc20ee45b87e2593c39b6a0a622b166b8604c2409680ad129b73868a49c3953463c1", 0x8e, 0xfffffffffffffff8, 0x1}, {&(0x7f0000000200)="241fcd4f0e5e5c9b3a145fd836df9e37ff1785", 0x13, 0x3, 0x5}], 0x160000) kexec_load(0x6, 0x7, &(0x7f0000001900)=[{&(0x7f0000000500)="d595b63abcf9373f0ea937374bed26f0c5fa8aae4089b9206cc97d5bf9c727fffb3df63c58bfa0b95353167fe8b3f2cceb79ea7169588676d87325acc1eef4576b842cb43a2da95249e407885a787c6ec2002ae021e76976ecec8cc693cb436ebf10e36a1efd7b7fc41fd6a50340113eeb80278529b45bb89ca6cad0e6dde71881f9219643cc1eb41307e823660353bcc4cfd5cc380ef259a4db9dce80181a3184192b1f409db3b1f9b02ade08c9d38ffb52528c58efe255642bac4594251956a123f5b2580f9d238fc0af41091eaea5e1e72ce56af5ad294b4d57e532da91bdbcf0318ce5557e6d6d9c4c4c0c8d58af6b396d3bf2b0f41ff4cb0d20479e1bd11bd265c7e948e1743c4da889701755862d124100211019162be787c3e7670e835f2c00bc1e297e4adf5b084010d77d74b30f64d43ee48dbad8cc2f4ef5324f2d9de1455aa60a709534a809e520a0a66a8981b3b2cc614908270d9e6fd6f1e30f2225a6b5be9345eaefe0f5d910ec47c3e3c001b117820764f8e2e546e93a6eb931b139fb56b787ac0808ec9520cee1fb0a6b01350c46617ccb0658114e4d3424a9c117d3e8513c79212b812d01a2034585bc7bc03ff51cb369a82f2ff00daad7606b644a9423318a14fe78eb13bc63eaf2404263cce4760c2a8608df10165703769477beb262b8e105847d254bd0d835cdfcbc517a2b0efd920160e7b716ef84c5d7c071fe334774cd066781a6d2e8df6750362759c84a734480f650772f0168aa4ce0900f806cb4503f4660f9c706468276b28b136a9e86490534d6d98043016c58c03ba94ebab0e2128b471f59f7a12d8b874a805f6efd60173d44710fb77cff40bc6fab03a158b25f45e95dfde2a80aacd3e63f77b3b2b36c3befa138ec4201d9fd5a70b83c5ab80f62cefadb0659321c22a354dc2e5f202db4ad8315264d8036203c62b698ab61d38eb389cabbf725d4a238ba51c82865aef114f94511c25568279abdba75e0d33f4d3370014c965787f18dfeefdbce30dece5fc9fbd5e5e314d7852feb99891313a96ee364d21cd24c61b0cda4bc5cbda253fe3e65015c4ef91bfdee2ddc07adbde069b08ba5ead618641861e189aca07a4cfca6c0288a035c028e37f7ebd934f4c1006e25d5e250d7324a86bcaab802a825793b8b85c336b30298e092d70c2395524063322fae3bd994b3ec9e6eaf7bf032d3e63b2a13739352719361d4aa4b09a0ae5cc696e48e4140dd80c51acc3f39232c516c8041d50b69f210bec1930ebcac4cc61eac9f5265ad3b3efd721426e85d58004909a43a7876c9aec47162082913d44e2a7fafce33e9ec9dabbfc0b8ff4365a56ddadd1ccb8a60cb003bb7085b8702014008f48257193f1dc51f6dc3b886376ddebb7d4891834745869ce4d61d74ef2dabf7e050e54ae4cc916764906c24f8bb18887cdee91f4902091dde873ed054a141ab8719caba5bf20ae146afddecd0765b6206563b62f83c936b9daa186660b909aa1bca45bfcf73ae03155f3dd3d116c5294c76c895e4ad3f9eb03d80ce704913c152bff2047dc3ee8f6a0e837c095752b6f586fb4b93e733123bb6e371d9a5ce1a9163a9bbac39ddd5192b425917de5d2f41316ed1505eed796b0c85991cf458b203b887967c5caf450b99429286cc092019f712a0578af9ad5527b22f7cb1f8ea372fc2c3f6281cc1d279466e84e405a67ff08aa295ef3f04711ffde9a0638716e58af0b2cad77fb3ee23434a293aed8309ce7fb289f7591fd77c258680137437ee9a6a34d72373e5bd118bcaf70453f977177021ac9a653cc9381f1faec3770fad518021da9aca31838c7953ca9ab20401ef4065781568ebb485fd105cd2c2f1ba8e47c961e817629c7c78772f5b8eee8e2fa1cbefba0c38162909abb636e9e2fb98d8786289699c5b53907e0cd64b70104cdbeff3aba0f63d27eeec2d94fc3d8d0dea14ad7470e0b2b503df189acd581ded6638f2a425b70a0dec42c73db43f801863b9580c08a67c1331fed5a8791be8b6bb20760f34bc68a0eb83f6b8fcb85bf38cc58cf5f8a929455a8515b7db0b5eca82335658fcc70ddb1af4cb4b7be935c03168235a0a0b43ab422a3a0ce3c9ecf0f3e2c3889913c2aacf8f1148e78dd56e7cbbf087696d46bfda7d87ca1c1871671034e29b95d6eee7256018218403c7aa005cbf585925f4c87b84c51c9d542c79dbe1eddad68139de147b540ba2a78759097f823d35d5af6d0c357e3b8d403a4b118e0ee785fb39b9f068a5db526f3f737a8697802271c8834d0167cebe65c0e5b7217a6ba648249a24e5204e82d28adb0636e2fd8de6a61a14be6388f60393c870e35040df0d8acb1c63982244e92362ad35aca0a73b1647e0be598d6600b648ae476797aab8e3fce1a248e96accdadabb38e3659f9fcaec1df5da486ef13f573e1fadc008345f0cb7342be4d26d6f07852f6d342d15f24f3532d2287bbc1ba49281c610d47517c9445f1e93bee7817486703f72cda4ac043d565c1b680085e80fd445ea34bf95f9ef572f7fb55347332a075dff5d674f3455a9451ec803f4524d964cfe5cca45f2b11be74d3382df1c2ca5b96d8ec5a57c293db6428fac75070b9377db5d0c52d4f48d48f2727bdaa580e8b282cd430dc483e76df9d4ca86af942620fcbceba9e7a3fcc4dede6cb6400792bc449d2ad49dedee80d35283c1cb407e4c4be9416ca42b7190257ab191da91d2cc68a37c8903434bbf2711d219c52e9defb8d8be6420f297f4436f62998ec111d0d133060b747aee7993597a18b5caaee4835cdcc6b9d94a89d786fcff296bec941da0bbea63ebcfcef83cef5bd54078d392eb3722df92fd6f8768fbd57e5eea8dcfb6508849c71a0897aea69e3c94fd7f742e36459788330e59d4c4f411ae9bc93e935d04f07e040f0b8b131ec966815f5ac76b436a2821f5c008fdc325bb70f05609a075881cec28cb161f73d2ffef2e53805070750c3a859dcf651bf2c2fc1ae049a4cc2c527b57640be3e2ebd963844758bb2a33249c08f1fd9c74860c537e7922b1b3246c681962330ae69222f56c93c6d609e81942f9237adadccb4bc2bc812099af78d9aaac1e65b5fca269a0b95264dc35796be82712965046934bc51d112aa041b2215a66b3a82f4751b03c7d771957a02f5a9a3dfb65e4551eecadac716a02f7da773dd380da19c4700dbc2d742a2b8606c783f213e26052080aec187ace027e039eec8ad5871f4484c6c58238879a4c6aec100372638981597577631e13f923628c637c7d4b131c32315b5cd272f369bc24a9e8e178fb1ba4f8d3b68d70b9ba799cfb49707d23a155a68280c5cb2169bae83b7fe6b39893f9433e62fbf82c55aecb6955ee9e554d2ac608e64e9fdf9dbb8482fa0cb852170df23762e2afa8ef80dc69bad0f4f1efc11d5851db4467a3654054b54ce512271238db62fb586b533226d08589cff0e1e85ec29d198e736ea305219d1f99405a7d8b1b23869571a1b860d8e2fbdc1c00dab96bc2d9fcd388e4afe63944205f704ee36c811aa2edf58e1eda6e8f7f27af959d38f996b3d6a6224c08624e316bf45642d924d0f0b42ec95286aa03e6fb2580a5faa5f1383323719a932ffa3821ae05959696b53e930ec75965a35ced7c3f4c085afbbffbd9b2fdac163a02794a3d871fc579fc8d5c56558bf3a225d1d3d05b1ccb66a2c593994d760c82b26b52a1ff3f34513715546a31d4f1d32e8d51d528f6c3b291323dc4dde1d9c229b29266fcc690467aaca4cf1cc0938d8620d71c7e8e52912a4df31218a1d22ac2ceb716aa310daf5b7bb9f0c0516820cc6b58e52601662ee24bc9e05f6dab6d55eeebe2a3e478a3e6bd5ba0c11e5d86a8037c2b33e010637b42bfa4c55569cadf9751a30c2e38e5e48bb0f8f54dc8486c4f06f1924450ff47f0abd60fd118fde86a5cf2fa5759b9192f634e80cdf826c8032e0e5df7fb2b88ac252d9ab2799940532c8e7046c30bcf927ae544cc0146d8297f735e41120eaf0ddfc3686296610841429b2bfab4cb65c1f2b42a3a8097141c3eba4a434c39a42713631dd87d07858523dcdb48344635a54396373901e20ad1afd667c5c16dd9d162bf5641d76337b70faa4ba05ae2c58a569f51405d570d3ccfc597572262b86d1660f4c6a87406813b7b155245df01e4086caf14eb42a7e6700cbd2cb2d37b7ce574d8fbd14fd365ff5228656362260fa077abc9c29a0caa3b15a8abcbc742c65b172443196a3ffb1a8a1d6a43f21323313f812f0f3abed18612c0658014294c2f15394903142d7f76182a6ea64b58b343ddfddf56a1cdd94b4451bcf573488d9d0654a16a17c0085dab9a791a82c0fa4ede8e739474765d540748dc089d08a31a5f952a054567379ace57cbc22cb09d036de243d026e030f0d83863f34a7f3c681500329ccec9801194fd23681c295856ddb5a48381ed80aaa482d5ed257e68c8b531cb69fb1a2c80b56cfe5b77ab6ddf2918bce43451b3f65cb3a59b19dd9f3d534c677b60d0577956e45cd11fef15c46cece769ce45d9529797e1b8e7a4947d55e3bb979daefa876f4cf17ee9e8cfe71649c9cfffdd243b2848eb17f49464d37e58858bec4d9e1138dc38f24574e79577d7b7d1a08a161798186ffc6d3f06364ae15359d20975e73143ce14db90e33cef67a269d08086649d1a909c89972193a34aa84cab8fb8bbef28c95fdc30a32d5e25b127121a3c33918baadc95c4809f1333f83d740cc700603580c1ec28b99b0fac5d7372956d292c12a8cb0a1c5b74123efa41b9903d22eb30921d0d7ae28be8e2f95965d2f78f6f8bf94ff0c94e86f08f2f3dc4d41a0e1bea45e1bcb8f94e0c813211412599a0def77e0d0b858b30488cae1ded75934e2256677101dbd054678dcdff8f7d0e12c49a309675470379e1446aeeee5369b62ddfcc27ee8ce82bb58fe49da16f5ed0ef350e5e57ba4b8e3d58212d06b7eccf86c8a3cedd7fea0424bfb6dc98291c64a890fe9babb28b47893d802cd721c5912cea5e4ffd514773e55fcc9600b87982a55ef5a18f58755814eb38f13c3580d88d027ef2c39838983f6c0d435956cbce649bf491a2a28cbb51a23f1b660d35c651fbcf9df0b9f6c021434333fb4593d9c0c6b694eb3857cfd559af71a1f10c86539ab9f324bd603971f1959b0e92db8173a82505659a17e9df8a4c11196d2fa329e8a67b10ea172d156423a4b321292156f8f2e2ea60d258e33787787979bf68f7aab9aabea888f8138c5cd4fe1d666c87854ab2f13d43e5559a2a9bc8108ea30fe8024dbfcd9ee12e86c8ebdc6efe0d3803ccf1a656549d5c80f9e0b7ceef133cee90860ac49a75a7fa3d557eb9ad48822c64bcab7dbc3e508c3a17adf0a3724805611e8bc077f73471a74e72b1745c280da345f392ce9d57a0f66a44fa40e9cf96dcdf8a5f3f8ca1deba37ce6170a821791a7387276bb6f1c5f8f990f76703aa9d8d39068a3704920973dfa67c25cedfc1f83cddf6f041a1749c163c712dc51d8eda9224cf75473677c27ff22756a9a0e437428b455104831a3e412bc74ecbaa3d08023609c8760e91b25f2c56a1c02fd4c53c40908a2b610ea198b07a218a57d7badf0ba3fbe20441abf90ee6a3ec7a9f75c4c71a1c9b370dcd16653c40529c19a3582cd3c82cc84ef38f6dc09ffe2f0837f3160e548e705ec38cc0f67d1af77ee589a99fa5611f8f923a05516ece0abbfc9b0b95f5e20156182acb1208cf9fea9d66977cd124cc1d8bca94bb03670d", 0x1000, 0x6, 0x8}, {&(0x7f0000001500)="a2dc67a23cf43591d2dbbd832d3b3e98daa2cb301eddf53499d5ee7de4c20bc1eebb31f770c447f7f3722b8f76a8a29023ac5b1094a93838ec91d1c14213364a016c0e51b83d10f58e256ad5a06d0b9dcfb6f4d22313306aea9a2789336f68ffb572ffe3ab1fd6fbdbc3de9071915d9797f795b3669ecfaaa5c2c41a184ead196c611df2bcfe71b5f53750ab6ea4419ddd4454e250", 0x95, 0x8, 0x5}, {&(0x7f00000015c0)="eb1a6cf6873493998128538d8dcca9dca840bdb4fac21f09f344bca8b615600dfd9d64c9e6d58447de2d3b69f2940277ade917d312ea61d0e97cf88899a7070bb3c4b96578c466ba43948e09", 0x4c, 0x9, 0x9}, {&(0x7f0000001640)="8ea4db6126bef6b954da235e134f10c65ba4046f69df04893c03a1e9a0a509e6dbe826791904261bf566c9b6081fae64fff9334a957821188a7a9c04b323d480f374afb07c1cb0bf4f80c61fa416f5c7c3f963880632e962a9fb75c8365f5c8304875dc2c17696d84f98109fc46900f2bac92a26c968eea73761261a205dc5925e23467ad055698aed8ffefa4050f4d8d534ddc757238b2e5396912f", 0x9c, 0x0, 0x7}, {&(0x7f0000001700)="bb7e0f0a0971712ba091", 0xa, 0x80, 0x2}, {&(0x7f0000001740)="be761edfd22dd7a7cc0dd5a3f70b68f202c55513bbbacb3968748c639e5e939eac11c5d768589c78942cb2f2cf736fabccc96c74e55ffdc944a015f156b13405ee882dd4602fc5163c73905289841ba9f942c9626d082a75b28627157a218d1c8603dc69f993e0c7a391493280bbe11e8b92907b8d8899a996612146d598c0c31b4a6f95ef164beb904be49c836ca39ec13a186f46d47c9aa77a530b832d2c1eb2cc2d5233bcc4a4927e05856317052b95ed55df45e1f0fdb52eb2f26340bda25e358b8fb7a80a8c73af96f2921d8be4a4bd85d04fd6f078f8faae", 0xdb, 0x0, 0x8}, {&(0x7f0000001840)="096b5ad62fbfa4e3e83ac4aaca7416bc195f2ba88a3403dd2c84a1958a2b9c17de19b0feea1873256e2db1b951e2be639f680464a5cc39aa7207c1ad6a18d7d5d319e782e1ee80911a92106107fc2813c741ba310af746b2c37d1772e1cfe7b69ab17c918c2f5e4d38689888095628eebc92c0181cd0103e7edec802350e1f15bf3fd5bf83c479440863a0cee10aa5638575c91b3f324a54cecb7f5b7c0d", 0x9e, 0x4, 0x1}], 0x280000) 20:17:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000000, 0x4022812, r0, 0x0) 20:17:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4800, 0x4022812, r0, 0x0) [ 1523.887657] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1523.889521] ref_ctr increment failed for inode: 0x3e7b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000745aaf9d [ 1523.912204] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1523.913863] ref_ctr increment failed for inode: 0x3e7b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000745aaf9d 20:17:15 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000000, 0x4022812, r0, 0x0) 20:17:15 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x300000, 0x0, 0x8800000) 20:17:15 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x3, 0x3, &(0x7f0000000180)=[{&(0x7f0000000000)="3a4fdef4d16c937354fc55776a967d3ce40e7132c29c9bc92dce81a66f03bd0e1171d57c595fe51719ab957ca86c606c065e2ebfd94d202ba4fe2a33f64641606597313581cbf2a037477b74b9902584b14d2627ef0cd1f2cd03d2a588da4344bec8322736d832b0387a409ad4c7462d775b5fb551667fccc1e85f1033938233bf10dc985c8eb908f3f2f3a4c7", 0x8d, 0x5, 0x9dd}, {&(0x7f00000000c0)="731d7d46cfce5f0eed751a33d2fd38401400b824ee1da9e7", 0x18, 0x7, 0x5}, {&(0x7f0000000100)="28f6dfb767dc83ff9588a095bc14dc793081a31e15f0c9eb4f28b4622322230de3b47465a6496342db1aa17c0d0ea5b9ff9a95ebcf626c70e066e1c6936b973440ff0d57abee33e90fc11da6fa1d9b37bcbbcf04b24bfcfbe145fa7b11d098f7b20440c1786ac5a3643f5a77", 0x6c, 0x2a, 0x2}], 0x280000) 20:17:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x6, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:15 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x500}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:15 executing program 7: socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:15 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 66) 20:17:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4c00, 0x4022812, r0, 0x0) [ 1539.344298] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1539.345928] ref_ctr increment failed for inode: 0x3e8a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000adda9519 [ 1539.352449] FAULT_INJECTION: forcing a failure. [ 1539.352449] name failslab, interval 1, probability 0, space 0, times 0 [ 1539.354930] CPU: 1 PID: 8945 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1539.356327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1539.358324] Call Trace: [ 1539.358861] dump_stack+0x107/0x167 [ 1539.359603] should_fail.cold+0x5/0xa [ 1539.360394] ? create_object.isra.0+0x3a/0xa20 [ 1539.361331] should_failslab+0x5/0x20 [ 1539.362103] kmem_cache_alloc+0x5b/0x310 [ 1539.362924] create_object.isra.0+0x3a/0xa20 [ 1539.363821] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1539.364860] kmem_cache_alloc+0x159/0x310 [ 1539.365718] jbd2__journal_start+0x190/0x7e0 [ 1539.366619] __ext4_journal_start_sb+0x214/0x390 [ 1539.367585] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1539.368658] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1539.369665] ? down_write_killable+0x180/0x180 [ 1539.370595] ext4_fallocate+0x415/0x3860 [ 1539.371415] ? __x64_sys_fallocate+0xcf/0x140 [ 1539.372332] ? lock_release+0x680/0x680 [ 1539.373143] ? ext4_ext_truncate+0x250/0x250 [ 1539.374053] ? ext4_ext_truncate+0x250/0x250 [ 1539.374944] vfs_fallocate+0x48f/0xd00 [ 1539.375741] __x64_sys_fallocate+0xcf/0x140 [ 1539.376619] do_syscall_64+0x33/0x40 [ 1539.377388] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1539.378429] RIP: 0033:0x7f6d60f48b19 [ 1539.379181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1539.382911] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1539.384462] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1539.385933] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1539.387381] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1539.388819] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1539.390413] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:17:15 executing program 7: socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:15 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x600}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1539.415843] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1539.417499] ref_ctr increment failed for inode: 0x3e8a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000adda9519 20:17:15 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r0, &(0x7f0000000140)=0x9, 0xdb7b) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x29, 0x2, 0x0, 0x2, 0x1a, @local, @mcast1, 0x7800, 0x8000, 0x100}}) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)={0x17c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [{{0x8, 0x1, r2}, {0x160, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x70000}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}]}, 0x17c}, 0x1, 0x0, 0x0, 0x8001}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r1) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:17:15 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x380000, 0x0, 0x8800000) 20:17:15 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x7, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6800, 0x4022812, r0, 0x0) [ 1539.579002] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1539.580645] ref_ctr increment failed for inode: 0x3e71 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000008df97dc0 [ 1539.634699] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1539.636606] ref_ctr increment failed for inode: 0x3e71 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000008df97dc0 20:17:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6c00, 0x4022812, r0, 0x0) 20:17:31 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x700}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x8, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:31 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x10001, 0x0, &(0x7f00000001c0), 0xf0000) kexec_load(0x1, 0x7, &(0x7f0000002340)=[{&(0x7f0000000000)="8ac04682a3937ee744e3601490491f9f3e80039614ee280b4661044c", 0x1c, 0x185}, {&(0x7f0000000040)="4ce81d71fb4783db788769e43edd9b21ad6a1570369734cc09ad4f4f36d0264e54cdcfedc9640c1cf3c0f546c489a2b89ad2b65184fcef2eed79c76813d2d3894d0c56b8452320c5eafd2c2dbe0f8d90d0f29493dd4bab02df2931e1bdd9ff27263f65a54e4b6dd724b5c95daae494ff25cff3496e", 0x75, 0x4, 0x1cca}, {&(0x7f00000000c0)="9e112dd0df0388d598504f259fc45f354bd0112d73cadc02f31a0e06453f37749c489c7f00195f2e6f7471de228cbb12df98979d29cfc445327cf5e87accd3210d38ab81a5ff105d53f8462d0fe1ae369afd927de68a8177325cfb2ccd432c5e1a13c612ca82d13a67f7e4482feb40", 0x6f, 0x1f}, {&(0x7f0000000280)="474299763e8a532c586413bd4bf86da5d18e6a8db3f0a19e73009fee551ca4e709ad1e756ab4667b017e788bbef29b203cd509768189cc7e7d3e907173748620b012209bb590510e40595d8f465594a404748eee25303098897832eb9095e801406bc535144515fe4afdb8bda32944068ed95bd681a98ccb53fd8f4f61e925c99e44897d935be1a294711e63088ee1489e2de945a31fcfb3e0db00e0e0eec799eb082e7d30dc2dc1c330bfa3b49eac059a6983bd31e508074c4304990673f35855e300a301a6c0b9c3e6bebf4322b15fdb814b93f59bf32c0687d9da43213afbb26fed04b5a15a2b8eeb5352ef2f1f0ea6034d8293bd85ce95e0b0f3ce245060a30dc79f159110dfe95c1781bcc5caca689e39afdcee2f2c4bd2520cb6b6a169130f7d5021658de8f4a09e5910165614f4f7493aff2afbe91f95fd5fcfa253b0b186f4a8b4018c62936c669cb7d479d2e5d83e315acfa609ceb494f48c41cae18d22e68a35a90ca820f35d71c92bb6966c56dbfccd49121eab9a4def8ec97799d45dc7253a8dc67f8b494353d804a2c09c54960d798389cf1b5cd93236dc172e55f5e52e69c3e4bab00d09bef06e7e988b809b0bc9dbde0ceaf4117d7cb3c6d345ff0fd2099ebd2dbc15a0af7e9b731827492c6f20288de13d60f9f95a89f85a4ee2f0e9a4226cd2308f5d712b9347dabf12a438d5c6cfcdf66aed476dfe35644ddd77eacb2f3c85e7f50e2068400273ed5f20a638ad2f39afada249fdb1ad45963cc047e8886fd42c5b2fa504fde4b04bc145184eb4e274727517d1b50b4224572156644ec63cc56bf0cf6457b4ea829cf168a951967fccace9d399967337c0147f4e7cbbaefbff6de171dfedfae79b6ff7b0997bd7477fa9bfe1b28e6d13bf438bcb45b134c4149d23260be12aeab46eddd348ae060c44be1bbab6c85e2452d3bcef4b9ecb91ca2879ec2087ca801ba3e3e40b5f995c6e32e3f89953d86fbf0451b6af51ded9290aa3b2b4a6c1ba54ada1d6907c966a112a4c640299a364115db1c6c0ca02ca22525cc401873bd197873827930874d64cae306f3d5ff22c33e2ed90d415028792feb60da1e51903d0cdd19ba8cfd33788c9ec8e15945b985856ee02214cf866f21f6d6de56baf1189c6e2d0b5e2dbb5765c053673c73ff8972038c6fabaa8df715fc6c80700d519e927a4a4e921d394d1a61ce49e89a8158e9063907d3b61766829c36a8f5f603e9f5f4e2e2b6aeada47d1bfee28968f64faabed48d1fe08bf3c204819f2c8e48108b78dc5cb6fac1de4aa9a83f6ae34db9b3a6285884a3b699fb025b7728b4231092b12ee4a1a44d4607ebc6e796151ab0e3e896d1ab46b427c619055c2c5096edc15df4d83f863fd84c45792417e1d5a8fb274c6101d4216f55a6d9f3c063b640165f3bf404354d1e67e2c8efadd9f69278c6d669056ed2e875ab8ef5fabde8bb8b37df959b0f40f72870f338a55acec49d0dca3a5478d00f39d699c0db00774c0a1835d234adadaa4531867c76e6409606bb6cb74d84eaee505b97761060f1ab8aac4709bc18976d6dc4c0e3505363967c69e8e6f195e597bc6b43d4cde8c1b02edb009c92b6a9a2615cc0d68410ca5d4dc1f9517b4dabf07a20165f3257a3fafbcf1069685e17c32b2381acffd0b08d9290df21491ab7289d47affdbaa99b7778ca20cd71ec908158883bf4ee6c20345897a8faaf816434241f09b5b7349ed1b05ee22e8f1fcebec3b4343e330d9c9b267e125ffb8bd789aa8ea63746c69d1c86c86bc75172986d5111524689b2a8e37be553f5d0bd51ef95f6a4c15c55ebb0d0a7178c62ab35b616a525142381b9d8f09692c4b388a1e19153ac4d94b100199eaa66d1f3bb19e2a3f026b35b01518d1716843282514fc2d00181aef0240fb91989349d4e9ae9b5c1674f7d7533342fca63a99859e481c758ceaeef44e0907073861475e4351e6226855cad1a877e471f0f0d256c2915dba9482b1781853956cb7add477f26a501b0dd8752d331e125fe783ecc03f6552dcf97a3f1aa417f4307ecef713e7267d18a5b8188983bf2748db1d204738953131d8f3131eaf24626293b7a6fa95d35d1501301831ead84398084ebf21f1b1380b3555350cc8b2e181402dac95acd5a122352ce011a947040b2bf20e07b180c836fac987b0aacc34b949ac9f5aa1e0359db6cde3ae67706cf996788b2d316d2fbdf1c015174ca7f7b26f57ed25af350fe270a87b42f7a59fb30db1b78a6152a7f998df3e727114167ec530a8877cf7fa7b598e12f88e6c6787fefe24a0c21735f51405d4a2b5dfebf579a094497aadbba384c07444a03b53d7e4dc078fec4444848b04627bd91c3786f44e131c319c36b1d2fb4920dd22b301228322acc6a14f55d484397c3c4dd6bc24581ead4ab53c2e2807af4551dd7fbbcf0d3e117140a144cde205f7159fc115f8e4e64bb2d3bc47fee55c552b55f93f8129ce5ad455da001767233eac2a8800890fe445026de4eb444f243317d18b0b8e32413e411f5e759c34088baa61bf91ae37c92dd1b99651baba186d72ad12bd33d8579870e522778d512957f7548c72e8b9617d291d5a6b0034a445f016595f939456a5e227cfb8cdd41de8acc86e0c39ca27ceb4e827b80ebd48d99cff4cd4d3048eb45c9af15ae6a6a4d756497972f877c54e531d78a04866470dbe536ef45fa6ebcdd398c7d0de4999bf54a1d53e7d51fb42408b6e8486f7391390f2eea9ee387639312ec936c9edea4c61d8b34b946b570b5b62fe65cacb5c8daf7f497df7bddebdf6662bc81817fbfe4f58e5b81d176b816258620a9998b4ad6ef910b206cb3ba9dd0f8d50caaf5e74a8c1c1b0ec55a0c1c42570e7d88c95575cbe8a708375cf23aa5449dd65836ac84a0c0209d986462964be37042eb5bd8c4ad2aa9aaecf7f02c303eb6f44ced8c791d410a675dad2ec6bcefb24a7a68313303bec94c0a8da522f62298fc035406df7d2979a8d4029037a834905e4aee5c630b0d499fe48d2d84f7d1f2282956df3a5d0b89681735e30959237a727ca550b48c34310ea84a4f6bc83da6a615e7e94b4b605dd4c4ccb9a02e27b38795a8c9065f355e3ef35dc5d95e8840764c569aa28a770b3da97bff2312ca923c5dbe579b8c860b14ab80c19229157136b9f6e126c9a75c31d8c07586bb10aaf898c5b9b3aa230c99424a658c5a7dcee0efc138ecaa57f05011ae86d4513c0604c14d03b965bc2e3330e026763147b456c1208d2a4337aaec8a2231ad9e68272e415c9bba6cac7d1161798b769060205e733acd22b0ce7a27f951a31d67f4ae955a023041c8a1391cf4434a74145ce138ccbe42f3eb83b76a3a4edddbf134d6ddee468583f82dd26ccce7e6b22d9f9e639ed398f28ef4183d1c875a391e6ced9dc9a02e0a1b78eec6ed80bcf16b709c5f850224d5fd4362bc94b01ce1416eedb9f05a36eaa0e159972a3f1adc1d29b480c96423859d3ff8ead16049046bca192c5ac9e05a9747c44b8684c1b8d22868fc969b33cc3323b58280f0760379b31a079b2ac2d65db8fd4690859daf13281e9f8224cb03d0fe0ae1b9067e7e3342b62e54710a480b84e6e3e7754199b0e4a894d3760311449a7574f8a1a5dc9617a4611c8a0b851eeb0726ca75f198104af9b8adf1318148c82e4e88299fa10cb109c9d9ce01acc3cbfee6ebb3ef84063d01499b415cbc5de3a00e76f05f9cdb22da79f212240edc928beec73c8983109f0b3f048adb365418cb7ac13f7e22959dd279cf7798462d28af05250cb38a67d5513a7b56194b5b15d03c741c5779d11dcb16b7c6452884c69f7d3a49d30313da6af10df729b4141a8a3da9ca66b310bd780f7f15d72e82e6dfed77fef530e65de2328339f44d6620afdb81698e1adc5caad5a1e75fbff064225ddcc06c4e3120592fef84761e36bb9dc2035a25bbd6c6afa4385b3b1a392f2d0e3f7eefccf683c8f274ff2384bf16c2805fd6a854544310f6533b019f974fbf10f5ca43dee2174e5e580db0c52c7b1cdfe7300caca8bb33827e57b4dba455517098eda5ea2ecba1e99b12aaac04c42c0085628830b01c41c2869f0ab2787c16e0fead7680e49f899baa8f3c7736877f1610f8ea17eb47cd5c8ba04537d2c12a2cf45cb61e82c5fc55a48caa4904a7509856d81a1b8f167abb4cab97e1fc9432c47fbe906bc6c24687c4faba30ac4c30d9cc1815d437faa84947938b11e1e6775725807c8452af2116d318185622ab23ec74c23813adc3ebabe2b1340fc644f79d5c3e5ae99b78ac3fe7c6cd5cf36320c71de9b1adad2eda498a266f16ff9052b7f12e2642e58b5779185bd0d85a321a0e6e78834b870fb013cc6549cadc73524915219f7a8cbd4fb79186f734c34cc230117bcdcd820c2ee9892ad40e8e29b1bd5574df1fd4c74ac5b7495b85d9bf371a77075be93cd4f9f66a955aa630fba80375c6fc392558b1253899a04f5cede11f82948a0ca888f09615a6044b523dbe498c0280fa52e5006b4dcd219e0ff11fb24693fdb2df9c9fd613b6397e04f38e3c4c365c1058806005fc9967e5c59c92a9c4df5b7b9e914c4899f90996c3383af806459b36734329bcd412c9df3aad614896a3b312223528e09e6b5e358ec1a048e9285cafe90f0e67020bfc8f25a6716bb9b3a83c07568f63f62cff522382d06b00f0ecc578081fd840b3da833189cdfc8257e146f05d8ad69eef8a53cf2a1f820d53b969997942335dc0a2bffb7c4ed3a2933c6bd72792f1aee146f7a8e5aaaf007dba0eedeb3c0e6dff391aba1bebc5078b30b5d6747b8310e25394a4f6bd668956d4527cf5d77ee58e2a09bcf38c07da1e1b508c464f14504a39478f0bfee6d9d6637c23e6d758a3c67b30b67f1d957988bf39b596678ec302a8d5e35171a8affc8e1c7e71763ae8be523e32310403aed4770c3c9a52f694f75bd061ec7d81474b60300b183ce6d7c660402e424e4be0f05d868e309fb55d195aaca064da65954cb245d81e8acd6d38b462ecef59f720f333dbb653ba4b1299edf923587af12a4a2f7f0e5dde445eb05d9b9e546c9c7326d524b01051577bdbd5cc79b8e0e38cfedc33f621746deea745acfee30694543567573d851524f491d078f4e319ab120d8cc7e473577ab86c4e4a5ac9acc888c22b672db834c634dd1638ab1cd3ece33dce16413dfd83eef1caadd6cef51bef0ca25b522d19a3d43f48f68d1f3c91296998a80ddc0de0ab577efc94514c10629793e57842c0608387d4f96a782c731a58a883f1006c2ec82e9872851a7be8b00be5baf17877d0c043648329ea3479daab1d9c64edcf8b804546a8ce42fc0015c15808c90bbe528cec11c28dec8bca5e71eaa06b8eabed727eb75aadc01710f992ff81d277f49e8396a6c9666b2ba63d7d138c6c2669b6e48a8fb385b6024fc085b5be104a96784d685720c3d94c62d21e6d5867e9dd257a35bb0069db01779730110e691f0202c94cecc47eaf3befbca0d550563bfc2720e120f61f765ec35eca49842e63e74d97a7be61dd2b34bdb97587937f4d90857a0f5047c279095644d474ce73dc048c73694589d7e640f27f98763bc49460776486ff3472dbf2ef3465d56fcf90cdacd1e24f27d24ef05c8e1c9671d0b4512e6fcc929f15564d23fe5b0e7f087c838d112bc34d693280f54f845e52b0d8e76d6efa5d2176b5e20e97e5fb99e2b3f22fd5c98cc5b4cd39d5e6793d7befa0545219081cd8319b71f5530dbb9036d31d6ee01b449abc1f78b", 0x1000, 0x9, 0x8}, {&(0x7f0000000140)="4e8fa6a6eca8aa4894026bf1cfebe306ae1a00347498b20c5c0d64d317e4eada8756312153d533f94eb89079f2a4ec4e26b65344096b44975f92ce3ec6f3b8dbfd9a3d8966cd2f08c9bb410770ec11eda445e8a67891d7e4947d20cb83", 0x5d, 0xffffffff, 0xffffffff7fffffff}, {&(0x7f0000001280)="c515fcbca00a36c865511087aefe839f333b916447cde8a9537e6ffa3c0e9c95509350fe4278c8714fcb12db9e3170b8619102c99f18f07891ea983c43a057a85fb75f54dabe9332051cc615fbcf600627edbd99a0c6e5e6001e1efb07fda7ccb9ca7e0da30b3471b78309df975e0949d7754b61126f0dd9c6d8a6eb5cea000e7d9fdf187505e0e9c4dfb81ac90a2f1d58d889dd9b527f838b2f322a0e67b297320b1690ec32ee439659840ee3de64aad43f4e92934ac135d1ad3298ecc849fce5a60602661fedc73bf4ddff07a34e51198f62f802b8c553a39b3db486111826005e2472634cf7ec3d9e68ce8b21dc76b9940d26ffa50ca281ed33c59827874f59e5526172602ac99c631e7022181061f420c5035a5022af3c6662f7189e1eb0330207d84e3b8be37461d4755dfbd10ea462a2b1f6a865fd5ef36455c2dca64a32dd781f9b5263cc0fe964d0301ca8af4954bcdc7b6b53f77f4d68ae53bc17273dbb465a1804d60de08782db444e041d1528bec63a633a28b714da05d9a339d668fb67c8850174d6bb9040c4f7a2fde60a47c8d06dd9d820ce75c7a8a29142002f140c5f70c462d47cd0145e389dde8886d8dd2efb4b53d8c2f5132239230061066c0ca9de67e7209d6585f192f10e6b8c67738a1b1e3e42f716ade16c39793d53ced90db9f943372a1e921ee91140edf45eadb3190a399f9786336a397df1c759bf432727341aa5558d49402a6b3e6c39346da89294b400fc95b2d7019c0ab44e42467c579e5a8df4d4c5f4c6576512680fffa215d8a159127c2b8fb6656cbd209206e79a9d21f7d54287e1758d60062a8712438337cde115f98ee00d3b6c6ec446115ce6b234b94990d416acd65b4b62ce208e2700ae2a8c5081beeae1e354b06527013f02d489f3c9f079374a5b9a686bc406e1767906c153cd83644f4b5c9e6a9ba38f010cde3c958bc278029869eeecaead2656ab62f39acb1c5bdf6a975305e5813930bc0a5bcbd5aa81436dd8d651ce1e19eb40adf84451e1dc92ff8c0a6c7fe990fc070322b03176eb9c56d215dcab755f397dcf665d49a1869ca873f90aee99e6074dcff91b9416499d27c506a751d771e969eb5288253508736724124036d3c7805bf0f4da95ba7a4fee2444b03a49341df1fd2832884c05de7e66708d8162ef0dc5dff87a4ab6b092db25522db9068ca73fa2e409072009fddcbaec7ce885a4ad016a44336ab1f81d9c618f8a4a6bac0861701fab87edb5ca878f4d6aa76fc9b2e3228b60c5dfbabbf087b653171eaaa400327c581fb256de948e77e08b6058444289ef2524fd9f0dfe94b15a46160fe2f88c2ca443de7e902ad5253446c6b2fd638cea7676106a5ffc80c012cb20e57458731f36d1ae4eba19d5d33d1a54208ec1fb3e38084884d9790ad3d33cecc2691cd679e959d4082d9c86e7223c1c39c10ef99f7bbb813f64242e4bd738e9e53ae010c50c3ece3a4aff2e3213512f3e58090751d779b82717def48b86cb51f106c35306a1bb02f3f48d41f31ebdf44377541c1cbb50725d45cc72c41e419a6c28ad5c652be58434a25a35e49655e03aa74c95302d49328c486916ee59257b1959adfd00f70a6b4e03d2eaa3d506a20906965644e59f4e451bddf09e4d0dbd476a0cf69fb6ef7c442679101abc3bb2bbcc9bd67504399440b6e5bf1689240e98262657827e0531380c7cc3dbc2b72cc8439c421d01bbf0b5dadb8ca445c26ec66027efdc6c3460f14eb3ade6e8140a23bafd4c3d10af09f8aa5482409843fcca9a94824f0bbc6d97cf3617746e77cbedcf47586c05acd1d6a0968a7395cf6272e52401936b981661a9fc78343059721aa1443cdc9ab7bf11a722d58001316a1b7f06024ca2b9554a27a3e9600a6f5b4ef90ae5033818a79e49c7a31d9f931d2dc047bb79655dd60e05b8c57db2b728a2baf8a678fa422f225b6761dc356dc6caa4929e1d556352a5f46c7b57242cedfb7549a1d796b185bb3c28169bde1f3bbffb04bf88cd31a52cc3814e7d20affcca0d4a0471ea6da00f1f4bcb3dd3c3c859fb6e80e07d2443921d71d13cff0ec9bb99916a8bed2ffe4fd56d0b4d252d64352ab4bceea4ef71bb3d6929f74bb58c21aa83b34fa24bee1ce2d66901fd06beaf24ed7aa55cc205e78d39cb63ccf99c410d2484a873095b7b9664e872ba8586aee65b74fdb0e42a620075bcbfba5c825fd6710f770a7c02755e29bd8aff513ee673146472ae4905792b7df6139b5552f8dd7a453b54ea3d2fc43176bd9df732c46acf84ce5c0c20d43bd0afc559bccddf3cb9e63635e79c3a3334049db69c9c6283cbbdb3b6c87c79218a9a742e65ac1fd4abe376960d8a6984e8f70222761ef4bec950439398a479487d1b3458d262b31417207ad8408eebf936456cbfbb1c24786aaf30566ea2436955306193b4fd6fa5909ead2aafb08bfc34602a627a28226896926296587d0221c011e154c8376bcb80f8a18df2348c982d08760408fdf72da0236a3f1e901595f2f0263cafc28a4bfb627edef103bccd4d4f5587da91c36764a602aea54268f7593faa29e74eca4b297875b9a099043d8d1901822822e287c54e7bac6a6e51290b10a59f0a75f9e4c0527422b741b0ceaebd8f579720ed8c60ca50f7c2810d66dba5e43569e5010cc33c897a2ee3c16bc6434595bc2eb2043d4d52ce4c484636ab6835f628b73ea7bfa8576b76da249cf60a9ba698812b25d7f78630ec58b10d6e4901717ec517fea4cc895b3a37ee41eb9abbc8760022fad09186d7af4e94a4bfb3f823e75ed71d1fe2aa738590feaaca3165cf597ea10244aef4117d54a5f7788b85574f769e6c0a6e28131b13b92a385bef008f87326f8b09c6d3331ff80de6ab282600d30a4132110dd8e02db0606030c3e90509bdf9cbdbdfa22284202e9e894e6451952a54d2f09432adf417d602a765d88d1d787e07171d642a5bd76e678465b70e49cc663a15f0c79b875027930d0eac5eb999e65e65ae37289fcee999118988f3d82e1110083d5a533d18714e4d6069bb18cb5c80c1ec6ea590e4372786fda1171c052413b557cfd1c2a670f3366886350f2a530b3156a071f006a19209a5f1f8915ea56a124c706e1c1ce2832ce6f8a3422fe7837229967c0f73bff0b1f47795553cdce106c66d74e982c8a85c6a95c049e1a2dad29972efffb288453e60cb7b78534de6bb44029be6d98dee7aaefb75443567bd4d01c1b8955c37466db4c162439c4a9005e206621e182e53526ae343254b74f062687c7a23960590c2c377e774ae4e9879068f53ad80548ec9ebc98d73fec1e73486ecb0af16d7e7e3fc2d10f9e9f977a8a51098b6f30476de896eb405776c8aa4540e57b01c4218b94abe6ee9059549dc44a03ae56c1c38ef986419b73f93b813b7e29cbb3471b1f87648b88663f5d5f57a8c08aace7151290826c3faa3ca728f61c23d23ebb28099d572fc2ef3eba580540ee221beb45f21613c11e61ebe70bb090ef27b82f88868614fdda44ef3230ded57793d7a3a023547b0a64859792933d513b6ba202e31dd53934cfff0a04a323e0f4d149ba892e0e5f84ca69e2a456ceb315b4cf447d6f0eb2cc08d43d93446a83cf8a7d647d102352ac1853d6cdb16dd9155f6c3d7e24c7652421a426a569bd5ee0d78ce6137f6911df68877f3fc8c8a83e3f8a4f8e013213b402be0082f0f48a10069da4e33d6e48cb5426874033d7cd92f91c3dab09e048941be47a97e977c353b07117d73dba34fc72ce2d171287f66245b130ba58753eafa440c11834c4564d7b492371916d1046630046a0cf259a4e8df1836f6b7e017708f61dde06257fd498e4a7ec08e46342c9515525153b87cadb10a58c5e9aa541540f72fc7ad155d4b0aedd045e9d21d68a901cfb40f7b93e85d75a2c000d65ecdab6c6d2f8102a7d55d2a1464996488a27752fcd2a1d3afff53b52eb238d1de8aab4c093c91dc594d772f7773bde98f6ff074c64c5ddc244b6c66c7f9c679ca7ffe621e73a284517bd7bf6b344ce1379b23bd1d3df00dc5edbf0013a097c20d9649d65dae408f2669bd8692728f0f977f75939d5631d001375ca021bbe79846cf528cf97ae544def748c0172c1b8248af8d33370be714f658d10ca23f36538ac4767a7b4a77b7d313a4b0a2d59151e05df806f3460939f513ed8c791a1544e1fd4f2a7b13b203f25adce48e147f25951de7fceb823570aead65d163380a4cb41d312b5e2e95f4f2611acd43475e4dc40c54d3b0427e90b218807c9ec9bc328aa3cb9fd7c42e9b833db7cfc7ccc92699597076dffc914340cac00faaad3a0b60b79663f77d27afb5d0be08144f1375e3c4a869bcc546a0cfd5cf70b8dfd50cc634bee397d33ab55662c6a669fc40772013d9778c5149b53a0b9c05f04887e02e368cc4084f7b005bd9896893f3858f0fb334731bc99972ea725e055d835ebcd024c24fc7e4fe6dc9a90da47223f11159cc0cbe680f577799d5bb20a263a36dc462f1f88ad2e1d5226e27334499d1544a133b697608d5fa9bcbb89c91b6f6cc920c3e0136028fab395fee3cbf4ffea1f92466c32db88f8b33841eb6942c1909665364907b83ff6aacb6bfe3443fdb5a13e100029c87adfc184e752673cb9b484708196656fd87e26766abb795b49ac198bba736abca1ed2836255edc67eade09629bb4e5641548e8dce153fd038f46e38f6cde8b44b35a35d67db16cdfdf9688a23bcd7316adba3ecd9c29fb6a1b1f27570358d98a64fcd9eb4d8686769d29e44cb8046a70d54f08a9736b06a8aad1082a6898997a9222affaf8fb71bccc4631aba003eb0ada6f3bf62a2d5781a6ced2bc199899b25c023b8350fd49d399dbc91572f2a320a93a9f271942655ef45da09e81f0e357ae0a6c3e26f3ad3db5bdeea93e99818b797fb6459524b0f20c58e4c07a0db5767d390e296000ff8a7e845714bb15f3e13fc6e837c4435e3b0af61b8f4869c9c6298f5c37ec361227b92651f8a5b7b4d133f810fbdfe17fb041d7ca6400e0cad60367df655f324d2abf87cbee7e522495dcd112c5f47e40146a342fd7e26a6d18cb2033bf39f7877da85a98c69212c17493f280578341e5e2c4bbd75dff66c19affa8dbc6d55606972d43c95400f0d52c642d20b55849f3530906cf8b4425f43385194ba4ba7e05ea5960dc819098006be59d8fbbeb7a3072e41a727c223bd03f64d75c98fd25ab54d273321eaa4305dd6db16867fdc79d1ddb0bdcf6acfbb7c7bc0ceb58f76856fdccf741196ac275eb17a3c804c4a022e586b6a921f070562b229826ec25eafce6ddc96b30f5767c056d59c39f03a7332e9b841127d0a1a6e958a96433e9ce799861d73c3aaec116f7d37ba64eab107fbf3cfdd785af3d184220edb4dc85a8fcef2d1af88e541450f3c0b70dce492b274d14df2a125ab13dbd9e900954b16db111b4f0a95610ea12ad0f65fb9fbd6e3b75335988a8c6cbeb3c54558767b9ea7eaf97592c68e454c69a19262f46724eb1504346cf73d76bbd77098c63561434a1ee2112796b30399a197c6de63d08a77195214ce039502bdcc3b62b640d6d485a10097cbcbe4995427df993a4e8b2f88fc67409ca357773cd7aca379ca5fe844e3a47cf4884fb077c9d16b4b65eb3fe1101cec521a9a1f43d181dc7aeb0f0365cef2bb8524925db7b208a5e9e41097d6ca3a5b08574c98f38d807a8ed249c5d8accfa5499941a83c25023f7d07d865f1d6df61275be3b9218b4f24fa9cd32584e256d2", 0x1000, 0x6, 0x6}, {&(0x7f0000002280)="1369b093801db629c199ace2cced06dcf38a595c17be3d5284e926d8486c7cda81f98cc07c08fe1cfdab03c2c5badd7d5cf85f4ab85422e508b9d1f346551575929aac07751bd2d59af2aca01e88b8e78cf7960d80f254dc5fc019a482c5267c454591c1240fa5bc5ad425549a02d1024802529efba03725c119070c63672f75f532b1ecbe0caac151b304226d56a7a4ec98fbd0a3d5ddb364c903197fafcf", 0x9f, 0xffff, 0x3}], 0x2) 20:17:31 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa000000, 0x4022812, r0, 0x0) 20:17:31 executing program 7: socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:31 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 67) 20:17:31 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x400000, 0x0, 0x8800000) 20:17:31 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, 0x0, 0x0, 0x8080) [ 1554.846395] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1554.847407] ref_ctr increment failed for inode: 0x3e7b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000035d04186 [ 1554.865128] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1554.866153] ref_ctr increment failed for inode: 0x3e7b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000035d04186 [ 1554.883411] FAULT_INJECTION: forcing a failure. [ 1554.883411] name failslab, interval 1, probability 0, space 0, times 0 [ 1554.885331] CPU: 0 PID: 8990 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1554.886189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1554.887247] Call Trace: [ 1554.887582] dump_stack+0x107/0x167 [ 1554.888046] should_fail.cold+0x5/0xa [ 1554.888523] ? ext4_find_extent+0xa3d/0xd30 [ 1554.889063] should_failslab+0x5/0x20 [ 1554.889544] __kmalloc+0x72/0x390 [ 1554.889978] ext4_find_extent+0xa3d/0xd30 [ 1554.890501] ext4_ext_map_blocks+0x1c8/0x5850 [ 1554.891080] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1554.891726] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1554.892378] ? ext4_ext_release+0x10/0x10 [ 1554.892897] ? ext4_map_blocks+0x5e0/0x1940 [ 1554.893444] ? lock_release+0x680/0x680 [ 1554.893934] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1554.894510] ? lock_downgrade+0x6d0/0x6d0 [ 1554.895079] ? down_write+0xe0/0x160 [ 1554.895581] ? down_write_killable+0x180/0x180 [ 1554.896187] ext4_map_blocks+0x652/0x1940 [ 1554.896750] ? kmem_cache_alloc+0x2a6/0x310 [ 1554.897322] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1554.897946] ? jbd2__journal_start+0xf3/0x7e0 [ 1554.898548] ? __ext4_journal_start_sb+0x214/0x390 [ 1554.899203] ? __ext4_journal_start_sb+0x1db/0x390 [ 1554.899854] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1554.900566] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1554.901203] ? down_write_killable+0x180/0x180 [ 1554.901831] ext4_fallocate+0x415/0x3860 [ 1554.902371] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1554.903102] ? ext4_ext_truncate+0x250/0x250 [ 1554.903679] ? lock_is_held_type+0xd2/0x110 [ 1554.904256] ? ext4_ext_truncate+0x250/0x250 [ 1554.904839] vfs_fallocate+0x48f/0xd00 [ 1554.905321] __x64_sys_fallocate+0xcf/0x140 [ 1554.905915] do_syscall_64+0x33/0x40 [ 1554.906413] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1554.907086] RIP: 0033:0x7f6d60f48b19 [ 1554.907593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1554.910028] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1554.911055] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1554.911998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1554.912949] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1554.913901] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1554.914853] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:17:31 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x42e5fff9, 0x7, &(0x7f0000001440)=[{&(0x7f0000000000)="69fd24b8e5d0f40c7e5ed4cea65372bd080b17d3068ca547e7d653dc4dc164d9786755bdb29d8c34924fe1d78c29332c0d9081ef827f06de414f2674129e2a3c476cf37fb16e8caa19c11a80aa3440b3ea2e6d293b7d2aa48e8558ec2e2731af16b78cdbdfce931e6f04608c7db6fe00141aa92fb810fb6c4a9a00c9e4ff221800f03b9a02a517103c585660e1cbba71b45e84a41bb354fda8e600558737862da3e375df4c64d9e2cd1ddf2c267f859af00ebb54", 0xb4, 0x9, 0x373}, {&(0x7f00000000c0)="3b3a9ce0b51012991dff869ba728ac64508b75f9c9f72185e5f19a742d4a6ee0e76164e19aae0d27550b2bdb66c7e19d7840473bccfaa84067b4658e11d46a3854a16de2625ff5f3a63a325015c565e1c6f6243036e04c5f6ef1bbf96d0cdc4cdc98af8077b44a4da54598d2e6f737", 0x6f, 0x6, 0x8}, {&(0x7f0000000140)="3295817fc4001e016910514fa319fcf61a5c386ce48492f5be2e76", 0x1b, 0xf68, 0xa000000000000000}, {&(0x7f0000000180)="fec91367aebee99894a32240a8fa52033331d9b5f40c9b6d27", 0x19, 0xffffffff, 0x8}, {&(0x7f0000000280)="a23d759cea1713e26e22f19136e417dde9cad76f5f62476ad590d15aa0454b0edc5a6b365db56825a2794f7568c9e6a142525a34e3ba5b731e3e4949c3260f1d229177721488e0bc61063156572ade24964064828089a42678cbcb4023d783ed3bac520b88e7f3c4cc100fa43fd942ca3786271994a29bad9de271e6413b38573b6bc438343c6e211cb1b05e12681a4ba7f9e0745990e15c4ac744acebe6151b70659127024e06f287b81a6855e1b5e07b1a2f4798dd1bdbd2153908198e0b88af887dfcb9ca86996a1d011239cf58838f10a269093c77c6b33bf4c3e4da3e4d54", 0xe1, 0x1, 0x6f0}, {&(0x7f0000000380)="7023c210fbf9e0f3468686968212b0411e40c77ab8429d490b02845827864906fb0bde85e18f69c8826e193cb2acb68e4c1d9cb405dc899dc4947a1f56b28d74733f8b7022c2399537b9c0e954d6f4469ca0436675de12736c6e8b89e44a8d0a0f3f3a9267aeae8a85d472438aacb80baade07f4c20725a5577a7573b241795fba73695035806734589eaede2c836cffc14fd17635d4e938210f5bae01e7de6b75f24dbf34746ed84ed62cc44a7b12eeb5f2cfa545", 0xb5, 0x9, 0x9}, {&(0x7f0000000440)="8a48bad3710f63b3e78c35c642bd610c914643fccdc0d92456a8ccbe7970cdf3999983f2b6515b3769fbca13f4b97401a89854758330ff60a8fd94875432d59537bb616ce50b1d8e40c1a8c84e7a628888571af9401657438fc82452ff9b2de3d79fc08c7bd64407595d522771237d63633477c20a748528f7f9d328474ba69860dd4209c0be99d7d3de934432be614c5d0bd42f92636b33e73aecf2c209cb01e109c804143d6b0e198246ec5ed8a76ead4cb4d77c7fc290f9a7c604796fc495f574b57654244e8f7ae84cd014f78c873c14df9fadeae98dd7d2ed2446f56a0d4213aa065af0305d575f59a47228f6fc8e0769c0d3bc542b3a5508821c755a3684f5575226ce680a7ea5f1820ca114cabc369bc55c5902287ff79cd9061cff2b44186e5d906f5b87c23919b300b5a8252e055ebc27f2bf7c531bac29255cd3c0a8a279c8cf14115cab6f4140733b47f1059d4c896e34120f15f9dc101d2f304304a38661921d313316a5022c6c8ea7b6925f1cbd46465ddd71775f6561417c00f373d6e1cc46eb4cdc32ee970d2289f4ecef76718da07ee2cb51df68602274d16f1f1ccf287356b1ba6dd06e04724bea41a9848047b18677109ddb6e73a8dfa2798bd29667e54744ff12e479b130fe11b39229bb52dec21324f507a282a16cffc7c7850261e77f204698bb41fb3a3c07ae857a20e56c639ccbe3e93dee0033063cc999d16f8147d9ffac98922fd48004148cea195a4b73c085f418a4c38500cf3e2587d046c38e5bc62ed6c85d721cc07b168ea4317aa87c961de71b9ade211d187cc4933096ca0e5380dff6a5384b88b37848bf8db31aeb82ed580ad150bcd139c070be98d2e7f99c4bbf1fcd7f3cc28a489f53226c4188dce3647b9c3a8241501651d30ea17dc7d93b8a531ed642249948e95a11cba7934970ba42c9e2b7c1af4d5b5b7caa2ebea473192ee3c3abfd2989195ce680b6e679dec0d00a32562289023600578cb9e0d563c54c92f00c42d7f14edc0aec0e3f3ed33b2cc458c85feef59be97aecb696f1b7393a61e3eec90b9bf71865cd1a675b328a7e4bc63c1e11768a8e5d507b7c1f12cf4715966ee052f1a0155031114181c6b11102f4697679ca023f3ea9dbeea8d1c42c9b500d3ce31ec535bb3051652db4531cbdc77f5ed4261de99461d8ffdcf0c15a4391daaf25823d974f84c104635b03fb6bff6ed07e0acb6e8df5be9990737064abe61a7908d486cd179bfa66f13825c53bcdab81daf8a530c37df304c1f59664314560b146afd278c5ce1ed1e28565b0b0f196ebc71310b86e232852038bb12d7e11d3bd5efbd6ca8f8fba44b78084375d1406afa0afebac7a18b3cd8c7b0b2d5fb1e8e881a6bf7c47b56a2a5834c8278e0ef0ffb6add31b23f639eb712c6a484e4d4cb44e64662989f8ce81e7d11f995dd6b55de9286b1f8bbc7ed4d52ba18ef196b07dc796f7d240e3c88c1afa8042f0f438e86c258807fb98761054653f634100051c08a285551d01bcffe3b07447ce0850d4046820261c3b5097fee8f64e56facf2ee34f460256f8fea4e3c52db05a76981778be53ac18975ec1b1fbee33d0ec04835d692425ba00b6448da81734eaacb5599f8fa5cc91a5f6c194c7008237578e2697699dd6ab6bfa8a21a91031435363782d0a42020f8fdc7152c27c0ae8fc7a49640fd29e6c880eaa405b96827d3ae30d7dcfb96f9d76885790769f52b69ad691f840030d18bba08fb0f1f7a867e1f338fed379cd1ec47d4366e388e6fdd03389479f07e5e7ca8a835b2c6f342b050ffb02aabfe3d4b8b772f501ff025d08d4dfe70385519f42a3f8b395fcabc047b93a80fe974f5ef9c49defe0471332fc3710daba0193f40ad7b4e48f9103bb0a5ff312a48cff41d497adb61cead62bbcd15b6ffb8086f437a2abca886641159218e0a46edda353d1751db6b20d4246c956eb0818d4a4dd2ad9df87620df02739627d4d5fa862ce95ef5e1552d5b384f7e9997764c561fce20b2376e7e4be4ab7b5634db5523138836bd77ae30354c31e0288fa6ba29286d0943fcd55bee70a57cdf9542f7e5f932b219f1db1c0426998b4ebe2039cd10a97dd7a8fb53cda1f621cb18a9d70c78b0bc06285465629edc79239e8d14c3f9b3d9660c8cb9438d894bcfa9d585875080f1c8d0e0c59ed45ffc36df6d9754f728efd6ff379385c1664b8758ed2afff6a530f3074bec35c5da92f3ae13f7ade05c8241cd1b807d52123fbedbdadd624892df549e04ed8e05107bfae5779cd16f810567f7ed5b648ace019bb84db1b0b43720b77d76b1757d8c610e0769b401e871b5d8f1737f5fd377fb1c2109020d03c533b2d45c7c64ff12d566a20d3b5c6648a94d20f8999a3bbd4ccee02978be19c4d7a0a0c6c363bb819e599b293b7a82936274e9ca7945eca5b357b474d17bb29e492453bbb888ed40eda2a62785538604a6faf4835e5aaee1ff1537b88d02d770159724290377332ad88b31a27741b328595e10b96789a7c513fc0442ad35bcf78aee82244d57c3553de210a6ff6c4fe17b95de9a48fd627280c403cb04812c5fbe68de692cbeff7ecf5b1b592e0c7bb0be3bf216c672a3d50e22e0e5b0d98a2820c8b00599e05a655ad438cc593bdef13b051754f8303e66002c159175ca2ceaf834b807dd7135180bf01be092dbb4ee66abf0dd417d89e910090de0deb9e184cb84d6f5f4a27f96e8f8c7d122314da14071fbcd7ca81595120690facd2f79bfb384aeffa5fc45f8d303bea831e7f183ef8449273ae4bced1f98a0790370b7a9f54dd01aaeada2721463d941cf2f5e502c41aa848acb0c8368c278a0bdb24ce50a984021de969a2d8b969b840e9cd108224cf5a264f822ae710d5696d59ad9f9e5c10c40fea3bb87fda392ce7bc5a2c63b77c3de12cdfd3024c325088cf8af020b6d60ea9e6f96fdc14ef44d98152aaa3767542226ceb51139e804e26596bd37b6d6806779554f2d08acaff5b9aa8d539e2d5569492779962504a9be53b9bcc0ca1be5ece3cc802a9cef99bce66cf30cb1e76c5b9daee780af54ed36e08970e5d16de7ed0307581cecce2d059ebf0673d698a0577346c4bf55c4d3a5337ac42d05de76e94b71b8819ff78e2dcc2cb07f17ab720a5420ca57949b417058f61f124b5d0b0aacb8611deb16f2647aebf26d82e6b15f6a8225ad9e356ceb4ec2f4921300ae16e979ddd1fa1acfa3fd13faf6322b80e9bc1a53e6ec6bb014322851a8a8c313c9061089b1081c369211683e3c6edf9b7586eb497eefa218744a2e63fbea8f237c66f00eeae2daeaaa6c130d45fcffe0cf353d519612f8f771407f8530415b9067a959f99dac7b8a7c3418cf1695c79fe7f1112a63291cef5d3b66921842104192c11c7ca78835aba92aa39b285698a63eda564f10fea0baae3e12ccb1759040891a8d2db6ebbabe1b435c3a2f11d384ae5fb6dc564fdda3dddf18e7274c869e4a47cdac2f838e813cd1126c0f221d337f1989e7c8bdb59903f7f917a8b3cfb35f8b9938d657a08bd44c1dd475ce4c3a4c8826a18126f907d11e6c70cdf269ecb601ea290ea656168f1c9c7435040ece2abeff1eefe88b059cd376d3be7ae12b26e6021336eaab03f1fc33bc413cf1fa4ebdc2fda949a8953a12c902237a4eea4a23395d6dd2c8f3e7a3987e904d8513be37738377bd5b7b985cb8f807de4d11cf65df5add2cae7d061e2177b78d46fdf56fcc086aab030260070e12b4e792188e9baca91806cbdb6b22de3ccd8005fe5460ce4ca16aad4e3891c9a59695c783449e7144006fe2fe42b368cd0418d9b27757cfae579ee09d13b20093e0f5a24b0e03aee3e502ffd35d886c7c754491efd761c163d1243d4ce4e68dd3262b17fa173ba9a474a857627f70eb05d990102b410e6329d82b44e76c6dbcf3a5e3b6293d43d0438e4f440e968014e0475692b16ffcd6997ec389fb59f9e0b97a138ae819ac7780aee776a8d1b983f5eb69fceb7f57a069a7c22c1b6ce81b4607ae380c96f72ed0e8c04c1d10161536951a3b9e54cc48e6fba34fa432aa982a8190eb9bfd2815457d928d0f78bc57af3a336f26ddd9c9b63738dcc2bf3e7fca208a910ff415f97d1086d19513c8354a71848317af79e51b88ca1f40158996da175cb38255547fa92f7c5557ba4b9f1f92967696c881f007670957644ec248a90e5fa9315bd1416d4ad3296cd13c811729b8959a3c2f2e020cf1f24d0ec41a74ce859634b0e3ee68fc16dfd6678881b629ced156d47d8aba932552f590924d9c7b69e0a935ce2c1a0592d9503ac897dc1589685478f42036835bf321ddbf674c2cddf4dd092da8f62cfd54b6cc6c65ffeb874709f19384303e54708a90cad13ca9ab1d4c67189076b1584e00577abc911443d88494cd98a007e1c81d2b7c96d328fef6e1a03ee5579d41b9dec0df1edd3e906f165afc36f53df8a819e2ef80062a1b5e861cefecf090d24ccebee2eab1072284efbdb71392c6c91c0bb7ecda68c4c07ecd3ae8c742fe51bdf6e3ae083717ac6061b9c8d7f7568ae7fdb46343a6fddfb845fc97eccd2405866d72604a0026454daea127d9bc084de58973df4f360ebbc12425e8c84608c8dd5d6fed00e804d483fa957f309fd399650878312e184be14215f545c18b2a8613a5b8f95f41b5451c5800f57c83a8e63fed023b5c78d1c7c4766817d80539732f50aa3a3bec80cecddc4eca918a2a5a3a49ad5a4f8c1b03816e35ab4808e895b6fffb8bd0aaccc9c66e4aca3268a1f63fba6e147e6274ca6d05c8651126ff4be06ead406cee29cbb066ee76d8642b174d13d8a19898e0c98888b2c27cd5eca4a189d366d56b6016f6ddedbd4994c2ccfda9b6ca38e26f4f3f2bd6ec980c5302d62c21cd136f72f06ed39983cfc2e63df5f0a17bd889d803486d99df1e5589d39a50aa0c027dda5d06962fb65e23f600d8459bf23a6a8ac75541c49a94fa42d9e2f951a919b0ca81d3609e0b0451002808e2d706b71844b856e95f1518600c38f11f541750c0beb2780aa7e55d289471fa526801925da16e8678295262b756c2530129935276216751f0958619d5072bc03e24c4befa7226f37ec02d338d90fa20a1c22f00694afc5a55ebb055eb2e4b8b478249284c04bd630c3c76d4480b8b567a72f5f093fbed2ed5f9f89ba482e27dce1e148c99bc1ea8b994976cf5518fde19803e91742037c38a1c3702bb2a5d3f3254a4a37f168d635de67e340afd10cd4514736b4d2637c3c3e97f8c9ffe1b2001a8b8904c6e79e20f028edb6d14a00cb6cfc049172a37199369c0c45c5e31fd7d403a123c9928e313761cb6ff0642df872876b3319d0fa71308e82d5bb35ee5aae62c11de81494f1e59655df2a2be2efc90df3ddec4b52a10b2270c7efaf426a582a7be4e90670874a284a2813e1aef7cc2b201c8a2ef0d2790031e6b053c4bc6d068c95131f28b87e95dcc12add489301b25bcb3def61198edf0cd1726f60298e2e0474c5a8d124fabad4b806141f14440d18add8121057401a8fa8d3e3b7868a5df7ec25bb05386fdd1fdd527b233180849f11d5879eae7842611874f9bc97b63cfbabc87a1a60925543ffb40e15d2abe254f6038ecebbe2828e6e6013ccb3b6982e5d017934d9c28fa967bebee79cd4215a6ca081ed0d075dae3067451b3e568585939d0a2bfdc65e6a6b100ffbbc0e415a582538ff6c0d0cfa179bbf3ec965161691270cc2b8dffa0e4806e998b0767f99b84dee01ce89229283430a8aec", 0x1000, 0x0, 0x4}], 0xa0000) kexec_load(0x80, 0x2, &(0x7f0000001600)=[{&(0x7f0000001540)="efd1c9c8ff830d1c234fd5144e835ad6ffa2993e305631992edbedc4ab6c75036d24df16c35df60ae0660c940181556a033a0f60ed297ba3508d5d0025b946945e33f2c3c07993ec66450514f813c91fbf855a039bdb0e91d07a70500e7e067ecb74473345bf8ab14c7b3a281704d8b9a742905b8e20781c98b3f6e46dc28df63e661542dabe918250c70e26157a74e215a16d1cd36794784c4af196e69ac97e1ceaf52d8b0c86567e2c03486527b341409dc8961a42", 0xb6, 0x8, 0x7}, {&(0x7f00000001c0)="794bc0fb6eded3f04caae8a8948f109bcae9f4a3480150d7c40e29b8e9b33cff835f9fec0ef2f677d863cd44d6f7e90b180934cfbb08c74b41cdac84ff2950ac3c1aeb18eca7334e1efaeeb619d88f2122eb9ac370b49b9f", 0x58, 0x74, 0x2}], 0xa0000) 20:17:31 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x1100}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:31 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, 0x0, 0x0, 0x8080) 20:17:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x9, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7400, 0x4022812, r0, 0x0) 20:17:31 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x480000, 0x0, 0x8800000) [ 1555.010223] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1555.011176] ref_ctr increment failed for inode: 0x3e87 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000044c1db9 20:17:31 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 68) 20:17:31 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x1c00}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:31 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3f000000, 0x4022812, r0, 0x0) [ 1555.059661] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1555.060581] ref_ctr increment failed for inode: 0x3e87 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000044c1db9 [ 1555.087462] FAULT_INJECTION: forcing a failure. [ 1555.087462] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.089808] CPU: 1 PID: 9024 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1555.091187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1555.092891] Call Trace: [ 1555.093448] dump_stack+0x107/0x167 [ 1555.094198] should_fail.cold+0x5/0xa [ 1555.094968] ? create_object.isra.0+0x3a/0xa20 [ 1555.095910] should_failslab+0x5/0x20 [ 1555.096676] kmem_cache_alloc+0x5b/0x310 [ 1555.097514] create_object.isra.0+0x3a/0xa20 [ 1555.098398] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1555.099428] __kmalloc+0x16e/0x390 [ 1555.100155] ext4_find_extent+0xa3d/0xd30 [ 1555.101003] ext4_ext_map_blocks+0x1c8/0x5850 [ 1555.101941] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1555.102995] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1555.104055] ? ext4_ext_release+0x10/0x10 [ 1555.104897] ? ext4_map_blocks+0x5e0/0x1940 [ 1555.105776] ? lock_release+0x680/0x680 [ 1555.106578] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1555.107529] ? lock_downgrade+0x6d0/0x6d0 [ 1555.108375] ? down_write+0xe0/0x160 [ 1555.109133] ? down_write_killable+0x180/0x180 [ 1555.110076] ext4_map_blocks+0x652/0x1940 [ 1555.110927] ? kmem_cache_alloc+0x2a6/0x310 [ 1555.111800] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1555.112728] ? jbd2__journal_start+0xf3/0x7e0 [ 1555.113649] ? __ext4_journal_start_sb+0x214/0x390 [ 1555.114626] ? __ext4_journal_start_sb+0x1db/0x390 [ 1555.115607] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1555.116662] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1555.117640] ? down_write_killable+0x180/0x180 [ 1555.118559] ext4_fallocate+0x415/0x3860 [ 1555.119367] ? __x64_sys_fallocate+0xcf/0x140 [ 1555.120272] ? lock_release+0x680/0x680 [ 1555.121068] ? ext4_ext_truncate+0x250/0x250 [ 1555.121959] ? ext4_ext_truncate+0x250/0x250 [ 1555.122837] vfs_fallocate+0x48f/0xd00 [ 1555.123624] __x64_sys_fallocate+0xcf/0x140 [ 1555.124489] do_syscall_64+0x33/0x40 [ 1555.125231] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1555.126278] RIP: 0033:0x7f6d60f48b19 [ 1555.127023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1555.131019] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1555.132715] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1555.134315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1555.135906] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1555.137516] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1555.139111] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:17:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7a00, 0x4022812, r0, 0x0) 20:17:45 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 69) 20:17:45 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, 0x0, 0x0, 0x8080) 20:17:45 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x500000, 0x0, 0x8800000) 20:17:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x40000000, 0x4022812, r0, 0x0) 20:17:45 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2700}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:45 executing program 5: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xf5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008801}, 0x4001) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) [ 1569.550877] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1569.552412] ref_ctr increment failed for inode: 0x3e7b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000008fef9384 [ 1569.583103] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1569.584677] ref_ctr increment failed for inode: 0x3e7b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000008fef9384 20:17:45 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0x1}], 0x1}}], 0x2, 0x8080) [ 1569.620220] FAULT_INJECTION: forcing a failure. [ 1569.620220] name failslab, interval 1, probability 0, space 0, times 0 [ 1569.623131] CPU: 0 PID: 9042 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1569.624395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1569.625909] Call Trace: [ 1569.626395] dump_stack+0x107/0x167 [ 1569.627064] should_fail.cold+0x5/0xa [ 1569.627763] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1569.628597] should_failslab+0x5/0x20 [ 1569.629291] kmem_cache_alloc+0x5b/0x310 [ 1569.630057] ext4_mb_new_blocks+0x64d/0x45b0 [ 1569.630872] ? trace_hardirqs_on+0x5b/0x180 [ 1569.631665] ? ext4_cache_extents+0x148/0x2d0 [ 1569.632485] ? ext4_discard_preallocations+0xd80/0xd80 [ 1569.633432] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1569.634301] ext4_ext_map_blocks+0x1d68/0x5850 [ 1569.635142] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1569.636087] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1569.637039] ? ext4_ext_release+0x10/0x10 [ 1569.637797] ? ext4_map_blocks+0x5e0/0x1940 [ 1569.638578] ? lock_release+0x680/0x680 [ 1569.639297] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1569.640177] ? lock_downgrade+0x6d0/0x6d0 [ 1569.640984] ? down_write_killable+0x180/0x180 [ 1569.641869] ext4_map_blocks+0x652/0x1940 [ 1569.642652] ? kmem_cache_alloc+0x2a6/0x310 [ 1569.643477] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1569.644319] ? jbd2__journal_start+0xf3/0x7e0 [ 1569.645177] ? __ext4_journal_start_sb+0x214/0x390 [ 1569.646100] ? __ext4_journal_start_sb+0x1db/0x390 [ 1569.646997] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1569.647963] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1569.648843] ? down_write_killable+0x180/0x180 [ 1569.649702] ext4_fallocate+0x415/0x3860 [ 1569.650441] ? __x64_sys_fallocate+0xcf/0x140 [ 1569.651254] ? lock_release+0x680/0x680 [ 1569.651978] ? ext4_ext_truncate+0x250/0x250 [ 1569.652778] ? ext4_ext_truncate+0x250/0x250 [ 1569.653576] vfs_fallocate+0x48f/0xd00 [ 1569.654306] __x64_sys_fallocate+0xcf/0x140 [ 1569.655088] do_syscall_64+0x33/0x40 [ 1569.655752] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1569.656672] RIP: 0033:0x7f6d60f48b19 [ 1569.657337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1569.660630] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1569.661993] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1569.663272] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1569.664540] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1569.665829] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1569.667099] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:17:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:46 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x580000, 0x0, 0x8800000) 20:17:46 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x4000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:46 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7f510100, 0x4022812, r0, 0x0) 20:17:46 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff2f, 0x4022812, r0, 0x0) 20:17:46 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x6e, 0x80}], 0xa0000) 20:17:46 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}], 0x1, 0x8080) 20:17:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1517f, 0x4022812, r0, 0x0) 20:17:58 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040), 0x0, 0x8080) 20:17:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x80fe}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:58 executing program 5: ioctl$F2FS_IOC_GET_FEATURES(0xffffffffffffffff, 0x8004f50c, &(0x7f0000000000)) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:17:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x600000, 0x0, 0x8800000) 20:17:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xccffffff, 0x4022812, r0, 0x0) 20:17:58 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 70) 20:17:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x246, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1581.885020] FAULT_INJECTION: forcing a failure. [ 1581.885020] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.887674] CPU: 1 PID: 9097 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1581.889123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.890903] Call Trace: [ 1581.891466] dump_stack+0x107/0x167 [ 1581.892247] should_fail.cold+0x5/0xa [ 1581.893059] ? create_object.isra.0+0x3a/0xa20 [ 1581.894063] should_failslab+0x5/0x20 [ 1581.894883] kmem_cache_alloc+0x5b/0x310 [ 1581.895762] create_object.isra.0+0x3a/0xa20 [ 1581.896709] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1581.897815] kmem_cache_alloc+0x159/0x310 [ 1581.898712] ext4_mb_new_blocks+0x64d/0x45b0 [ 1581.899679] ? trace_hardirqs_on+0x5b/0x180 [ 1581.900619] ? ext4_cache_extents+0x148/0x2d0 [ 1581.901585] ? ext4_discard_preallocations+0xd80/0xd80 [ 1581.902726] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1581.903755] ext4_ext_map_blocks+0x1d68/0x5850 [ 1581.904756] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.905889] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.907022] ? ext4_ext_release+0x10/0x10 [ 1581.907920] ? ext4_map_blocks+0x5e0/0x1940 [ 1581.908848] ? lock_release+0x680/0x680 [ 1581.909707] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1581.910743] ? lock_downgrade+0x6d0/0x6d0 [ 1581.911659] ? down_write_killable+0x180/0x180 [ 1581.912644] ext4_map_blocks+0x652/0x1940 [ 1581.913540] ? kmem_cache_alloc+0x2a6/0x310 [ 1581.914469] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1581.915433] ? jbd2__journal_start+0xf3/0x7e0 [ 1581.916394] ? __ext4_journal_start_sb+0x214/0x390 [ 1581.917440] ? __ext4_journal_start_sb+0x1db/0x390 [ 1581.918510] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1581.919647] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1581.920679] ? down_write_killable+0x180/0x180 [ 1581.921670] ext4_fallocate+0x415/0x3860 [ 1581.922544] ? __x64_sys_fallocate+0xcf/0x140 [ 1581.923511] ? lock_release+0x680/0x680 [ 1581.924361] ? ext4_ext_truncate+0x250/0x250 [ 1581.925307] ? ext4_ext_truncate+0x250/0x250 [ 1581.926249] vfs_fallocate+0x48f/0xd00 [ 1581.927092] __x64_sys_fallocate+0xcf/0x140 [ 1581.928013] do_syscall_64+0x33/0x40 [ 1581.928809] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1581.929912] RIP: 0033:0x7f6d60f48b19 [ 1581.930714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1581.934607] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1581.936220] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1581.937757] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1581.939285] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1581.940835] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1581.942369] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:17:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xc0fe}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:58 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040), 0x0, 0x8080) 20:17:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x680000, 0x0, 0x8800000) 20:17:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x300, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:17:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfc00}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:17:58 executing program 5: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=0x0) fstat(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001d40)=[{{&(0x7f0000000140)=@abs, 0x6e, &(0x7f0000001640)=[{&(0x7f00000001c0)=""/119, 0x77}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)}, {&(0x7f0000001280)=""/67, 0x43}, {&(0x7f0000001300)=""/194, 0xc2}, {&(0x7f0000001400)=""/227, 0xe3}, {&(0x7f0000001500)=""/68, 0x44}, {&(0x7f0000001580)=""/139, 0x8b}], 0x8, &(0x7f00000016c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000001740)=@abs, 0x6e, &(0x7f0000001c80)=[{&(0x7f00000017c0)=""/13, 0xd}, {&(0x7f0000001800)=""/220, 0xdc}, {&(0x7f0000001900)=""/116, 0x74}, {&(0x7f0000001980)=""/104, 0x68}, {&(0x7f0000001a00)=""/202, 0xca}, {&(0x7f0000001b00)=""/43, 0x2b}, {&(0x7f0000001b40)=""/150, 0x96}, {&(0x7f0000001c00)=""/124, 0x7c}], 0x8, &(0x7f0000001d00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}}], 0x2, 0x10001, &(0x7f0000001dc0)={0x77359400}) r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r4, &(0x7f0000000140)=0x9, 0xdb7b) statx(r3, &(0x7f0000000180)='./file1\x00', 0x3000, 0x10, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r6, r7, 0x1000) statx(0xffffffffffffffff, &(0x7f0000001e00)='./file0\x00', 0x6000, 0x100, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r9, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) r10 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001240), 0x107600, 0x0) mknodat$loop(r10, &(0x7f0000002040)='./file0\x00', 0x2000, 0x0) faccessat(r3, &(0x7f0000002080)='./file0\x00', 0x31) sendmmsg$inet6(r9, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r9, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="83cc1155bed4966c24e08cf91550a4a740a8e9822c7d6f9eb61360cd826631b651dca8410d6baa056153ea84f9b32e66b9ba2c7f7feea6b24af75d7c4faeaa", 0x3f}], 0x1, &(0x7f0000001f40)=[@cred={{0x1c, 0x1, 0x2, {r0, 0xee00, r1}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r6, r8}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r9]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, 0xee01}}}], 0xb8, 0x44}, 0x0) 20:18:10 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040), 0x0, 0x8080) 20:18:10 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf5ffffff, 0x4022812, r0, 0x0) 20:18:10 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x40, 0x9, 0x8, 0xa, 0x0, 0x9, 0x81483, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x800, 0x0, @perf_config_ext={0x9, 0xbb4}, 0x42000, 0x22, 0x7, 0x3, 0x82, 0x3, 0x4, 0x0, 0x1f, 0x0, 0x9}, 0xffffffffffffffff, 0x1, r0, 0x3) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x9, 0x9}}, './file0\x00'}) openat(r2, &(0x7f0000000100)='./file0\x00', 0x80200, 0x12a) 20:18:10 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 71) 20:18:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x500, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:10 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x700000, 0x0, 0x8800000) 20:18:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000, 0x4022812, r0, 0x0) 20:18:10 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfe80}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1593.946771] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1593.948479] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bfd83652 20:18:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x600, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:10 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfec0}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1594.002474] FAULT_INJECTION: forcing a failure. [ 1594.002474] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.002843] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1594.006303] CPU: 0 PID: 9134 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1594.006866] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bfd83652 [ 1594.008420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1594.008428] Call Trace: [ 1594.008455] dump_stack+0x107/0x167 20:18:10 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8080) [ 1594.008486] should_fail.cold+0x5/0xa [ 1594.015014] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1594.016097] should_failslab+0x5/0x20 [ 1594.016994] kmem_cache_alloc+0x5b/0x310 [ 1594.017951] ext4_mb_new_blocks+0x209f/0x45b0 [ 1594.018995] ? trace_hardirqs_on+0x5b/0x180 [ 1594.019990] ? ext4_cache_extents+0x148/0x2d0 [ 1594.021031] ? ext4_discard_preallocations+0xd80/0xd80 [ 1594.022255] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1594.023361] ext4_ext_map_blocks+0x1d68/0x5850 [ 1594.024440] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1594.025658] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1594.026884] ? ext4_ext_release+0x10/0x10 [ 1594.027833] ? ext4_map_blocks+0x5e0/0x1940 [ 1594.028818] ? lock_release+0x680/0x680 [ 1594.029738] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1594.030847] ? lock_downgrade+0x6d0/0x6d0 [ 1594.032032] ? down_write_killable+0x180/0x180 [ 1594.033304] ext4_map_blocks+0x652/0x1940 [ 1594.034499] ? kmem_cache_alloc+0x2a6/0x310 [ 1594.035661] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1594.036717] ? jbd2__journal_start+0xf3/0x7e0 [ 1594.037810] ? __ext4_journal_start_sb+0x214/0x390 [ 1594.038942] ? __ext4_journal_start_sb+0x1db/0x390 [ 1594.040077] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1594.041301] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1594.042432] ext4_fallocate+0x415/0x3860 [ 1594.043341] ? __x64_sys_fallocate+0xcf/0x140 [ 1594.044345] ? lock_release+0x680/0x680 [ 1594.045242] ? ext4_ext_truncate+0x250/0x250 [ 1594.046255] ? ext4_ext_truncate+0x250/0x250 [ 1594.047235] vfs_fallocate+0x48f/0xd00 [ 1594.048101] __x64_sys_fallocate+0xcf/0x140 [ 1594.049058] do_syscall_64+0x33/0x40 [ 1594.049884] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1594.051009] RIP: 0033:0x7f6d60f48b19 [ 1594.051833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1594.055905] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1594.057586] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1594.059174] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1594.060756] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1594.062326] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1594.063913] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:18:10 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff0f0000, 0x4022812, r0, 0x0) 20:18:10 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x780000, 0x0, 0x8800000) 20:18:10 executing program 5: ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000140)=0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000280)={"b7e2c93647053162cebfcdbda9d81865", 0x0, r0, {0x89, 0x8}, {0x2c75, 0x9}, 0xfffffffffffffffb, [0x8, 0x9, 0x10, 0x80000000, 0x9, 0x4, 0xffff, 0x7fffffff, 0x0, 0x6, 0x6, 0x40, 0x7fff, 0x5, 0x5, 0x5]}) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000005780), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000005840)={&(0x7f0000005740)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000005800)={&(0x7f00000057c0)={0x1c, r1, 0x20, 0x70bd26, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4840) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x7fffffff, 0x6, &(0x7f00000050c0)=[{&(0x7f0000003d80)="2418c6583f3e749c68ce7e7a28ba43f3f4f6d824d1847d2e022306ea2258b6d95e9e1336cd8fde0aeeff718a37d3a4958c5aca63322f70007548cc06bd125bf6a0600e79402df33a6041959292f9551899e4e6152b725f7bb4877652e2bdbee2bf2bacdf28a6aa6a7bcada53a676aa6d408bffdb0c1a6065e7ef89f3019afb9c948d5125ba698f850cc88dc7f2628b0316b5ccb8c54c782799d061813dd9f4bf275a9042e8b708173ece603a3f934189fa500d02b69e7ba7ea66b04727d043f0ba729a097e31f019e0036b6395f9ac7c6441fc8a5343e3905e3b4fd6f69bf237a67ce74bcc2cfc24a4293c78", 0xec, 0xfffffffffffffffe, 0x3}, {&(0x7f0000003e80)="bc5c4252a3a2e120eb38dd4a64f1dea1235c0d5db93e5e4dbc7fc4b5d45110ffd16cc6167f55a6e93ade8782159281c4927efde92f1731918d76433dffae8b5801461a7eb6c4c10c1fb7f7b04ec2cae7b863d6fad8", 0x55, 0x6009, 0x20}, {&(0x7f0000003f00)="1a65f1c705b881fde16aa243760ce1cef2f0b653ab961edbb980aa7912c8d0e488d57b10605e7b02ba7754fb9644ead2877360c11d2207158e55a91964844321b191f63951ec95c8036e7ff74e327d3bd515f485129e38cd1943b89c14c46aa9725688f34dc3612fc22b9972053de0c5db4610b6fd9586e497f7f49d8253934dea00f09598c86b023cc1746bb8a9c72ec2a15089869b993bdb8cbbf887b06484ded61ca7f4418c16ba557ca3262bd92e9b74776ba27a51e882d688d67f1dc690424694fad4152d555690d16a3002ca41c5823dc196fe53c9a5cd598e29463444d85c9291e093f6b7ec6394984f5410bd3882b222a92bd91ec1e1f526768b08f29cc653ba183d034e2937d9dc4fc15e703d0f5ccaebd73dff2be38ea92d986497a8508fc9897926fce6a8801b03499c757a152f4574928eec032fc02002535645c927d36e3b5d50fb50ee973fabf67e983a4b75dc4f7c5ff544b8f5f54a31ef3c1d9540a0653a44e338940d92efbb3a1516b3e187ce59ddc195a91b236607d7db6170d362dcb7fe166aa3bf816575b61e5101b6bc4e5d14e329d592d6ecf582bcede9fbe1cc6f53a253195b1c33c744a60ed9262aaaaadf07bea4bb2dea4efb1d1e56e7127420ac420262daf4391417720ca7889085285811e5b5cb2041269dbd796bfe240c622b4fed49f69607d9b5ea13eaff59e7b623810da8c0d7ebf2f6f1de23ba906d0d1cb8bfe43e03842fca674058461770ec8f144efba3a0f3cf17045978ede34d006abec3be618c925daf962836c6d2068928b155e8ef9a9aba0e5d8199cc27f6c35458d3bc92971adb03f880bde7d23314eb1e06aec331e3d84098fe2b127b94d17a405fe6fb6b022b00e22dd3e9ec368416fe64e20e1f5bc09fc3ea91c441e54a5c9839e9a5b16751da5f4fc131f185e3cd8c6c14bd2305a89768b0473b07a9e4261852a9cde0086a3158d1e16e0d7f053d6ce50bb570e09d71b6fc96cc73ed0cdaa2335817c16bca13d7632f0ce4a7fb044339f7005d48cd620173fc3d2159f02b94d25a2083ca09555f5ecaf585c0a69e06dca9427e476b5d93c03092f39a74cdded7894ce702c5209266568f5d0abff69f8f47babd204ac00caed5521b2d9d41e5a41f66d4a2be10dd86973984e2a0ca0f8b1d4d8bd3c7a188f3bbc7a765fd401415e9813eefaa7846df34bc7652cfe2153ac9e3092223ce9fbfd378ff1037631556e08a13f241497ea75af5fe52d1d0a624ee8f290467c3a932bc9c73655c81fda7e4fe1269f73619d81ad739d4733660c7f90aa804bd97a38723306d4fd5df1d7b0453681a8341d2b325238a8308d96ad0479f1712f8a74eee1282d448c3e87501f39ea52b1bb3876ade1d9bcdcbce6f4c4e7c7dc943a575483792e99ca6126fe7f97866d3feebb30329b98b7e6ed4546a65300d794dc542485aabc1f51348f21f37c575468b116b6ce75a3d9e7a7c8c8293b73636fee23fe84d68037db601f9016a3cf4d237bdccb33666d74486ae279a7040a7fa3f7b894885bc46e60ef0b75882b4546488b1b572f215ae5e887f4dbdd6c06d30e59c566a9ac42a836f88a1fa79cc6739ec8a0ef806ebe8eba04cb111fa807ee20a46a3f6953e43ffbc909464867a2286b4fdecdff98ea3fc8e0dd6e5967f99cc7755b8b3a541cdfc28cc0a1c5a91258308b617616ef564823bf4e5cc3e3537415b1c3ffdc6a1b85bfe493951cbb3a14212dbd422d7feb8585ec24c581013fa66cbdf9d192e1f03e52a630859f200e3cfa3a2f4377a2817cc69337e83a41c7e0f6b669bfa3e30626fa58626fe37453978aaa69724b7682ac632802efed5a7a613b7420e02395b4849781cafe59a5422014ad6456ef53210ff82fa3af002c884c1353931c9f057bfc86f1a8181bbf40ab04f9fda543d0b7cec8514cc619a01fbbfc21b72e605e5b0232b6657d709bdc232517702adf9f7cee97a0e17e9b537ecb2f9f938e44b2219862d85f1d077ce223cf3e7cd3a301920e3c9cc1bb2b1124dea283cf0a7a6a1f4a13ca323bf67d46e4344be35ec6f1b949dde3e07d30064b34851a776ebd96d069be5504ac5575128788ad9c49af3c4f4892ca46d27e1f4b70905bc0e90bf4b6415da5b693157227df29de5b7b7f167f3771b8a2b02639a05a166472a1768e778ecac87ae83d70d3702503d1ac11ec9b46b4810576d9d4e58321ff994a9a68cb0eeafa781229c7bd3c2c63fadec20d4291317e868fe61181e65a7bf1e7d00deceb712f1e23469689b83ade83d5b837cd62e9cc485e6b2c96e587692e734ffff008f3577340427104787d12e87594142842a9fb8e9ea8f40f4c01590605015fd7585ea74108125a9092470c6ad6f4a22669f34542061111fc961b87d3052f676002ed480249e660576d59bdeafe2bc55ff7d208a60f97fd50454e09b28cfb1999f03258038809f689da0d3609f7cd7c259a6e896614546d53432be2ecf59d836c3b119c009f4a1037b6b07f29b071e6347f223b041ffb0f0eff54755985df9bf641c4325a78593881d0d587da9990dcc69b3e09153edb80e4e921e903be063d625b2b4816123203f916b0df31c6ca85fe50eb0fb00913597e29fa16459db0c23b953761f425afe45e7c2089cf798a618ab37ea91758651e77807e948e37c8ce6eb7cb5c2c2bc2cec4219fe0db69f9c29c6320f63750aaccd23ffcae030c1b5898bfd474f9d843fb2413f965bfe568326fdf77f2564124aaa6b3e5ea2909ec70aebd6bab6d6dc561bd0180092d16e5e73628543a0e2bf9f62c539f10ec4b4c86c782ae478626ab7420856cce24821c77f8319113d69edb78c1b979a0b44ea9ef048862cd966d9146811281a8b690073f91a8c7d3572ba06efeda3a7f79941a813048495466fa9d31f3434b37c4208788d5c435a4af9a7ea47d16fb4ce69820713684e032b57aa3fe086d96ce32a2fa45760515722a94217d84897271b84dcb70c74bf6a1a2d58b4b2897f85591c4a43009ad5dea121a6f503e64d0a33b45f801e0557be99144c9488eac844040a02454051348c0c2f5f0a841e611393b75d2c4c1875da918512857f90ea3e77cc5095de9da3e6b04dfe9c5d18e8feb5d8ff3551dd0fe96259ce7be52d18279cfd141b9d38879a3f9c89a6c47446aae8c7d06d5e0397fd77a409cfe7e99767796805f74c9718e3ce62f1aaab021de62d335e1e3c056e8e21bf8f97c1b18b5d487b8e0d058f7dda4d3b77f8ddcacaa64ade5f767328ef0da1d3d9c07dc5898157da5697a890250ef63fef7ed87415cfdb4cf3a2179082c493cb981087e7a4cf544b404460b950e465719d80731345083c3c036668087a1260164b4693434f89c223a33fffff976fab19dd49a3a8d1d51db61509a81cddfb8527b42f13103ecbb3ccc12be9d1e6e91286cd5ae31b08597fe46dd96af305b6ed2f509f9cf02c552fff5fbd115bc970db23bbaa671f314f9753d8734f3113c3280b4c43841f2184f64d7e18e089c7a05ee8aab6f3ed17610b1889fa0619ed495dfbc975e8dd7254618864fa339113fb738150d6f3e6b477973a1d8f834ade678052a2a4ebea9978e583b6841b348593f334093a02000f2eeee64299f8db4933b1299193c8f6cb5c78b93cd3d9f96b8fef61733b85b6b797450ca3c30fd2749d7060f631862e40f818fd13732531a2bf2d8182242b1e82b0143fea318de7e62a4b3f8605929c2dd1713cb0fc80f486b0851b1c3a3436eb472204ccb6438395dedf55edfd7ed75b4e17262ea366eb7728f42d11fb0082c50d3436d3d59438d51241bcc5ade1bc87ec84ae88c539bc4b285f304728e7331748d90bb76c32d0c6e39d33d76d34e7a48a6be196d90e2410b5e4ce004f2ad12a543855ce9d1d384861b5aa7c33a0bc311b6b0d5dca4b3ba6fa79bd064e9349f0050bbfb4b012a96ca4818507d067de242b44e7cffb2c26308eb47fefffbcd4e94e51e5b808612b1de7edc1afef671b27ac2b0201dfd1807689d03acf56070fa1b42349279bd671f7e234f8305a251c1d30ff4b03f05a27b642ff620aa234a3156e2b761c507893bfc47ebd1843d5b77cca2ba34cefc10ac23365c33863d05c4278b0d1b22424700228845edb9a00beb74221799b744668918c1dced3c67193a7379a0ac84634e8af0bf38d3d99e3a4521959757b348fe41c3b83de3c39c127c5c3298814f1ceb4cfab3eab77da6c37bcda6b7d4ab66cc94071fd7b7d7b1605bcc24081eb3ef5eb2095dc99fe1360699ddd20fa81b76f03225ae782055f4ea916b1ffd9e7c8bd51f29429ca5ca23ec09f20056b7dc50cdc1947c83c306ff0982dbb7e1d5b1f2d40e9589a00c3731fdd58e09cd0fd999129cb7ccf9877a3dc7f7c33c4b5fc08f9bfc9d38499afb7347a63023c87435b2de96c6a6485cf2440d994b56a1dda863a398f3694a207f68dce1cfaf1e2fa3785fd27b2f887f71b43e5e56ab16d3c45cb0b3d735cf75700599bb8ba32eda48b1e8f00f289f79a6150b755fd4ec53cab47ba0602ed140059f5b28bbf34ae7dee78d6a7dd8c76b169b86654675943a7081b750e677b09e4ced5eff936ffd98495e5546454c65be5ab11577edfdf38338e3902a81fc7ea79fb527153d4e86f25512a6d1415c3ee95fe962576d213f4cf15ef45156317ad30e61cd5959a60889e2185087952c471f343d55608792bbdd8af96d2bfb77b9faa64569523999d15f669443df5ce279a50ee45493291356a6d1bd2d98a81274ccc185f0d9ae841227f48449fb943908ae84301247f6ec2f1385604998eedf06c5637036505d89c3a1907ad6ac843b683a1c3ca771c6ddfaaea5b62a3e41574a8775f366b91116db34d0dc542940ead2c4e5e0ffa4fdc0359897afc157234ebba52bf7e6ee8554952b597d3fdfd0665f8b735fd0a20b73550fef682389a259ba4ba872034307f0aa6336812dda8742bb36db42b1868a907b1fda906e87ce9b3a2f5e669c999a0587aad79f7cb8ec5ee9ab1ea8ef9a9eddeb1b65939d97808a2018779a3e93fd0488f285ff90c81994154e6f10de198be2274796cd554b4b8fd3b4c5f7a913074f676744479d744bd33f81ac0691357641a8953eb5564d3d26825aeb057e227538cb622dd1ff53471032cac1ac175be9ac128ea3d9a3633e30dec2d2603a14485da3fb745321ee1562a20db47cf302184f5f859464797c362447af7c1a12357b93edd447b842e1fb4aeec4b53deb29f56c669bc46cc8f1519a85de482d973fd8b6447b4b6646980d7babadf93991223527324d8efd1623492a86cee44031a041299308884f3a9eb93ad93bffe6d059fe2ed46ebff745051056b82b3c74fe3d39a97ac3d1c3906da05e04d03469dbfc6e8659426f434fdcd7bdaeff4a69d1ab9de9c5c9f2e2fe1b7047e546a3fdff8509814ef9744d40874fca32623bce006189897a70a5fc03aa97b13e3e75db6f9700fac2a04ad4721f60ba8acf46d32bde740d33fdb7e596a7996c0fe2445d6ceb53b475ccc122234584b1f3412c9f057101e2360496f461489f8550030027c0c1b7042b2ee4d18f2d65cf6d48432dcf2cabf99eb629d843d65eafd95683c0bd4b58c24acf817550fb046017a04ab61799ae07845b200e686d2a6a390a0e6a759e1c07d9d9eb94ff257714311f1e2f89eebc08d8c2b865a99a6eb154a2fb9bb2088e4bd838ceb27d8bf5f3b24f2f66afe160c953a53b141085efe31b9e1c3c29fc0d7f420263a31ac3ac5bf330d81b48515103a1b2cfaf2320333739124f2b0bed1ef2e9b", 0x1000, 0x5e, 0x8}, {&(0x7f0000004f00)="5a3f4758a9217c7c9faf10da4ed449b01f4a955010473d235c1d09c950265099c98a59a3fb79d5e7e5a659978367dbaac6f28a991458d1721c984877c72e169efdca6fbbc61ea3ce9a9f062520ab891533939dcd1fc4facc8634a15fab94ad8011e7b6f667245caf09551094ee453456e548edd7b70258", 0x77, 0x7, 0xffffffffffffff91}, {&(0x7f0000004f80)="0c8981b473ad95c5201f135c0963834d371a69df93d1b6", 0x17, 0x100, 0x61ec}, {&(0x7f0000004fc0)="121922e0b8e7d2731d1dfceb650d0bd1dd12d9c6c202ff111a478c6d4b8777d1a80955dd76518120405721065c153cba36bf2a241ea8d68ba4b283f5809ec6a694d7d88834130afd5c26c4ac9f62d6270cb5d16a1fb71f46cc525eb4e66937489013f265a02a47ccf97281e82162d72a32a7e347cb87b28916224204aa214f6710ed38ff5db14ed8f94751c1d59bff349d20b9472292b9c9f50fd6f170028757bf7eafb2ed61b38fce92a071c0c2c20627c321adda9efc8e5a6d75e0691bff16a4", 0xc1, 0xb55e, 0x1}], 0x80000) kexec_load(0x0, 0x1, &(0x7f0000000100)=[{&(0x7f0000000000)="3469391822549b87ccd4e4121a3caf4e25ecc52434e79b817e94abbcc9315630d37831444c3e00e395b3f1922216e71273ad2ffec589956797d792a3d3a43a498c57414a2018774cf45292a8e8984719883227dd7dcacb6cbf2843c10e3db30178afcb6ab481d6c8fa5448ba55e79a5fbd09e191adbb34b43e1b426ba8aa5c151b766ef55130fcbb0aac2a2896a86a72d48e7fd22291aed5dc23fc95b9c32f1c8c7070c6ea0a4c85d5c3fca02944bec734f95e6768f267424e48e703fc4e7b15d405ceea63a5f586acdd6b793e358174ad4afe87e4b38ffa50", 0xd9, 0x0, 0x5}], 0x2) kexec_load(0x9, 0x7, &(0x7f0000001600)=[{&(0x7f0000000380)="c7e09cc6b15c0195227449e8195dc72e04de10d65443c1617191eb653276c6c75f77522e0c3d001a4767057350f0ba06810b100ca18f54469899e7f11d9bdacf22c68b8bd343a30e3b37e956d955e3b2fbafda06f29107304dedc0d80a5f513fe20dbd5e233f87b793da7fe7ce682c81b30cf9eb18fb6b5a9f97eb553fea0e546855246446e287272b4419e6eee69c43d8fa0d9a027b9ea9b1362743b9738c150d619253100fc7fce98d6a4e85de2a1de65613e84f45cb1b89b23b4d53bf78c90a967b6635069a54218c0d6f48a1442e", 0xd0, 0xfdd, 0x1}, {&(0x7f0000000180)="8948ac2131b6958c4532d2a07944668359da38333078723f339f66a7f14c78188eb426bacd7336a5dcea8b1f487622fb750129291d", 0x35, 0xfffffffffffffffc, 0x7fff}, {&(0x7f0000000480)="98097c203f2b3cfeaa8d7637d5051378cbddd8a8b59c1d3000c798ab10ee1b6acd1582210201cd4e260c600683797fdba7024139f53f37f3f402047d7a5a6621af95716329c1fbc39cfc07f50a0212294acf930572c1df6055aacb0956c672d32ee57662d44c07da3a9e27ed0aa3e36bf86a15ccebcc20cbc5c35a60db785a6fbae40102835d413178930549ff52801cfeb83b5534d0ae457b6356e3d6b7eed31f49c4b73dee409404839bc4aa2cd8554923dfdfb2b9bc0d5e62fba3b9290d971d877c290c56c25358056a0b1b1c666283a1fd0af144839a186b1798002a776c94aae31fecd5019bb2063732e9c5a8e3a0ca2f430629ef", 0xf7, 0x4, 0x1}, {&(0x7f0000000580)="e6fb5ea34ee69d1355f99f0ec390e80961d9b78f4d229754489ebbdc65cabff9cfcd4738ae5b8ae5bd107824343bae05f5d57727893e33a53431cd6316458d0303d75c6988200c52ca3282596a3d76f257d3d4bbac60f513c2cf548255403687cfae4cdac753b04665d18a61d67e75be3abcfb6d34f8f7d579f610d12f6f3e3c0e230722b676a51ba70c5c8b5361624beb314f701d1a3cd8e5442c0c10de3f3d40f2e80f4f9513e490d797e3b1d9eb1ab41f57d5da96d4ef92ef2d00503d9c2bab060af7d3a2fc44ff3f7cb336a899982626db437e050dcc9280197cafba739368f9f37fafd21ff795357e563e5fbcd976ffa89e114eef727f003d7f410f19a764846593365e76f7a8b2d0d0bdbb88bba1d058b1acbc075efc8b83e8bbe5c19f9eed1eea61ed9cdbbbccf7961598fa386c0f00e69f564cd65ed69f2d4aef08213b9bb262b3a886a9c82fa6cf8d40637faa2585f62ac65ab7577af9ce500346f31296ff11ba57ee6c4a97d467fa201d0e30844a690ac71a49f176bfa6cba494f7df3cbec9bc5a0557dcfc708fadd671807604623f15ab79a9992267c2ad03f7d3af15f24b34ba1643cdef473f365aaed343b2b4c870a540deede69d09b6e0be627d886c5eaf1534fbdc9d93116b49a8b1f796d32bc2996656a5dbb8d723f18d9b9ba9831c74f699121691d29999ae73aee89dc9a2c42a3575da6ced6c2a5da98191b3eee93316d28a372a2d16d58a33f887163e21a195c1729b62dcde67db4205e4ae271b0505c1716a17a7ea4a3e86bea99031a2847a59b473bbf66e03a943dd5759e40182515d8409479c4710ebb9376542c5a290090c0b7eec1f245fe399497b09c8d3ddc7d9b0b1f688bd5f390da7ccca264c3451ac360a06743932ba1aeddc77bcf9c595add859699bf4e17aa98acd56644707ef003988aa6087d53ada7557d26eeb6022fd44dc1c7bd20024f54fa684d19fac2acdd91322729d806de27d818f8d7b1c21eba6b0774774882b9ef81f78f6a057a6ebaef1ec6fc280aa86b6d5ffb989a267b50e6301660b39853c78cceb1aa136b1ce7e57439ee278d9ebb3a1d1ad1938d80fc54d714f9f4615785da0e888c8800805647a642b7e5371b5deff920e11c49ddac0b1171512860173682bbff1a52012d153f2849457a4bdd1efb89d0fe174a472efe9f21135cebf83b9dd00f8f55071c3dd8547c7dd562a931ebccad6fb000601b5bd4fbcdddfe79e3b19d4bb7590e526d53b34de43a220d8ab95ebb5883ad02c6702029d89d12cf387fcdd5d5c50126b0baef897e6e4e99ce5257fb817f08e99c8692f79eec738ba859bdcc998b1bada54bed6eaccd6461708e5a5958bf79b961870e78a6dbd9e7b1201ccf99742366adc1d6f1d13181c237e35dd41b2fb5dfec7aa627c1c99f22afdba373fcf341c114e31cac4140e3058ec8ebf374e5c4cf59c6e9f82d43d26ac2e66559a1dbe78b6fcabeb7b067f0478f5e60c4738ddb503e1020d7596c8fc23ac74d2bdd1ab2bf47f9b69ef3804139c0f12afdc669cb924e7e5c41e2d05176bba8c823fd40ca91a4c5cd75f3b937740146dcbea2c0c22fcfa08b25d9d6789231b35faec7790c2799c179a2d24b822ec83ea41efc07a515791ede31e298229df823bc78e3a039384a023f970a033150a4ae0e1dfe0adae9675524b40a8d29e210128ea214821fd9917b58853d8d16082368e63b0a7608b6b8b4b46934a06e3eee4d20cf2cadca3d2a01fe521bc27d88b588abec6be2cef0fc346b864ff8dc2a6f1d4992449a1fb9686710be95257736881cf29239ff13160ed6aad9dc438047fff705f5ee3782a2508bfe03c02411fa42ebef3d0b63fa91f6674f25f03321efd976edcac9fdec863f5ce71cff6404eb3f8ab2d5c603860395781027528bd418c68fa2c5113176b377c2a83a79706f1cb0d8b3a9b78ad1b6f67beac77a5510bd5e1fdf6936a341187765f3330b00f1c6822ad430bb0146b822ab32dadb4252c8b1843dbe60fd24ba54916813bc3e65319971f4ba802de75836e92352e3f5fb7cee84bd9d72f51718c1bbc192896d265bcddccfee6224f22b25766716633bf709c9b0a49d9408c8760a6bf2a8a366adf8e83cf88952c9a080bd4a2bc6ff3e91b5f8835e81a17d098fabebcdd9e48e929a8cc718db114d73ac300b5eaf9b08b11f9035e99c1d45acb861fc3557a730b4f0c65a506ea557f0f4296f0494dfaa1bd32a6fbb88b13eca9863cd692067820569c3375b08ea7fcdc900e574b8d69e86b4c6e30eafc917c49af6b2245168458162d1b27317bad5f0c07a61bad58e4bdb320316325575af163171a533ab2f6aaca01bbed442e711f37f28984d4caf9ad32c9dcf56b14b7db08ea1e94a266b1c7c23c9dc71f4283c8f7328b0d34ae40da520ea6195f20b4acf8c2df46f171c1b7a0cb3bb33505e3524e6c94cd19b78f20f580f1d8b87577e4c8becaf194961f55acf386ddf9095392e3194d8ade530c604961ca4a5dc298c01fa92fce135da308f466406a14c8c8c5670e4d09fc8571e70b2bd1b793d6d2117052798909c3cb110d4787660f402260c557d266569f8056fa33df7298d0c6f951af627c120675d22c16bc65c276b702fc6dccf53b91933bc64771cd99f92fa393630119409de5dd50ed1b975389eec3dc371a18bf0a4e88d8169d7a8615f4d78515c68657b09a0462e1de2534db970310ca8b0db33de515a7626f979ae40c3a832dc1fb54ca0b48602a740a52cb4d1715606c200acb24f2542b36ca18325aee00735d0eb4cbb532a65f99e0b5d8cdcf1b5f818bbd96c3cd8c81c93147a039f4d9c5cbc8fecac6ac88182e35e3698ae267f372f89e48bc4be1c43762c408dc9e382d2fcfc5a13a6079e08116f360a00e438d3b64fd53bc5ad7dcb11a41441a3a5282ca67319358d6a3e9f8cf9eb525f5c4c7b8ebef3c833cada951d13f50cda9c06c17fdf08d0a5fe57e036707c46acf0425521fec05ef9032b54ba480d94750fdba2aaa93847abde493b8fe7eaed069679319ec13f129f6d6534bb55828e4ba4afbfa6f9232169e953ebba465dc94031a1c0510d35151573608dc97b047c8408a4ca11d132b5d3bb1dbd7202542e0e9ca91840c89bdb37694ce5a5f07e34797c68082b2378e233b1f6f526846c69266f5a68f0a6799896852d7c3bf380fc931e735b3bb3eb4418dce476e0d5fb9bf70e76349a093f777f875650e99499b4593cd8688155f4f107e877e8c57a447d1d3d1c33a637d067b8c6e1ffae136a70c98d023d42dd6be0a5d26138fe61f259668a6e74fe41ec1b34e5795c1b145159aeeb38fb84d810e922f2f33864bdb93e2b1c20ef6f551fced53c1b0c9612aa0858a7833f4667c8f0ee3f6731f606d499fae5e4bc32630046b85e9b54b4bd551c040bbe01c22afdf02363e5eba5af67b88a9111c61510f138911d274b053742cd5e5b37d99171649247d6df36e9f0e684ac5ae5641dcafa767248222a8711955e5744cccabc5aa6e9a0463b065aee9f5a623cee19941bc8517fc51bdead97e3a9e187bbc2de7ba019dec4931fdf79bcf13d9fc734366f923c9e8f03edf09f16cf3429ea95e9e6b9e40d822ea70606597b35bf339a692e0834265a9be49a589fe35d2472ed1ef2f323821ec0800afb9047728f852af91c4998c96deef44d7865819702e72af4eafe46d3c6685caa51ad0f801e2268857953d5a73f467954a53b7311adef2ddbc968b5d673443c6bcc1caaec918b498f1b939e9e5bfa78d61a48783f13128b2f5ba88db0e6fe184e900fb47850874cb0c5f321bafdf902ffaaac4244915281952de19736f8fd5dcb818dffbd90b069c851d05d95633b998ee7855b8487fd801d56129654bb83a212720eabe4c0865b8bfb6d3657058af65bed7cdb0f01fc9502c74d324ad3a0d624fb5123eb83581cc01390b59d3f526c8ad3e64109d269d915692575f7ac4c75f044bd255bdd422b6e85b1e15d4a67d4a7744ac2e7adc75ebde2104be62d4fc27906b1c652b79d6383989b99b8bf9afc738bf82355e5eab0dee4505275bde4dfca49046c901d37712424627dce2a2751f14406063c5886a3be7a7a6bbe2f280be3a91258b02dd19555bc21117cb862f24fc63ce637fecece16eb0c3960ff94f8eac863af02ad8800dd1b66dd633a33092caff9beafa14c1c14c1bf2624be366db0a8d8d75e7580c1d6a4fcc6d351f593606589d69740dff6c19152be9cfca531905371704169343ff31daccaf4e000385f779e02b7a2c2588689eb90aa3cf13095c395f77c10d811b603ffde4f622eb61d67b8af8f136ce98e34a5d89c7c763c5d6158929bef4687a40fef97be19d6c3978593046a28a7fe86056f52378840b2c336debd0fd5b75b7a86439000f1fbed5a5cb0935e1e7a6bef33a26a5e4bdf6a66207d35c32d1a11207120fee179abd56ee11838967aa32167de086ffffcd12d684abf3bb57ff2efd1b6ae90b64a13c254838c7f7d231af09858efb3303d386dfde01dbf65cd29b7ea6083c5a75ff3e261505a0aa1e9c88cfbcb524aa3db96ed5ad9af79dcc219c18578a756557b278b12fc2bfa853d936c8b3f5ac33a178e515f8d107678229a6f12552ff11a97757b4bd8cba09353f4639b9b9b6db1e3085ed86f2c06533eff831e79bba69ea34fe0eb4205da98dea27d3fa7ab36c74cbfea379b6776404f7d354b5e924b4bc805f513e2ccdd1a897f63edc6a6345341cbf945963187c4f07423e9f34bb667c27eac903011ddcefc7aba22b7c88e63b1d820e8ab809c26a62b4a8f7fe93fa9a0b86a4e5c6177082d062f8a45e7189b2dff9c2a1c167415d8a601a719cf65aa57d178a1a31da6d98cdea0d1f20294be061c8cc91649ef271a96ae8923e29862db39abf9e6036395508e08ac4ab2f9738c2fce2b75ccfa17e96aeca15e392074cb2d882160dfebd25375c84bffe465858d770b243544dc2866d2f918bc50d77bad19de279c73587536e0a14a1e9e80f0af906043af87de4e1b64c17f02790e97f4fc250ec22dcbb7af5b1454cd9fe064c5010099c4195450199079122c6e7e88bcd0205fc1720ec720463ec69e1d2f37e0f9a64895631e465ec962719a819b14537a2b60d398e93a9748fabdd583f5f35903146026378dfe970e20ce129607f08267e588915b1faf939fb97f255875ac1fdd15cb96eefd665ea4aa2f69ed953271e18721cd20809cbdd72c17067c06edfb1a94bf70601d8c80d8493715820396b9f366e979b9980da18675d23b9e30e442459fdc671bc680af61ae79cd3994731f619eaf43be5364bb0ac2cab9ce291d45f895d2e09c955bc543478eea90aabf994fdb8eb0a4c1ff43576b41f86f9114b41b07be354be9159efecb01cdd435e0e48201b09daa39b816a8608cc14d2cda2ed256febe4bfa8dc170d09cfc23f55b8c4023fcc5ce9e91e3762bb87cefa896071e3fbd7047ea21518f5893e68f37c6bd6c457f1445f6723ab254fe1cf8438e1cb2429a8cd9fc183a1a5774698c12994349ee667600c05ca1044dc869596d54a07caf80f0179b5f2cc8db181160944db214f0f898740986d5b29270c5ae30e6fe6b372d5354e57100e1b12f62cce3c96c97bac4c15e2f19f74b0b00ffa3e5b56edadc127a15e04e28ec05f5cb6b47d19cac83ec4dee23f386defbf450d5d4c272ab8baac5b7c43c1acca1dc8a1f6880febe9a38e09776123a761549818f4ea0cc2618f1d8afcbec95e1e09f2490d26c4e6004edc198e13993979b15c4c747c200a2bd7", 0xfffffffffffffce2, 0x1000, 0x6}, {&(0x7f00000001c0)="7b703b7de9a1e4e0389bcd07151b972c29774594191e6f564ec9ed819546b55afd535cc20c8bd210202c96722777fd7571dafe506e29411e6fc2157771b90388a41b114b84891ab634e6f250449e0d7aa43e3b28fca60e9fd2a266a36d7d22a34d0cc60f2fedebb956b8f693540a88547585d865bb6ba584038242cf260c2945", 0x80, 0x8, 0x10001}, {&(0x7f0000001580)="8c04cdc8107e0fc5f5cc62818092da70794682d44637d6d89b573dde26b2b4e411767aeb2782adb4b5472a8310e55d1f60846b409c", 0x35, 0x101, 0xfffffffffffffff8}, {&(0x7f00000015c0)="b836e1aa90e1406fa83bd2acb9515f894231f92ab70ad6d631bc41c2d657514a1ee3c7c09982980ab4211584f694a67239f51f125d0fc7d1dd", 0x39, 0x800, 0x8d}], 0x0) kexec_load(0x8, 0x1, &(0x7f0000001740)=[{&(0x7f0000001700)="e974", 0x2, 0x0, 0xa2}], 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000058c0)={{0x7f, 0x45, 0x4c, 0x46, 0xff, 0x6, 0x4, 0x0, 0xffffffffffff8000, 0x2, 0x3e, 0x3, 0x36f, 0x40, 0x25c, 0x7fffffff, 0x1, 0x38, 0x1, 0x1f7, 0x6, 0x180}, [{0x1, 0xc8, 0x6, 0x4, 0x8a00000000000000, 0x80000001, 0x2, 0x1ff}, {0x70000000, 0xfffffffc, 0x10000, 0x7, 0x6, 0x20, 0x5, 0xd0}], "ebe54144889db152cf76e5ab272126b66e2c1c7d2a26ae8fd6752d44897b0fd3bc095db7f73a26a2956a5cffc78d7b1f25c92239269966a18a13c7fddd40ce61e0e6000969c3fae7ca5db2befda24e1945f10c00c9048a6dd96d08eba96fe91e83d34cd5de46076bb18fb53fd1f42459ece947d7e009bffbc8e5fefdcbcb02d33014aa5d5d26d7a7", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa38) r2 = syz_mount_image$tmpfs(&(0x7f0000001780), &(0x7f00000017c0)='./file0\x00', 0x5, 0x7, &(0x7f0000003b80)=[{&(0x7f0000001800)="57d27ce40a9712e6c546018d2a359df7dd938648e4ca8ed10204afdff65f86d0765e18cd771cc5238e51aa536412535feef46a3a448e4b254c99711700912c5e20396bae77de1bcbbfdda65e07277045c34d4ccc55384f8e8e23cb8fa7c9be28ec97c9fbb00aee4d22a353aa1d40412dcf6a1eb2720adc0c75573c46636853c5a69fb46583f78c8181b41f584acdeb15a74d3703589a88bced", 0x99, 0x371e4bf}, {&(0x7f00000018c0)="a8a6a2d8bb06f9736623e142bbd12bf4a17b8fa0d1739cfb24812f5800db67ac68a8bda762069a6949a26bfccdd78eb900ed4c9f0271c4d6f53281a16b77f75955503f93371e3bae2d96e832a690726d05bd55143bdae04165ee4568bed861e891f096ef0e9ecd9245ccd027c6804ac17824b5823d130fef0ec07b5251dbe6e30af05661e1233045521ed78446e839171de5450641fe14bfcbd5cb57e792107b85c91766dc81806468442f3ad9c577a6d674852a6a91800d0175a492e9115a13dc84253b47e4dbc222fcd4467c611da2616c7694d22626967a434c6a73e107de5ed5d3d4d7151035b098f457926fb0327448ec58e40335b132ba4632977c936ed93036e0facb8c4945fc09ecce5c42950a5c5bea033f16dfd1868366adfb6e008155dfd7c105e1d880ad920591b8124856f88afd160b416d1503f3cb860f0987e4b7f72276342d0698cb8ad2ec895abf1aefd3d89eeb405133232a8fa4df85927f63cd1de61935c07934df35e5c7b1012ed82ff528234f5709588ce654f163ad105a5dc8280a16f96389670c495c541d958b8e3b23dff47ab908a35ccadc751df111efefb2e676a4e91413274894a7167090f77d97a1bf3619f8de870d55a9823de95b4a706c1faa429e6c81266f5a3ede6b55283ff6c4d221a9cd4aa4952f94be269004e57c7a8aa8cea23a5fde1c4c6daafb1f6e492d10c7ddf71590fe1d28119013ac358a613dd8a2000a7fe448e8a629bfc403c55b34130324f5849758f39ff9aa7e8e57ea331f13b353d1cbaee00a5d61552efd4b4440d47239a5461d963fe37a0cb236638b3a00189a18bd1361226d74e5880cc445ff0f1ffbeeffe70366bcc88fde975fa6741465e660cfd4260d0e039e9183145a42a88cdf114d7419a9eb7f92fbc28c99f974545abee3aa639a5dfa6039ece00b2be42ad28341b6aa6ed41fc55a5e8d2111a23a49ec3c497bda46262ac99227db922f7cd200aa7d3806077f061b64330502ea20a507571722a6f36b985d7f5b2e6bbdf1be5d0d53652f34cc374b703c16f0f82d1332deac4c7a032dd103fa3c455f73258acd6f59a2168510d7a0eead9555f718d0da08a5f49c96ba7e3eb59763b27d35e91bdaf7256ccc6407a9df877e30e749a157a139b960158d7ca4b4ed65776b7e2734d8aa0db6dd32396a3f32fcdd352b05a8557992df2c3c5e0fe8e796468032b017ab2bed92584d6eb11456094208fced583095f160c1a7cbcef576312cf87b13e2ced0567cede6c5a3725c9507d4ad1e982495cb1234e8969d3c2fa29ced3fdb69c76a8f1b927f709467f379d7b5b7165cde01d09a41adbdb19ab0c0453b31de2971cec9dea8640d43ff52a11072646299b1abab1136fca7296bbc3c5d8fd074966b04277c03bc93a27378bfb7d2c93b1bb22ae8f0bd70ef173febf51e9455f8f0a8fb9d5e69f3dfb87a9e265a739b6e1e7486ca320e02a8785f25c68d337e2526848ae3ddf7e02aea5d60da021eff5b597519d591c2f4a4fe6db2a927fd32ee378635f8dff01a73f81f3e95331aa6dd05512417b8b1fda0829850f9d9d44bbc03c67d8b22f3d872e87125c039478ab2946093d216511c51330d48690c67fe8085b02335eb0a3f3522b9299544e04b4cde90aedab4de4215c2eeb79d697a0d5365b5bad5ae8c409bcc01c869a3b58757987d288cfc8f78087c59acf289f6b1a51643e1678d62d08c54114125d5ab2291aefe98dcd7e246f590585a94499d5176af0dcb559691c9f86ab605b5b1b1e98e5841cf9f857663f580837fa4a3e2a54d7cd15d98bd1083ca4ea461fc9759de42343924d6e48494bd71e0563155d6459b189bad8cd2b2141e0dac6428b1add8857c3da631d648903eaa468bcb98f3dd5c68adda480a5df940143a84a3a2551065cce4d3b0fc0dc11e6d35649e0859a4734d5ff33b9dc9889d8f2f2da5f0f1a526c5a9bb1a21dd71162880d5d73d6e30a58d8c85009e7b58c530bb8b795156095622bf69834b7886e4ea0f1ea001c2088024889e64b8e617ad54f5ea95d29580b5a8df479901eaea5083b4970eead6659e02c46abae549fd291cd363effb85e309d5ab354129342d9f81cb426e1d50be045f7e5414c9bea7e968eded6169f7bce99a45d9dd8a7f2767359958a2a2f08d5355c2d0ea3204e6f85d73fc565a5bf8012b7da2f7da6acd3465ff65a738c83808b40302037e4891d8bdc48166a3ba38de4dc447bec3cf5a3d8ac9e9c2b881226ff18165223493dc32b12305429e622ef80f9395cb067a4d1080ff30a237f74d010ec882321af0ec7a980c5cbe11a4c7c3e8d32926499f7101fdb5f6bad96f17cbaa508c981202085c74885bd7f63cca8a1ba76216c292205633e264b376834540dd57b7497466eb7f0329a551baa7a00dd149a05615b6869a45a4efc4691e51837c266a6a8cda5dd3c2a975d0567489fafe9696810c019a3136653c7056fa0669b9f9e1204b696a5059ab60874f689d9d950e5908f30cd36ad81f8a56dc764a229f541a876aca1af468fd03fb572a4825d17e4fcc7aaa0d63510a66854d0b000f450de52f59aaf62246a7243b525a5ae6064ce0dae5c43e22311758cb04f430e8ec1919dd508dc7c4f38f7f9a74a2107ab0c020ea9898895cb631c7a92443afabca6c2b52db89459cb5e2fcc8fc163a823a329e66b6aead5e5aee3db1955640e05f9560fbd85dbe7fad62dda768b2f59308508163e1a241b2a3ff54f3cad3993237f6f06d74bcd33590b785070887e81124b108b356368459b468c7aeab5f1bed6cc4853d1f9e5316ca724ae0b60f44172d37408c48fef185549781b33f871a1687849634fd64c7cbedc2de8ec65f512828227d2c99d24d5460774b624a57e9c226337212ee0bb9285fc3b45dec5c2cf301e7ee1c72541b9ea9000cedd2bdc94bea3c39341678d32a36b4f9620b3114d6bb7b4f0e64874a78ed8915418c105fb9655a61a9988daea60f1e79c1c2c0decb2dc5f7a35c77f4fc5e4c31218b01f6663d80ab53ee7f91e6cfb28722041d45db296c6305bda9beab9b1b893490341fee853d351daf48876a22dc55e06cce358ea4a65423cb329b4848962496298b21e6156d72b5f6bed5f2d5a842f355f9cca8c6cdc1f6e7c2cd5335c15abdff5688f6d9a6e322a442b01c651027d952722203c096eacedd91a051cbc02d234fcddaee67b9d0528f505a650eaf6f77f0091136bee99b59c71dbbfbad517655110b9f2f80e06bf1928551517e05c90609ea64ba0cc68a88c875a5fecd4e881e7b3de0a8196b527bf7cf28de471ed162625bb8c8e180bd4536b0a90a8f73244f5d119aced09c9c9b77ced8a3234e1064a929adf4c7bf6354b56cf787c5997555380de27d20484d616e776c5dfa6148894cd327c7e58d4c25fdfce3e2f03638d52d052d8ae90e9bbdb0b4cb0552bf57db8feb1a263b66181be2ed6bb8827ba759d59db622a7be84a4b092f78fd7c73198383a06d1a636570b4e7f1a8b239d52673604a59614f1209c802d5e8235318956d439d8c329780d99d051a10b0ba2c2bc30935382992192c32c9b104eb3a96896d64461e33ee81cb1f4d003fd6562a2394b893c492cae5610159a524cb233597fddfa1dc4e08894c12717de06b945b3746624d7d17f9104a9271c8b6f71172e3e2dbf550ddf5af89a79e8557c76c8d111e97d723f4d78b5bbaafe7b96cc6e01ebafae39c3f04ec8356dc523381b6fb05abb92ecd3283ad2515f6f94564a7af761b16401e4640e64c0b68a15165d064f1a47151e11041ec2629dd1261997e998440642dce806381dff44fb2cb98e6700e4eceea580809d0fb0a890937bd7fb3d6a1ab369e4e89f62e11ca58f55db09e9bc992fa043515189468bdf65ea3dabbf57857be0cf0278f7de453fd8fa9ebf661a8af3285e005e95bde258bcc3e860832f8a6621f828ee445df6c8e358e5d73f9121f72a7651b19e1370c9c3d9a6a856f83318320217eda53ed2e2ee880d0cf058d565f1f66bc3aa3804d8344317e11f06e7892898676a60e13ac76d57309e3b7d0c08aebcc6afac87ebd44e632be53fc21afbb33029e8d17cd965f929e843c413f64eddb9a35c405bbabf16a13ee476ba451f4df89ab2c29bc6056e62a5d298729f920c1a4fb78a5c90de695c352f69b176ffde0092c164f91347dcb58dbc39f655a110ac84a2d394ce1d9f50089ecbaa0e99e36c40e4f2c51da01759154c517578fd31892d3601d158890289b62493358fc0f785d19e7786426ec255207681ed5db206c9de9e35a89211452bb9f69af505a41964c4187977aa4d103e3e8fba58cd4188c9b6ad92f5efed57bb20167078cb27c9d1ada8bdec928a54e777f9108cfcd9ae47f43889266c316524b99662c491ad291a6e795d7b89a6e43fe6d99d4f993a0bc1b9f92d8c7d4a152100983412c16eeceda4e361a157efd2b4c6ce1f8b4b5745dfdf7ff9e7172cb1ab5c42c2a10d1313be41371e677298c5d0e7f259dcdf1df1cc8a9e5ce9b85275df79d311c632f49fec7548520444e55bdf250740532fe83f2b78477d0ef78fdea9248ea7e8a58f6401fb4dd74159f155babfb9f9873dfa6d0ca712355235b2f762d30cae02d979e1969892f6b85c6e9f6090063edb4baed1fba4930115586987593fb9ba882f399b0d01fb9d7aa4becbd393bada86e3aa259a01d4c922083ec9e73a7bfad50c36267068198eaf9b7e4233c509d209a76c6b1b2336ef48ccf874929236509508dda8b1bfec16cf65452b04e31fb0ecb8ba0c2979043640d34669cca0690928b5bb3334affe56245461a2faf940295609ebe53d9e42f6d16a1ac9795d1cc652a37e5a5ccc84becbca06b4bfb84d9a9706ff0a7e81ec6f2240a6dcdcb106f8406507b55837ea8096b125a9a57eb5501ecfe0b0669b21cf3dd8934886c465c95b4ee219681449c35674f1b8c7ece8a29e368248075d3ba892007093949e35743ea78bf208be69adfc57a3149c346c7e4e95e694314d22ee8796c5cbd48ff9b8b5da29ae63bd088c145d341f151578af102940e620afd58f6b97430ed3725f65e820c717657ef49ae7c21f97de348bf172d33dbf53a66aeae6399d07f957593e62ca9ef23cb99abd32b68f4d94091424ad480fa6864ff595a8e0ab70e4fa7e14b691d21ed042f37be18de485a85b5ac1d66a3e84eae142f44611ac1dc31069b8f57dd2bd92e55b2f895bbf0140726da8c32c52c54f9456aa2afd2f2a6d551a122c452f1a79f7df67f9c824e6c2b64f56927b71c96f516476fee0c647aa3db3c7118cbbcd5549fdc2262dab470f55e4f015b293c1f8e70d31db82269d1509ae89afb24a418a3f7ba31b2ac6407a86f811535b98587ca61a53654fcc828e6f4632b04234d309799f26326df2a4f0dbd04ce79d195426ab3a1784a43cdd43a4bd60549f8e41e16d8717e95dedfdce8d6be6a2e28ed3be78b446cf99ba826beae38ecbebb4d357e59d224755d8fe97ff96348a109c9a96d0bbb0159b3ee98c4ec49c54e7e41ca881ed703966ab7e039fd404f860b76d20a40c16832056ccbf245630cd0c90afed0370f28fc453dfe3cce3736062e8ede0c8d5a4fc81d0529477c303b1a0d404853caa25106f28340e8d0607cbe65159947d2e1f3b3f32f0862bbf770c4daea5796da888cb5f83c140ea6709d1fd72f86c9840ce2d41f624a52b1b3794930def8d7da6d9fbe136e55562a44590afbcc8c276ae9ee3c207a3f1817f38775b11f08f6727b1048bf8710143c0640191f39a6e2b49ddff", 0x1000, 0x6}, {&(0x7f00000028c0)="9ac9b78268706f908b755d04c92c465b97d7e8959e1d16191859f1819c0301aa8d2ed596922826b19e72ad56b6d7683123b280e62179d325b90c20ad8d91b74b0fb3be00579e5cd00d4aba53ff05fdd4c594cd04cb7d1159087d757ff06204bc25c0781ceb143ff3d9a3b735014b15c8030bcce45557ee562b2dcc4c373c0b453dff5424a77a86075a8bcf655ca89b704bc0465b537ad15205bbdf0d2e8ca2bc999d04219c87f80fad1fc4da4ce1ed96e24ad29887bc62ee9a787d46d1a9a25d87a4ba04dec8c7ca2aed42379712d3df63e7585c84e327d0d62a0ca43b7075d08ac0c936c0a1dea76607a8c95941d812b4e9258042f3de2692cbd3a3afb40bd2f1bd5e48e46bed6f0aaa0ec5ce4e46bade2e8ab06975a14a13b112720e77b6f60de11872d419c03244de9a6b08941555062686523dad7c8b006bf53bc6fd09197358858960c1a00692abb110895ddd9ee92908e4ab91b6e1744a27fef7bc65527353d5af715294fbb6f57a430c5c48a79fb3933694a05b0e8c9325231fe4dae0b4b8df23c9f37935ac042b644cce719555d999eaf4632b9ba398745cb32045f0572fdceedd41eb0bb9b13ae3ac03919b1d500a25c6a99d7c2f04ec84fea211bba372f9bf9cf7aff1b2ed586013b51c02bf6f929acdb36cc44bfa40d7ae5a15857f38ebdd992e09373ffe5f1b32417740b6dc1a5eb3eec019e799f82ff519b9e560628e9eeeea7ca986168c138d17beddd063b5cbe0253a1bb101cfb3f0ea85da4deb1e182d0f4e9c2c4a9667d5b2bd46a5caa9dbe983b7a3f44b818bed88cd8db0171615b9645e8017f9ddf77f86610baa67f3f3b4a99e9fcc48241b652e897868a1ab70551a224156d14ef12a3d17fc2a5be974cc886cad55a77717470e07d6d57449265fba51f9813aeadcfa8715fe92349e009d9d183242ccb1b9f50319814813d9f089513339e55eec7361b1f40a842534a86cef9af3882e302b45b1c0b75b956df63a059c761fe739edd0146b14c66f564f178a4eda1f7f3a909d1efa5a021394391553bbc64f1b5f9c804acb6145c6933e586a810ef31f0b8ea8d4fe11ddbbfdb7e5acfd6d39ab744410e3af9b2f32fb165b51d81622035c5ebd2f7445818a679393a8ef6509f43867c5c4c9e9c1a548a2fc54e025c739efd2d84a8348076f006a7dc72a1eab9d15dbcdc69a8176d6985809978bf04ceb9c8cac8a5953c808b0d85fa219a94adb0df269abe867a7f35115e6f66536f269445c69e03325dd42cebe8e8cbab08bef137fab5c630dfc5bc786d3db4651657675b0d904a0895617beffc13ea3aaddf3dd3a17d3a203aa50f884823f32a7830d5ce430c603685e5ad4a5fb01ea51e803723d878e585f6befcc01969514290a450a58d2aaf51fcda593204391c0fade4ae4875e0fb350339bfe899d41ef5f5fc47713bcc53a229122b5708044763bc02d02b891396f1c62e8e1c46083282d71253073e7229e530e29f2970e0a428b047a647013da3233b513253547ff6c3b6049cbe7c1db494821ac83e1d1058c202327542114508b392421cdb4583de112b7a3cc0bf586abfae40575874285411106d8fe29a36a6729b67ed391fd9abecaaa198efddcef863553c50b7e253593918089d1190f2627d9ef871eb741452faffb0d7b010879ea1325137180eb325c5e4b426ef4373b104af0490b72a960dd70f3020e4269a04c0aa456c14d9fa4818979d1fe862148c22dc448cea02e67ae3ff8601ab94b8f652ed4b4152bbce88f9563f42205e0e7a887546ca531bd5bc302c79003da8b7790fc640d8b88dad07ad5bd4c38d9c4b1cfbf47c5ca21601a37fe6af158486952f1cab2cfdf1bcafdfa4815aa130087523764c2657909225ce5610b3f0a018e0e343446494d3b8903c6bc56bfe54b318d3c8f0fb4ebdc4c5314803f2fb5fcf5126169f522d9b36056ab1abd2ce7ddeea522db2ddf1bd0d81b9c63146336bc5917b0e9b41e116739edffc7bee38053c2a5d847db9b6807d2055a5bcb6f5ca964926f2e48f0f19b7f6c64db4c11e948c7a2fa60eabd6c7a187723a849e7ce1a7f908ed853a1216b15c20a274b00f478ee5108f3fdf56ba84404da73f2bd2e6767556da07092065c2ce8173a2f0ce0c616ae9c618a9c3be906033af40cd9a4fc098070ff9f126b676f6106a1f5a4cb1bad2d7b3b4d5d920dc70d78fde21930689fc8192e191c6ac6234a6b2001dc2ee0d7c2b25cba7ed175b1de27048e1f03e5ab7c7104095685bc9ae257c4acefc76810425e68d045d3ea7c78622580ced3a1106cafcdb1c4256b20c28ed4ad42e84736652fc351d7e7393789841d40ee9fceff8cf8300520772adb1ba6a1de79d449978c4b66fcda545966a6285f108aca422e0beef9f45f7d3a0d5f267e821f9170f9f0cc935016a44ad9607e1c7e191cdece739dde665f44ae0059882a8048117285e7b9455727321f05d38db441d9fed06774875bb9097391ded7965bfdc4d73d8e8e2f5d278e4a48a25c981348aa0ee83f00c2c175fb1c271b626285377acedc3719cb6149ab8514c84dd1faa304e734bbfa381f910eaa31b24897f1cfe1a052b162f5dd76e8bc992dd18a64801c96796f3cf18711cfa98e5e41738bf9b024e3cd5404c670af8743185ee51e54b0c952e0a13ec3765ccdaebbf74e2072b9a79752e02bf7927ce6858658c1f8c5068b52992830e19330f2b13631d299c854ef262137f0bb957e299986c07db1e1e97a6257cbc092af4a15dd5c2d627f1ff5d5fbcf6b9bfdaee03cca8d21df66ae371c86825b59c2b629ca04a1847b3c4866f60a84f14ecbbe822f1cca9cbd9d8eb6056a8935d16d64688e6c0c049a4c97c22dc17640bc63f622114697393261ca596d3cd0fdbd774d192acab50637e42432f2d68b3a61ac7fe176359e3f0aab6c05944d6cc6f21f026b169ad7d2741cfb987dd586c3ee3615fdb7ee368dbc8aaffd4908a71e0266707d45e981440cb97061e2ac280c9e7b234cb9b091983680649eac2e643e53a4d8dc17f7a41f00dbc320cb77805cdc8b20086995bb33f43139a222465f6c0f4513fd4209d0f179c3d5f3e662154b84ea5f64a6a48f5e3660b8cb399ba3933bfa111b3bc47cde8529a0a8528ba5b63491d783359255bf53e34df297e6687f384cc2d44c5c8d1cf68da8967e53ecb21fab999d63018e25a2bc2be735f6977c2154eb35ac0b38703e9c1662009cf6d49bcd48b8c2f5133564abd762055ccc6439b1c2745c1ea6bdb8b4805bca672c9c910e8ef163032b3423b6fe4011c1492818c70bc390768f27698bf47d771a35260c4947358a1b6e6587b6f6fa68e54a0e1fa840898e95c6cce8ba4e873bd897d77c2af4bac6e846195854647f4922adeace13774074d513f31d6dfa327ae448309f9c4f5ef1df447519a4e0aa558772b97c6e9aca3a1cde5225c312daf4d3a95549852ed09670db5b55f9e06b6d569f06d395ba09f204e503e93011ddaf07efa759acaa995e532262fdd9d96afa322ce379aaeda431f089a3dfc59df48ae9c79377cac9a85ad2b54e14bb9334e9177b1c93b2dc8c4e9a3360be6a111a0e562d8837b7d214cf33cbb5221f8591c55868b7674b185e951f2275b583a1ad5dd4c76762e892fe3eea40862366eb9de24cc2855e473858f60488a6716b1cf44b95b298f3d7493be05a124cc4f742fae8014f069470b2d5a1972009b21e7823bbdf25077115ca51d026cef82eb214bbc30bd5544ec9431e847bef7efe7c875755d45c0e974df4ed7513141e9f8a738f80e7ab3b4fa20765f9c9b2b892143c5d80db4a60ef916b51b970a99bddd5c05ce39cf1acbbba0373b918b5e715c65bc21796623d82f6e273ba839c1c844dcebe0c1345424b3288c1900273233dc0faa5e17b8f096f9ab25639ec237ed41967bf3bea56d6d98bc80cb12ac42e12eaaf7a96fe63ff06f3168230def86ac177364bb6b1e9698249d20ed94c1150dfc3c7d71c6a0e9c483ece4df1ebde755902763893c65400b425bcde5bcb063613ccfd6af0ceffe130f8e59b5a84292a639c5252ebe212d4ecdf0cf54619cb51e9db594296ded6ebd4dc2875cbb4cd85b489817d8088445fb9348a277076e387adae0ede23efa86663ddbba722afb01234fcbd98199efd75d6a2108463043a7da99407eaa9b60db88496d79281672f396f880ea543cbe96908301afae7803d91552b5cfc347a736ed6b075c95b00320d3c7946a4e5c4803050f9365648cd77ba8a7f8049a35443e5df9b9079a1d4788dc71d6a4f2c53340b770a65ed73183f4941e7f45c92e53f9f5c075b5e7c8c861a28f2551dd036043695c0fd088716e2e19ad355e552a55942152ce23062fcae0e2ab92dc20a494d884635e3ff3d7b8fbe3af6f701225a5acbca7ecd16b1111a1bf2a600e6826bea92930d8434368de5e89574b761a8196a4a8bbff4db2812ceed706e6c1e9bfe953d37ed3abd94ed2a82095637df5248f0a6474b33c811b1fc06ed994cf12be57507ae9b36b1acaa56217d51f1082dcb37f14c1fdef1df7651fe74eb8ef0ecf9bda228376c7929a170e158e7acca8469d25b7fd381ea20b6796b446ae71f0709cec2371acff9454b7e308ac3d19b7942d3187e45e7ab695ceb1744fd0e01304e909388e6008942538d0aa1037beb2a77b4239ce35b1e5e1cb31c1e0243d7f98491fb5a5f7b157632749be083b56cb33373872d7734b78c2433662f699161f897e8a5749dee7233d51febcf245e0f3d9952bd22f98c1dec61f964d7a2b633eb78313357938a7f41753f2c05a12097e5e56bf186aa90b5132ef8a65fcbbf6d129282ec935dcdcd283a63adb138468988aa9ade7b063a2ba9736384847f8ecaa5a648a4cc042a8f9417e710d3ea033cc02ac7a6ff94379036d6d4babed0a3ddea3fa023d05915240aaac73adace2d24cec2e5917e51ac382ef726256bd9652d52c8c88c8f0afaf261043d261a53490a0fb07031a0f2c1f1a9f55db22d475bea3a76b7a9bb8fca4ab0a4da95ab4ce8b8b73e0614295f7881f1718cfc93b0a8bfb614e1bd54b7dd439f9bae08487aff78516df268accf29d715a83fb01527289a313364c48063ce7c8504debde5afb234b63c7cc74005178f47ac62e60939748a6371a5cac787e6ff352cab3b4bcbfe48182b188d3bb2f1070cc88f681f5abef1cdea1c00b283b217ccf5109279b5b111126bd49819768e2fc9d6488d66dffb50d3d632e1135f0578a638319d7b7c80b125ff721323991bdba0ae33d9b6d4d186a8abbd5ab384c86d1e1bbe692e75314cf655892be2c4343e36d99838a846edc82364001c7eb90f41255879307ba2b8b775426f10d7c2d30ba35e0b2bc0664474f085b71fcdd6a46e9c0016db041f4f88b6716703c99980a9c101a34f80393cd4b275e02f4c96d9a2236153e5e4407a2d2888706190d5a2fefa1807f2732f9a0682202f2a827cc96e2293d9c973e6c2a1dc054ce209680f38d9711b23baf4b1e38346cf04ae408e5ae3d4b604ea85259f02189541ad23a6451ce849c93e8fa2f8cdaa2672ecb6c86739806470ebd4c7712441714977e63b3f3cff5c3ffc0b16aaa9fb11493608e8c204e9c217b2c5ef38ea259455daa07cf2daa09c084031af6c2a5733c9a6ad195d50dfdb397ad76cb66b139c44044339db9c16c11e35eee344de79421d89af925c789a874970eecf7672bd437c22b9e5b8b489ddfeaf0a6d5d5ebde73b15015167238a6ede15c4a3059fb72bb6b30466da4470bad4aba7fc3ac85695385cdf", 0x1000, 0x7f}, {&(0x7f00000038c0)="0b9797065f80f8ce07994a87bfbe496dcdf5f114006b8bc80302373f2245bc3aaab6f252d01c446e73637f460611cfd0fc1794af0771d4b2bfdcb406c66fa2ac69218a5bf96426c27fcc70d04ab59344dbb4e3d5e9f98a6745e1caf19144", 0x5e, 0xfffffffffffffffe}, {&(0x7f0000003940)="168dde1079317997136ff9a58905f2ad4563c0441bbc42efaf40cde626c2514f4d982f6e67cfcb51265052aa8fef5bddc19fb11e85dbe7d33f79c79742e46e7c97b5", 0x42, 0xfffffffffffffffc}, {&(0x7f00000039c0)="39a088144ec7b75b05d1aca83bd3e600f6b0b2115b9318de5b33c127ee286c3fa24ca59f57db28328bf0e527587a30bc935dd0d00ad431ddf216576425b3e74a4cb05d12df3b7b7184f602dae94addf3f28f528177fc911df464ebc1e4c30a77817097b385198f39f460137a03627700e20f6401ecc23e976b620e62ff898a302a2f6e121fa6c1b20a737a5a4a266058866e7f9879a0f27d73c17f038600ac765fde02baa78f3ec9e5e11f55b58a2fc06d64244466bf9b89615ee8bc64c1df448a1495e9954f0b84b0", 0xc9, 0x9}, {&(0x7f0000003ac0)="4cfef16c0f5abc7d3d325f3e7636a092c314b52b7092dda77b04256bba5176c5526b40d19c7f8406bc9a684e197776374772bdb5d12445ffefa58a5033cf5babee7b12d28b3503f798052deca546ea90aaf1c1fc47647bdae344f5d9dab317a42ac8e1fb7af7571b0c2c8ced67892a9ce6eb909a76b8ed8e2ed2f290dffd1f9eb6604da1172274570d9ab7200fd82d21d16cd26f0b278eee968eeb3532d39380ea3eb313d63ffe47ee7d3d112a0ed0d45fa0f6a0", 0xb4, 0x1}], 0x400000, &(0x7f0000005880)=ANY=[@ANYBLOB="687567653d616a766e6b66736e6c6f6fea36ac723d192c011b17abb0822390f16922893f97c677901821e77bf3cf428131"]) kexec_load(0x5, 0x7, &(0x7f0000005640)=[{&(0x7f0000005180)="d46d6e9e0f59ac4c65d4a0e88576851c313e37bd53d2c961c012bee0c3d433b1a35c206eee81fac4ad8d3f56165135b4ddd8bbcc1b8557b08308f980cd4916a5939ffd72ba195420ca8e8de74f32d84b43eacd23295267a613fdc596fdfce3131880a8c2bd62267efb23c7067281be457f9766145f9a65970311daf6cf1c9148949a8eeeaba2461e8bb19ad9d95f", 0x8e, 0x3, 0x9}, {&(0x7f0000005240)="71b3a2022699c9f27ed768f2c1e33651e70237b7a203ed25fd731a8aab400afd7ac553f98db0f36e0fe8e275b42093fc627f2a4c8dfc6737d9eefa450bd50c4b324f829b10974fd8e36b432baf44cb7ec993e9336c25663e", 0x58, 0xfff, 0x8}, {&(0x7f00000052c0)="e5a256f367b5be38c3029498871843fd1f332cd138de59d5774f1bff73a60ea6210f3264d2d48a7397c32e474760406f68e131b443d76556a65773b7e350eb0596690bc221a8a3d287afc05119a5c78d6949ccd4e244fbd226dda17e013a7c1553f85fa0f330a6768a8210f391974da184cff1d480dca48e3957c77db5e65f3394d8675f504ee7d2b78293ef76e701a1f9a3215a5c91edbcbc8eaaf8fc2150aa08aa9d8597da20151de0f75ecdc9debd5d59f4179d803e7e6696b94767a1fd5e37dac6ad318725870767cea919", 0xcd, 0x2, 0x7}, {&(0x7f00000053c0)="8072f1b149e961951e105a9d7a19411205488d3353b25ac6423f3320aff3f5b5c6660e8373b4389b7c139f3e2cf9d6b8e0256532d6aab0836a065b9d16f96e872ed3d985098aa09abc9ee2dfbf9a92e8a40aef8dc0366814cee531df3f71d019cd04390fb1625f56136d9e5ff02f3ca2dfc2c0cb6e2dceb2b0c3de36e74514d4f4049f901d4e96e31b3db63b73f29da71f8bb2426687b102318437965d47036fd74b95cfd4546b8152272b12426f5e9f52e7e507d4cc3794e771b1", 0xbb, 0x100000001, 0xffffffff00000000}, {&(0x7f0000005480)="1fcc17ab42dd871c38e04c5429f64b946aa8c02d88bc30ddbdf4cac5c1d075da9cd95ae265fc61ba804ed923bca3b6722cc191218a1f0b79a89fe943ba692e0053c8", 0x42, 0x7fffffff, 0x7}, {&(0x7f0000005500)="30e33c6ff5cae85db940d656d8f49035be0a88a1b5d9eb184d11ba2b573c88a1101358b6a416c3dd9f2a85d0376176d916437f8cad8f1b2b3659b055179c02f477d1da04a667f5f03c3f0f5c460064a6c89c236b2115e44ccecdf8e4ce85bd523be6e6d0161ab64fc3cf7cbcfbb45407b745eba57dd7d7899c26a8614bb517480fef19ccc815f73a8b26e8742dd31164e90a6ae8ba9a330692dc3014c4d36284dc6feaa7c504f7c69fc957bfd2cefef233d2cccf3e5bee438ba43237d29a6013612564c8ead1", 0xc6, 0x1000, 0x10e3}, {&(0x7f0000005600)="cd246e54426c4990c24a", 0xa, 0x4, 0xc855}], 0x140000) writev(r2, &(0x7f0000006440)=[{&(0x7f0000003d40)="dd03b7f5585e7ed1fcfdfc20345eb70ef6e5623aa05e46633069de2cfef8fdb5", 0x20}, {&(0x7f0000003cc0)="b0f2889f8c989d0b0220fb8afa7d666506dabd7fe830b8f054743156cce0aef9dde30d7c", 0x24}, {&(0x7f0000003c80)="26ae19e30ab44e6f57ae9097545d73ecd46f204d95527936412aca27e6c9e8868bf993567f6a9c068445f86f7fb585ccd99b0a5dca7c146403", 0x39}, {&(0x7f0000006300)="b54001f48b870ecaf2dbc68a492214bf95b87bbcfcb47c0a3d7e3236e70769a9e1d2f871f7166455318938f214957bcc0c889425444c2bbf348f191601a46b23730f6c40e85b18fa126eaad62b9f3c72a1065b19e52ac60e1e5e6118f38b0f2f41cfaa271888c97f43beb2f00e68f7f2f3bf1806a8f5829aa49f8ae9e15c9a8d5b9c8d09385b4df6b838961610b2a8cac62dd3c8e788", 0x96}, {&(0x7f0000003c40)="b7249fa73d4747416fdbc04148a5fd2be6f390e0c6f0cdaefc00ab370b592e15396061b2607fb843f76784563aec0a685d", 0x31}], 0x5) 20:18:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x700, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:10 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8080) 20:18:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x200000, 0x4022812, r0, 0x0) 20:18:10 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xff00}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:18:10 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x800000, 0x0, 0x8800000) [ 1594.251137] tmpfs: Bad value for 'huge' [ 1594.295239] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1594.296902] ref_ctr increment failed for inode: 0x3e7d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000045cedc6f [ 1594.336159] tmpfs: Bad value for 'huge' [ 1594.340508] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1594.342108] ref_ctr increment failed for inode: 0x3e7d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000045cedc6f 20:18:23 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x900, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:23 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff2f0000, 0x4022812, r0, 0x0) 20:18:23 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8080) 20:18:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300000, 0x4022812, r0, 0x0) 20:18:23 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 72) 20:18:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x34000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:18:23 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000040)=0x1e) 20:18:23 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x880400, 0x0, 0x8800000) 20:18:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x40000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1607.047794] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1607.048714] ref_ctr increment failed for inode: 0x3e76 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000093398c38 [ 1607.074954] FAULT_INJECTION: forcing a failure. [ 1607.074954] name failslab, interval 1, probability 0, space 0, times 0 [ 1607.076288] CPU: 1 PID: 9222 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1607.077054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1607.077931] Call Trace: [ 1607.078242] dump_stack+0x107/0x167 [ 1607.078662] should_fail.cold+0x5/0xa [ 1607.079105] ? create_object.isra.0+0x3a/0xa20 [ 1607.079607] should_failslab+0x5/0x20 [ 1607.080035] kmem_cache_alloc+0x5b/0x310 [ 1607.080486] create_object.isra.0+0x3a/0xa20 [ 1607.080984] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1607.081565] kmem_cache_alloc+0x159/0x310 [ 1607.082052] ext4_mb_new_blocks+0x209f/0x45b0 [ 1607.082577] ? trace_hardirqs_on+0x5b/0x180 [ 1607.083056] ? ext4_cache_extents+0x148/0x2d0 [ 1607.083556] ? ext4_discard_preallocations+0xd80/0xd80 [ 1607.084149] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1607.084692] ext4_ext_map_blocks+0x1d68/0x5850 [ 1607.085212] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1607.085791] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1607.086387] ? ext4_ext_release+0x10/0x10 [ 1607.086858] ? ext4_map_blocks+0x5e0/0x1940 [ 1607.087351] ? lock_release+0x680/0x680 [ 1607.087791] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1607.088326] ? lock_downgrade+0x6d0/0x6d0 [ 1607.088806] ? down_write_killable+0x180/0x180 [ 1607.089323] ext4_map_blocks+0x652/0x1940 [ 1607.089796] ? kmem_cache_alloc+0x2a6/0x310 [ 1607.090289] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1607.090788] ? jbd2__journal_start+0xf3/0x7e0 [ 1607.091297] ? __ext4_journal_start_sb+0x214/0x390 [ 1607.091846] ? __ext4_journal_start_sb+0x1db/0x390 [ 1607.092395] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1607.092997] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1607.093556] ? down_write_killable+0x180/0x180 [ 1607.094078] ext4_fallocate+0x415/0x3860 [ 1607.094533] ? __x64_sys_fallocate+0xcf/0x140 [ 1607.095030] ? lock_release+0x680/0x680 [ 1607.095480] ? ext4_ext_truncate+0x250/0x250 [ 1607.095980] ? ext4_ext_truncate+0x250/0x250 [ 1607.096467] vfs_fallocate+0x48f/0xd00 [ 1607.096909] __x64_sys_fallocate+0xcf/0x140 [ 1607.097392] do_syscall_64+0x33/0x40 [ 1607.097807] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1607.098386] RIP: 0033:0x7f6d60f48b19 [ 1607.098789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1607.100866] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1607.101697] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1607.102513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1607.103316] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1607.104113] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1607.104908] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:18:23 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x2}, 0x1c, 0x0}}], 0x1, 0x8080) 20:18:23 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0xf503, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0xa0000) kexec_load(0x7, 0x9, &(0x7f0000000500)=[{&(0x7f0000000000)="6aceb1b33b3fe0913311d7602adaba5c7760d5262819cae67e34a3ce93b2634ae592fe1d117530dbb6a10a63ff492e3bbcf4323134ffde118e67beeab3f8b454a062d78204d1981d02cca690ab60bbb2b77e89c27d824c71c3db8f8bac10d72b9e91b54f669d7d449f20aaaf501c1c8b7ffe9c6a92de9801292bab926421b54947327702253c2de9112737187e77439d24e1abd35931109c4256dd8cd80e0e8eb824ac0ed149bfc771bae74a18833b2e20ba821d7e6e36fd6ec45312ee1a01d6e4acfc709c5d1f9604ebe52ef07bd5e29e7deb8e28b712b571c28595de2e1c95aeb14356f4a4044a5a72835e627e91b2cbbf97676b52704d5834", 0xfa, 0x800, 0x3f}, {&(0x7f0000000100)="00aa9575e3dbf84c58703293a3d47de119e6449a3802c7719f8a530ef2b6802680292e55a27d5525ab", 0x29, 0x6, 0x7}, {&(0x7f0000000140)="7b536cbaef2b1a389da0be28f6aba6e35dd9864c115aed", 0x17, 0xbd2, 0x5}, {&(0x7f0000000280)="c3d6ed3db6db4dd9dd33f7d083e797df79106861afebef754b4aebc2be23e698e3c731a1fdf662411e37a2946284f46e4bffcba480ec8b0235a010716b02b62b89a155f3d6af262b373a26656aab1cc15d085cc702f85d88ca9932e2496801e9a10b42f0a0ed220e6b915a355c70b1a5ed45169989058994cbac1fbe29d1e24ab4f7e856cd4b16d375e515967214fd32077d42ff0c617aac50e0f6fb34ee3421b08a7e43f712674489cda3805b832c3e61d25bad7f749ded2d2b838d24a525dddfd92b03238902adf28af35679ab1e1e244538d579dd2da69ca05456", 0xdc, 0x6}, {&(0x7f0000000180)="f65d2aaa7c415ab28c", 0x9, 0xff, 0x5}, {&(0x7f00000001c0)="4355fec5962dc7eb37332d550c16c6d4e5a31c03ebefb824350ff1a770e65a1a697996fd8b86993c668df9d94a931afe7b1819c918c710b28c5e202cd22f57e803e7cbf04fd163c282b93292e001cb2422803fed0723a1", 0x57, 0x8, 0xffffffff}, {&(0x7f0000000380)="c3a5d90ca11808371bb54f6dc9679d5334", 0x11, 0x20, 0x10001}, {&(0x7f00000003c0)="128244829b2cc1ad4a23625b4eb38d1d0e29f8f210a1f35f4df423252a39aa41d9c602c67e1c61f76863322955a8b63f2ef9b44166d6bb5777e8a5573f2f28affd307b43835f831c1da6586fc223116c07913db9944c8843d1b910ec275c617519ea3d20d450b105ff1ee508aa4645248e9dcfeded56223993b548a9ec60f52a13eb598bdcf6b6f6bb9ab531a49cc63058390145cc501a72ef45198d45852d6f12dea6384bb539", 0xa7, 0x0, 0x3f}, {&(0x7f0000000480)="cf98eb00f1c6e786b86a433302b567cfdb8209c70f2f08de351442b9d7a9d58518779a6e9e586e0e6bfe4415db44d97db37267eaaeb3cee628e8b7e2792455c5fb17645223dd747254614b6585d6e7d1550c3704436316947212ee2972b70230", 0x60, 0x6eb9840d, 0x5}], 0x150000) kexec_load(0x1, 0x1, &(0x7f0000001640)=[{&(0x7f0000000640)="e7fb294bad9a2a3e4ac1811f99a16374414cb2ac441609e41d6dc597b980cd182b2f3bdcd02a510dd809545e5f88cf68c26e58672b24e95a64deb818f69e9b81a091fcfa53d43cccf7d0a2d295e15431e0f0dd1310cbd52bc2c786c06acd28ca23e17948be5b57827b9f5b5c5c8b487943a56646bec4ac64aa73a8e7578366f152d97452f2ea5efc37e13ddd45de69c5f615aa6d0741384586cd03cc685ddb3cc8c1a148874b3333d9d8e69f950cb946cda684642c54b187022f0593690f8ca41ad8d009ce375fbfe542691361bb52f4f1aee53ddbef8b6e2b632c9589742f76380a339a4c197b3e033efbd67985e94030426389dfb0e55267445215679932d0f3bc788543670c13fd5a5778ad6a132c3e02b178b97602c7927fac5c1164ba31151000c12be8ba328b2fef091a55ac8fc675529d381fdedf2ae6324d516f2ac2c80f627c8d565e939c3da5bbdf75bbfd7809f42e23a87df30b25c95613fcb8108957d8836b50fbfedabff70104ee2dabe64187d2b8817e69ee83319815f1d8d0bd145e7632e5210edac35de6082cd417f752f7595b9d31a320c67e0cca32358bff89cbf317f4a22e6f99b85d5744539133835b577a2be8f9643212e7e4615dd3b8bdeb9df272d9dff7140dabccb4c5c5c416ec34b90e4cf59d22f2257330543df5e274ccc49459cea12e19936464f6393d48393c78812ebdf7dbe8d05c92fd84afce9ad2974aaf296843892c921b0c9abaa170476b6c50c3f6777ead3da982787f62e025eb0dd84d2d1755932d6770f236597416559efba85cfee7f23a29f30ef18430e1014a991b0e9ee832f56bab03f04fc2c14bcf42f4453ade6eb7037ca2f8a154a1c94de7c7b58d4563f87771f95c3b041d997435186c9f57b182d20759da211d57fd098e567243e29121e45a9a3f157c8a9b1c3f86ec93db5484a4ad74a9f34d4a2e98692973c39814ee1f64157cdc9ddcbeed1f64f6f65a232b7f0e7772accc1ab2d1ad6499bf8f6f722ddba0781e03aa629ed78353a0fc652f32a6179f3869de1f170a84d6daff3704dcf64a53a0507c0efdd9df9ba5fa81f03fa1bffade91c187abb50896dd7a7ddd15d8ca2b3333c72649d2b2596dd7f23b1fbf26738baa3f7fcb2b3505608adf698f9e732664a0bb14767b04b159adde075cdda9fc6af3c030d1ddfee757d56177236a2350540e1092e79d005f60b450cc283c9ec069d4062857e3404e9db28cd9ca30baa4a91a0d18cb15794761e956c7b3a8860a5dfd300653a7c1485ba972072e61cdce2dbf5676dbe8b93ca59034004ba723a9a19209e0f9afdbc4924fbac940a1267d9d2171f3ab8c754e3d19ac10a62fed6d545f082cb9ebf924edf75f11592bf5b8fa7f849b313b9ce8ca57a5614afe98b5d795368f83acb246b1860592044a9d6a9692c57b51ba2b4b55e7ca6a3968f5d41e936870b02b4979540351c644d0d44255360bed70a5193ba8c45fdf3ae9918717d0253a0029c9c76719a3a600e5833d5fc0634dccc1c957f886fe10bdcd93559b3164506e451d32caed1143fe951af136a66c425e8ed4d9d02731f374a719f2ea26a65a42110544e88c466bd9c2f74030b14073781bdab7cd4aef355b42af1d84cf051af01943919df517be37a5dfe07e7353cf01fc03c02f4de39cfa3d5352ff0fc0a10ff6f65825d785a0ac4f98726c63ddd923eef516a30106be45e29ac8d13febbfda73410393a1122381a08c297272f97d62d257997c9f793119b20616d6517c8d2a88addfcb5b7989bce43dae32623052cf0a994522050ba94078f390b7e1c05de57a2eeee36ad6eace4ee4d271fb52558f15213fd3772ed1d5bb43810e6fe8dd9ad53ed9ca18378cbadb62b08bc132c411837d6ac4cd49d64c1884bca73ee07b575097a357308ada06082034a6173f61294ee0c32d4cde51e5bd90f983f72e17f76724b2534d0547cb3ed34c25b24def2cf46a721bdbc8652aff3683ea6f300c9fae213a42adb37ed3ce6914bd40e47b96f5cb9c3f7bfd749be0a149d33ea424acffe45a9590c507061e8da7600fa2a83e1056570c75a4addc4a0f0147738c35bc633c92c82fdad1ef008744e2df58b6d554baa3edea68c5cc08abe927a3784c24231ab343eea6a893e68133d52dc85876e3c55270ff5cc431df8edf413b432a02abce2c94dccf4b4a66f691b128d56ce95ac96c088f7a7d1abbbb39317a270c41893a0f37328987fcca743d00920b1a1837bd09316f79828a53913945c151b670c3ca2ef0c95f4d21e9821b4e6cba3135839bed8b229ac342fbdc3fc70e88f08d72c735c77e132222ba00e52f8fe49fbd11a2cd77b32c40315dc6ea1d4bec4d19f6bbd28cbf81c84bae3d96434ebdfccd680619c040bd714b67240545219153c0b427968a50bffc0ab6d2d8f03f8002b381d8b482c78439ae201078ce066ae4b943553fe352e17d70d38a40b288e60551961b0addb86536149f1e0c13e7fa49d018e6579904a8a06aabe8295d7a72794927e34a01268aa0e5e639804396ced84e6d3cea2af6a00813c951fb421e156618f8c1712d9a9b152de52ec8d19ce8afdf2b5e5d0d1ab3fc1da7e52eab2bf789de9823b6aeb164a23a02e14a8e7d2035a2c6178865aaf93567c702c39b761420c00a09ed33fb729fc615793afc0fc99fac64717f57610c681127cd4d3a19641705afb29badf54fe8de653b0f55186c7f74fbea6ce5ae3fe71c930d51ab4f0ffdd196607f9fd696cee1cf6ae4d423c9154d650b5e4a4a1bc3796c9bcb1d8583baa1a17754e268a2a5b99ab055cf1e577869d7332c02880e5078816d362a1cf696d923b6701aabb80c7da75675b0e39485b372d15db7903638057db3db4df763903e9bb525d3967844810cf5bc68019f1f792d8279dbc62d91bf738e9990e53f0ce9a5c44860cfa47c5323ca996ece54d1c9558a89a1086c8a16b52910a72953bd0499cf4b4776e07f05c9900cd124771badf94c66a5555af789bb36b77757d5971967198788c16e2a14f5a743ffdfa017cb8e369dca0347bd06bca62b63d17bb3fa75d0790fd2de2724cd60ffc76225a5a13fbee9ce377d4cb352a23ba2603285b731051bdc5f31c93badcc5312fc0580c19cc45149fe23b7b863eab9508f55ff98e9529680e50e5dbf55ac63d9a576112d69d73fd3f68bc45fba80e0e4b4bd158a0ba4aadf2fc840ad3e6c8a811769108d95f542309b7403baba3d9ac46de061edba8b929e750182a02a83f9fcde4b234565323f76939282fa54e4e6fce90452a052e105405f00dcb2cfec5ca0fbcaf8503ee4a89b414d1550de637d2155d3a568e55f6741063f802934c13cf8a17224d5eaf1694ff0164b2beef3ee87439ec14391434d8c30f63fdec23c794e452f24045551447e28ca82f366f1e9621445b90f8c006438651874a3348478c84b815ade58d2de94c2cffcce09fb0c2abeec043ec4f66d9b32d9b74e959c31b8c296d54cceba6ac5d69598913d7168c9271dc58bca89f84cbc9ee9cc319ee7c81a2e01640968aaf88d4d20848da2e67c3dbd7bc0df04843423de6a299ac9d5f85134321174788a591f16e5d3bb8f17d991153ba6ed159518c66a55d3259f12be8e822dc6f918d6ddb9397aef3bf5a07f8099ecc5bdba14a818384c1caaa9b40454626d29d47ee48d4faf795e1f0517799692a31c07affe54544dcabca7541361b5db8717394217f8783f44fedd0f0f345b32b0c08a0fc4ffc834985721aa5bef266317eec60a1e14bac1b5b36c5ccd5f8d5219c9c99eb21322a51ea6beff60b8b6e60f0e9a16a16da4ef2e2acc452ca21c0885f4aea31a547442d4c55f16cd30a2da9afd8a2a9bc3f52a6373844c14888e59b03c6555432c3400a98e398070476a3ee854c16853fb937aa4a6735d01b943cd29763583787cd6b472ede58d6a49a2e35fbb7fc9d2bbb26f92bcccd66b362bd7eb64169055e98ae95192a00ea214df11d6d86b3e5e943c7e22b9bddeefa1138e1b16189098bbeb17f8d09c9ecf46f591c6559cfc8d0b34dc97069d8a8e69c269ec79ce7f5e13568f5db7caa9872ee2a61f381249df9ac9570885fa4119814116c941a3cce18cfafbdf6f81d60ced7f7f7716f2ca8558924a2fec3c07a745f4780469d0cb4a7d159774849fc9fdc82986a357ad7239f46037f6fc093c20b58c5c4ef46e0157a8ac251962ec093dce1540dd6fe517f30b6bc06dc2b84d9d10cf631e2b40d8b7cbb9350826affe9b5ab8b25e058eaad36cf7b7f4107f22e3848d234d755426a1b814081dd92beb264c3a9eac814913173a4cd2827ce9f2b82935a62123b2ec6405956abd2759fd8f2ecd0123b91f81562b7e227a8f0408d8c931a49ca161638b1a32264a5457a4a609d014f2247fc38826090b9c8672831b0d047151a65a2130b1ea9e0632d07283e09df47a61f259d87d293b621847e28318431e4d0d4da762a6041f2a2d240cffa7036eddc3597aa99bc575eb1b6422558c866c4534d107729e90df67da96f00bfba762a2d8e8b4599a2d8ef5938ab742945acda2aa06abc78e412bf49d511d9dd6911373883785fad0e7f123f672fb3d9900c500687faa17bb4003188e6d143dc374e652e5365fed728d6ee874837c5e28add17b28a441bef611155eb210dfdb996b9d32e78cf69346a84233e91e588d4254c0925a2563688c7c2098e192b6235a04cfa4ac4e4daf592ff9dd42746d861d877d3d890f62ad8b2c28b0b410745042071af95e0ab55f1f95d7cdbeb1595eead7f98b28a7f7405fda7bf98113dcccbef0632dd06f2cdde3207c5ad2083ba9afb8895991f1484362667bce0226e9f6622a1af6b84cac3c9f2427d9e80b14ae13361e85f653f23594b2be4587ba34684a1e4dc2e1305f12a77b28e604642459ce6593dc715746c7af298a45c03d11e5253b7905b5f4e54690e54ab1eedf6a9edeed5a5517541912f4ccc760a4cc7ee9bd1978dcf2320502aa056fef54951459313c784f23b181dc020901f3883d804487af5029289ade351f2d071268ee309567f6b992a1e9e49e406bc1a51ff25c26a28232307871186fd34ceae3502e30c7f2be22fbe4840519698e371f8d410fc83fcfe683cc33e3cea543203930d6f3f9de6655904e85ab6e7328b2b0f8a9d7a59988837bd43cbf328c325df8e274cb0602651286dfbdd431734ddea3b4d0986976b0db4378124873c185e10bd20bfeb22707c7bc581cd7c76ec66f7b318db21e7f27294305b9dc183fa04f44b80ad5426cbb70f31c036110fc45815ab777e805f7c3dff4ceca30c4f1eb8ca28da2c02a29438887535d578c4ab01077d6fbde12a24dca1dae91fdb4d76ab7e3c5c7220b702a5eacadfaa5a393896d498545a10f0093de5137d70a1b0991ff957e3f80159f5552fa2fd4626c764a22a463858b07267b6a42c926e4b486328eb8181b30f62668839ab02289d3afd6647850656cf43cd8110831437277a6d877aca3099f3875114b0f270df1dae0bba1d2490fb28d647b983d1c4419f217b65b9bcf50371afa591adda138a44bafadca3e8b9997260ad109bed42d6d2d616c2b21182257b5f1f3ee6553dac0d3a0ea36951b465c41ba420126c60d7cf75c46932d2d8aeb9cf578b351ebfdf93bf3bb99d15895d69432d0e8416348e0453178a05463f22097bd801c71e6170d932b6db98ec976982354433a41d30099f6b07289f983eba9f248c1d3c071a1c7926695af3e9dfa2f6d29beec3fdd0d0c4c1ebb7071aeaa9f6f75946f4fa97e9fba4494d7bfd28f25", 0x1000, 0x6, 0x3}], 0x400000) [ 1607.144180] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1607.145910] ref_ctr increment failed for inode: 0x3e76 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000093398c38 20:18:37 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xffffffcc, 0x4022812, r0, 0x0) 20:18:37 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x900400, 0x0, 0x8800000) 20:18:37 executing program 5: kexec_load(0x3, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x3, 0x80}], 0x0) 20:18:37 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x2}, 0x1c, 0x0}}], 0x1, 0x8080) 20:18:37 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf00, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:37 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 73) 20:18:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xe0ffff, 0x4022812, r0, 0x0) 20:18:38 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x80000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1621.648995] FAULT_INJECTION: forcing a failure. [ 1621.648995] name failslab, interval 1, probability 0, space 0, times 0 [ 1621.651299] CPU: 1 PID: 9253 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1621.652667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1621.654349] Call Trace: [ 1621.654882] dump_stack+0x107/0x167 [ 1621.655623] should_fail.cold+0x5/0xa [ 1621.656396] ? jbd2__journal_start+0x190/0x7e0 [ 1621.657318] should_failslab+0x5/0x20 [ 1621.658083] kmem_cache_alloc+0x5b/0x310 [ 1621.658978] jbd2__journal_start+0x190/0x7e0 [ 1621.659872] __ext4_journal_start_sb+0x214/0x390 [ 1621.660831] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1621.661894] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1621.662887] ? down_write_killable+0x180/0x180 [ 1621.663812] ext4_fallocate+0x415/0x3860 [ 1621.664627] ? __x64_sys_fallocate+0xcf/0x140 [ 1621.665534] ? lock_release+0x680/0x680 [ 1621.666352] ? ext4_ext_truncate+0x250/0x250 [ 1621.667241] ? ext4_ext_truncate+0x250/0x250 [ 1621.668122] vfs_fallocate+0x48f/0xd00 [ 1621.668911] __x64_sys_fallocate+0xcf/0x140 [ 1621.669780] do_syscall_64+0x33/0x40 [ 1621.670543] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1621.671569] RIP: 0033:0x7f6d60f48b19 [ 1621.672317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1621.676006] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1621.677530] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1621.678970] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1621.680397] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1621.681822] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1621.683280] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:18:38 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x400300}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:18:38 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x390000) 20:18:38 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x2}, 0x1c, 0x0}}], 0x1, 0x8080) 20:18:38 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x980400, 0x0, 0x8800000) 20:18:38 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x4602, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xfffffff5, 0x4022812, r0, 0x0) 20:18:38 executing program 5: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', 0x0, 0x8, 0x0, &(0x7f0000000140), 0x2040800, &(0x7f0000000240)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@data_err_ignore}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@bh}], [{@euid_lt={'euid<', 0xffffffffffffffff}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, 'vfat\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@pcr={'pcr', 0x3d, 0x36}}]}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffff0f44, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200", 0x2e}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000011300)) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0xfffffffffffffc02, 0x1, &(0x7f0000000040)=[{&(0x7f0000000000)="e99c951c40106dcbdf02be7b3cb50e3f705f7012e16dce4cc106e3d834e788133a614ea98e0ab977909c7f7f65b17c4b62eef069f64d7e", 0x37, 0xaa, 0x1}], 0x2a0000) 20:18:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x4022812, r0, 0x0) 20:18:38 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x1000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:18:38 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x8080) 20:18:38 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 74) [ 1621.902042] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1621.903687] ref_ctr increment failed for inode: 0x3e8b offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000ad6ebfc9 20:18:38 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:38 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xa00400, 0x0, 0x8800000) 20:18:38 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x8080) [ 1622.065235] FAULT_INJECTION: forcing a failure. [ 1622.065235] name failslab, interval 1, probability 0, space 0, times 0 [ 1622.067580] CPU: 1 PID: 9304 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1622.068969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1622.070660] Call Trace: [ 1622.071200] dump_stack+0x107/0x167 [ 1622.071951] should_fail.cold+0x5/0xa [ 1622.072737] ? jbd2__journal_start+0x190/0x7e0 [ 1622.073674] should_failslab+0x5/0x20 [ 1622.074470] kmem_cache_alloc+0x5b/0x310 [ 1622.075301] jbd2__journal_start+0x190/0x7e0 [ 1622.076198] __ext4_journal_start_sb+0x214/0x390 [ 1622.077162] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1622.078238] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1622.079217] ? down_write_killable+0x180/0x180 [ 1622.080160] ext4_fallocate+0x415/0x3860 [ 1622.080980] ? __x64_sys_fallocate+0xcf/0x140 [ 1622.081896] ? lock_release+0x680/0x680 [ 1622.082728] ? ext4_ext_truncate+0x250/0x250 [ 1622.083625] ? ext4_ext_truncate+0x250/0x250 [ 1622.084516] vfs_fallocate+0x48f/0xd00 [ 1622.085309] __x64_sys_fallocate+0xcf/0x140 [ 1622.086186] do_syscall_64+0x33/0x40 [ 1622.086946] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1622.087977] RIP: 0033:0x7f6d60f48b19 [ 1622.088730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1622.092439] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1622.093970] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1622.095424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1622.096860] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1622.098298] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1622.099735] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1622.132795] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1622.201214] FAT-fs (loop5): Directory bread(block 64) failed [ 1622.203920] FAT-fs (loop5): Directory bread(block 65) failed [ 1622.206389] FAT-fs (loop5): Directory bread(block 66) failed [ 1622.208900] FAT-fs (loop5): Directory bread(block 67) failed [ 1622.211284] FAT-fs (loop5): Directory bread(block 68) failed [ 1622.213439] FAT-fs (loop5): Directory bread(block 69) failed [ 1622.216353] FAT-fs (loop5): Directory bread(block 70) failed [ 1622.218290] FAT-fs (loop5): Directory bread(block 71) failed [ 1622.223051] FAT-fs (loop5): Directory bread(block 72) failed [ 1622.226194] FAT-fs (loop5): Directory bread(block 73) failed 20:18:51 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x4022812, r0, 0x0) 20:18:51 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7fffffffffffc, 0x4022812, r0, 0x0) 20:18:51 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x401, 0x8, &(0x7f0000000480)=[{&(0x7f0000000000)="eb2ee48c457aa746d091ddc0fc88cf69c4d6e9572e83e8341fe6b2d02f86796fe5ec70adc4fd78b796ca69cf5a10e8eb8947379d6e2073f8a7141918230c9c4357a86295159029d70010e6cfd69d9b8877e3d090edbe1e59101ed41d42de92844207d2246b558534ef", 0x69, 0x8, 0x5}, {&(0x7f0000000080)="6660c54a1d6ff973db45f1820808dfe78f556692259a7d7c06bb26f2c946ec16905756cf40eb9664412fe2d986f79f772b690382606d536635c63506540f1a029aa8ae93f94b4b598fc9a725c5a143df0f200b1cc48d568a668e5bd1482a122522645be3b18254a05f5cd612bb2e8ec8e22879f61544fa5ffa0d3c4c45e47755bd2262c698fccfe058eda63e265ff038506fa004d0417a0b30ca4d1dbd438986cc4531", 0xa3, 0x6}, {&(0x7f0000000140)="c96825a596fa7a6e7e90a0312743dc9edf20acaa513e0dbac89b867626384dd5cf0255cb0abf62dce4da2dc54feed9f1600d73cf837dae872ee37ea070c681863919027674e1f27a37bce0b6c21d105ca6c4a7cde8ceb7f1e5e00135ed324897846552efd5ffb2ecdc26b44b90960c88f633d9e3a10fbb12dac863f05bcf980089b4bae03c1294e57e68252fc1ea8d1408b4c7929c9e0e422a4fe68496cf118d660f1a23292053226ca7249570ea720e7c567d0743f1d18377be2be3e52b1367df7ff1f16cf0367c9ce7c9fac2ea5ee1c314554fb2704fc23951b911c37a14395f18d5d76c2f516bce", 0xe9, 0x8, 0xbd}, {&(0x7f0000000280)="a8af4ab3cf3a8eeb75bdae", 0xb, 0x2020000000, 0x5}, {&(0x7f00000002c0)="d13f196006e4a3087937cd0a72c6fc30c8c6785a0f3f9e06498ab0028e98bb61447d7b21195df0f745cf08125295688137309e508f7f057df0f3b968f89f4969bb58ffb546a3676bea1ca85063871a88143d8f119d42de9fdd6e2739d35c52bc8f2c7a6c08f90b4f2f34ce17e1a6263660f644bfb278ac569a51ac3381498db75a99d28ffe7ef02669c16ff7542d401249f743b5d6a7919f754dcdf528fc30d7d7847f1396056644a4", 0xa9, 0x6, 0x1}, {&(0x7f0000000380)="acf875410517fa75826937206a8756ae1f195523df6871ee5461642382a9b6e83785c88d60d4145d22c2cc58632030fcf8f99094b54f52301727456815e36d1f99038093dee15fb04f", 0x49, 0x9}, {&(0x7f0000000400)="16e3dc38d0969fe78313bf01f1df55bf1b455f30e95ff661", 0x18, 0x5, 0x9}, {&(0x7f0000000440)="df085c6615bef62c49283d15031291991eda9a4e8239bab6ef58f4cee399305e268812d2e1fd95afc112e5fc8a4ed0944025f9a8c0e8e04faafda7", 0x3b, 0x9, 0x200}], 0x320000) kexec_load(0x33f9, 0x1, &(0x7f0000000680)=[{&(0x7f0000000640)="3ac53e937dc26f59d43fa211c2ac77c40c72182f509251175fa00948af5b12d9ce3a1a93aaf5", 0x26, 0x7fff, 0x10000}], 0x2a0000) kexec_load(0x7fff, 0x2, &(0x7f0000000600)=[{&(0x7f0000000580)="19f21cf902cfc7d05c104770f1f927e24a7731146489e7d7f0c52b838e9976807783bb287093b43c2a73541249f1426a59c0419a8988360c7984", 0x3a, 0x9, 0x20}, {&(0x7f00000005c0)="1df200a69aea939e817a52a0", 0xc, 0x0, 0x2}], 0x140000) kexec_load(0x8, 0x2, &(0x7f00000008c0)=[{&(0x7f00000006c0)="f97802d4f972f1e43da07d0fdc88c2694c6709a86fb5dc24f7efd87bd05951eb41047a53c98c1dc994c1979170eec0211bf71fedb14631eb6672e62d82769f3a0611e11b631abf31704cb36f3ccfb8e224554743dfefcef382eabc436c8b20d01257ead75ce3448b9adbb92fed9d246601636e622d76e4a7b156177a2c23e1b7977c4d1e9921763971a1e7c1bfe82d5139370bb695f6d96d0cb3a9744ad0a6f081ff258b10fd60f072a6ce94124c5459e08cc5d864a0aea2a53af3d4fdc20d51fa1392a7c8c3d951b8a6267b9ddf356ebdf2a381371853c7c4713a8fdc4f50bb1aa7c67fba5e6b8ec484c7229c7eb72c9eec1e", 0xf3, 0x6}, {&(0x7f00000007c0)="eb692c6e86638f0ea0353ab07f4e14fad666979bd87a06d0c69d51cce07de86ed9b7f4b57000cdf307d328a8126f40d5fe00066b321f4b390ff4f180f0664f8468565f4b32f5b61b8da152ee89e88b5d30335a0959781dd2c3096a8d098a52f29cdb45a037add26823e01044553e6c1d66c218fdbc596d925b2e1cde29955e0c47500d6b0a69dac8f62377499ceb09d93bc2e7220ec37e7057775c7f4903bcf31977990a92cf10cb8a06b5793c1a2db637f1f01eb2f347d722860a577bea3c1a84641a5f4fe418315dcdab86893aed81a50d5d83ea331d9992532f", 0xdb, 0x3, 0xfffffffffffffffb}], 0x150000) 20:18:51 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 75) 20:18:51 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x8080) 20:18:51 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xa80400, 0x0, 0x8800000) 20:18:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x30000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:18:51 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1634.926393] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1634.927315] ref_ctr increment failed for inode: 0x3e84 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000d43e9cb1 20:18:51 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x2}, 0x1c, 0x0}}], 0x1, 0x0) [ 1634.942327] FAULT_INJECTION: forcing a failure. [ 1634.942327] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.944672] CPU: 1 PID: 9324 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1634.946072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1634.947767] Call Trace: [ 1634.948309] dump_stack+0x107/0x167 [ 1634.949056] should_fail.cold+0x5/0xa [ 1634.949826] ? ext4_find_extent+0xa3d/0xd30 [ 1634.950744] should_failslab+0x5/0x20 [ 1634.951505] __kmalloc+0x72/0x390 [ 1634.952223] ext4_find_extent+0xa3d/0xd30 [ 1634.953070] ext4_ext_map_blocks+0x1c8/0x5850 [ 1634.954000] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1634.955068] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1634.956136] ? ext4_ext_release+0x10/0x10 [ 1634.956977] ? ext4_map_blocks+0x5e0/0x1940 [ 1634.957863] ? lock_release+0x680/0x680 [ 1634.958678] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1634.959642] ? lock_downgrade+0x6d0/0x6d0 [ 1634.960496] ? down_write+0xe0/0x160 [ 1634.961255] ? down_write_killable+0x180/0x180 [ 1634.962192] ext4_map_blocks+0x652/0x1940 [ 1634.963063] ? kmem_cache_alloc+0x2a6/0x310 [ 1634.963935] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1634.964852] ? jbd2__journal_start+0xf3/0x7e0 [ 1634.965774] ? __ext4_journal_start_sb+0x214/0x390 [ 1634.966781] ? __ext4_journal_start_sb+0x1db/0x390 [ 1634.967776] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1634.968861] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1634.969859] ? down_write_killable+0x180/0x180 [ 1634.970815] ext4_fallocate+0x415/0x3860 [ 1634.971625] ? __x64_sys_fallocate+0xcf/0x140 [ 1634.972542] ? lock_release+0x680/0x680 [ 1634.973376] ? ext4_ext_truncate+0x250/0x250 [ 1634.974279] ? ext4_ext_truncate+0x250/0x250 [ 1634.975178] vfs_fallocate+0x48f/0xd00 [ 1634.975982] __x64_sys_fallocate+0xcf/0x140 [ 1634.976875] do_syscall_64+0x33/0x40 [ 1634.977628] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1634.978671] RIP: 0033:0x7f6d60f48b19 [ 1634.979423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1634.983115] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1634.984654] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1634.986081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1634.987533] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1634.988962] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1634.990405] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1634.993215] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1634.994143] ref_ctr increment failed for inode: 0x3e84 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000d43e9cb1 20:19:03 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10000000000000, 0x4022812, r0, 0x0) 20:19:03 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x3000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:03 executing program 5: r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x40010002}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x3, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x14}, 0x80000001) r5 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000080)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd, 0x71, 0x0, 0x3, 0x1, 0x1, {0x0, r8}}, 0x9) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:19:03 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xb00400, 0x0, 0x8800000) 20:19:03 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 76) 20:19:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000000, 0x4022812, r0, 0x0) 20:19:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x80000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:03 executing program 7: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', 0x0, 0x8, 0x0, &(0x7f0000000140), 0x2040800, &(0x7f0000000240)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@data_err_ignore}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@bh}], [{@euid_lt={'euid<', 0xffffffffffffffff}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@smackfshat={'smackfshat', 0x3d, 'vfat\x00'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@pcr={'pcr', 0x3d, 0x36}}]}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffff0f44, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200", 0x2e}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000011300)) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0xfffffffffffffc02, 0x1, &(0x7f0000000040)=[{&(0x7f0000000000)="e99c951c40106dcbdf02be7b3cb50e3f705f7012e16dce4cc106e3d834e788133a614ea98e0ab977909c7f7f65b17c4b62eef069f64d7e", 0x37, 0xaa, 0x1}], 0x2a0000) [ 1647.578031] FAULT_INJECTION: forcing a failure. [ 1647.578031] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.580410] CPU: 1 PID: 9355 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1647.581812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1647.583521] Call Trace: [ 1647.584071] dump_stack+0x107/0x167 [ 1647.584824] should_fail.cold+0x5/0xa [ 1647.585609] ? create_object.isra.0+0x3a/0xa20 [ 1647.586547] should_failslab+0x5/0x20 [ 1647.587323] kmem_cache_alloc+0x5b/0x310 [ 1647.588140] create_object.isra.0+0x3a/0xa20 [ 1647.588364] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1647.589014] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1647.589040] kmem_cache_alloc+0x159/0x310 [ 1647.589069] jbd2__journal_start+0x190/0x7e0 [ 1647.589097] __ext4_journal_start_sb+0x214/0x390 [ 1647.589126] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1647.589157] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1647.589184] ? down_write_killable+0x180/0x180 [ 1647.589212] ext4_fallocate+0x415/0x3860 [ 1647.589237] ? __x64_sys_fallocate+0xcf/0x140 [ 1647.599270] ? lock_release+0x680/0x680 [ 1647.600102] ? ext4_ext_truncate+0x250/0x250 [ 1647.601017] ? ext4_ext_truncate+0x250/0x250 [ 1647.601908] vfs_fallocate+0x48f/0xd00 [ 1647.602718] __x64_sys_fallocate+0xcf/0x140 [ 1647.603614] do_syscall_64+0x33/0x40 [ 1647.604387] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1647.605454] RIP: 0033:0x7f6d60f48b19 [ 1647.606223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.610033] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1647.611608] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1647.613071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1647.614528] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.615986] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.617419] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1647.629829] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1647.631736] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b028549 [ 1647.655992] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1647.657661] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009b028549 20:19:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf0ffff, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:04 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x4000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:04 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xb80400, 0x0, 0x8800000) 20:19:04 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 77) 20:19:04 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0xfffffffffffffffd, 0x2, &(0x7f0000000080)=[{&(0x7f0000000000)="265317b700025b3f8093926b8af60893f75d7fdc707a29c450eb677344ae4615e6d8ae2f492e8a9f93b764ea1f7c931ea7", 0x31, 0x3, 0x7}, {&(0x7f0000000040), 0x0, 0x7f, 0x80000000}], 0xa0000) kexec_load(0x6, 0x4, &(0x7f0000000180)=[{&(0x7f00000000c0)="e08efdd1a4c12acac78cd97ccca9a6caa0dc1ed3cb245b289168a6ea5bd2824de056409496f3735438da2f3e69b712b0385a8491e9e2bc2a3363ff8a45955eadd99b70e4edded4402107d5e1d5584cf22470e803c5bfb8cb0f1ce9ddfac887a0f52ac79b2ad05636a4511011d875e3ab33f11d1d9eb714c11989dda992804dc812f0", 0x82, 0x310, 0x7}, {&(0x7f0000000280)="a230fe57ee8d12c56625ce0d17202ad1ae0cce227544c7b24d5e02f80511529eee63aeee395e7731680781e672fd178179090d929c56fca889149ef5a00dcbb0ccdff59ce4eba0bae69f1ed8c0cb73711bccfedd1688a7a308b8df22fa10ed979c355cd28965556f6aad64c9b3e198a6e0cd5a83700eccf6ca8e13c0759f228bc41bd1994eabfebbf594840077c86e52745a0c5b3ef8d3cc22396e8de7a9952a1214aa8cf406be06835e6782e291e8dd3236e64f6f1a8f87b157bdfaafc3c88bb620ad9ae3c9b1000891a3d0bd26c2fb35593bdd4004e9c63b509d3ae3a7cd35da2a5ab8", 0xe4, 0x4, 0x3}, {&(0x7f0000000380)="3fcb3afc45a6d05c9cdd9bd698b285ff896ecd8a3085bb0d03b192742352a7d9a7844bd4aa9d9cbb39601088fba70c855088cb1ed9ef036912d98daef30ecc37f07ae2217fbb86c368d8c7856c9d38f8b391b75aae22fb42742426ebe40268947739f57a189192d880ec5462259b10beb2c49fc9a13460d0751b4e6cb657c3d0607281678226a01c5572c6ede45c464d229ce86151e0f0eb3c70f35263abdc1367390b30b871fdda47e97f3317b7dbb38ecf0879b3eb61467c0afce8d795c1aa78a39c8aa74700f489c9fc83846eb16cd63313710df1f4813d5d74a5b2903a45a91ab3f2515c0d93788ce10d6f7a64f062d8542d07029c2c7b2ee23af90c65f5ad8b1abef1ab0ee012e5b920d049e227f79a50cbe62763fb90ffdd261c2d1132d925dfb1780e5afb2f0b8674497c9f99fd186d4e9a695668cb554aee83c42fad7b7a4f6749a9463a0e63ea9f8668f1786be29800bf36d047ddf1b57018ecea000ba376597aa1a20442701d7f45e9204d37a7374c68a5a3573fa5bb627a46c6e26dbe92c23fe5fb131ed31e4672c7aa62bfc3206fa0e09dd2855df3ac60e174c7c62ca97bfea8dc9874500fe9f371768ddf462fa814a312b7c1e70858f3e32a4cce5bcde5903c93044f34e91fe3e8835947adff6f130d9c6f5f372ec6366606574ca48d96e21cbdeb4ccb71341b52b2c50ac5eb4d40fd5ac8890d11e18438e8b764bde4af6cffd5684eb59d6f22a2a29007c235a7b2f7691463704d3b026232bf592d809f3a00b7eaace7bdd7d5dff69de8f9d3799441bf5a03c0ae5632703e9acf57544a8f9e531da41bf384d12a916487a5d40801d58351c3efcb7b6ffe273143a5dfdda790936c2579c84d239dec746fd82ea6df36afa5b5d5e540d2edc2c7d1827ce2ea0561ddb8502eb60986cc166b38dd6cb2424f0eecac8211553fff9bdca2e49f2b27a405aa4ce2604a99da27587d86589dfaeb51bd9b3bf3ec5c05eec6d4c1473aa77c92a4154a2ef404a2dd106e246f1af00c09209da09f77a6b8e3cbc8148295b429f2e1252412237cb328f43506df77d307fa5c401ed4e0f7651aff16f5a3be3ed8a2b20940289860eb77866c37989bce4551724b9d7405e34d1a34a34cddeeb2ecf2de60f4d1a9b3cf08f36c9f8e912f82f448218c6f6810259fb79beb25d6a2d538e6e5ce1ed19660a17324845b4c2bcbce4b8655ec91371f3ff0a264c6b310b595367c0f9cc451251ecb9371c5050a8b236b029fe57b34cfc5994f89a6b53932deb03c492fbd7187bfe03fd1164b416d2c33023eb17a38344890bb9f2716f87c5d72d64c097a46b76a7d74a3a4d6fb6e81f75fbdfb4c349ae5cacfd701f93ffe2dc2da1a80dd0ca93c96fd2129ecdeffbb386077c474bae70f9ca331635515032bdc3fe41367210878a7ec38b5633386ae4fd5d284f3974479559db00487546c7b4a6c291246578444602ebf0a47d0f69a8aba61340cc3acbad25452c7d42ed295865c6a805c893c94c8341360eb8a224b2a0c262a38b00b1cad800381aa4f1acec0b955a7c21bd63064a2e82c22306b5e45f7c65257ba4ec55f57d3f15a22931984e9f6788f34c72602264916bd1d24190683b811fef6117e4b4c32acc5bcf4380a29d975c471d1b8bf6cc81ee87593359e5f937b9ffc0c5716348960b49e5e1148268710db0c9dbbed65c3a1fc994a404d3d52bb07a178fa105c524a346a6893fbc0ade09839a809bdf976b637a8e5b402a71bec6da0d47bbf12df0c2f4dbbb70b6616814b41d052477910e3a6a424f0d75f50395266bce51a8c8b63dc073930fb31351c1dcebe9df7dbf64efe72a52917855f156e4c454b182275fab2c3639bafd4e95639aea1bd29f7c36cb7e137f33227fce127156d085cdcb6a814147c04714e1f4aa7ecd9ff51b3607a55b249770edf8d369f2735d5465a46a76bfbd31d6786205fb24331d53296f06fbfa0740665225efb5bdd4ffbca4f0437c9aa10037afa5562c5ceff04ebeadbc4dc47b03d5997994285ea118854ab919ec0bdad7a1b6c7e6412ff9d7f7b9b8fd68b806daa979d131947fb4b8d5e512b77b1b22f80bc5cd9160d2cbf438e82215754c08dd4959aa5281568ff425947a02bef698695f04bd6d85ef55fb4ba90282b4d9c7aefba4a1891ba7f89600de7a026db230296c72368cb800ad1395abd30625f4b893190b82c8251b7b3896cceddef8dfd9f680331053d221889db483a4c62d8b17e9bfb27985d1020bd3d615a5b1982bb0c1432173a6302308d14f4949219dc9bc3cbd944d312e1eb652e9d01b7e7cec12e93e337f1d48d246b950406658d7861955dd8c9bb2c235ffd0429845dc49d9235fa63cfa3bb849872172fddafefc2ecf53a10a1258e12d1eaac85ef6c8613f71571f6af3f5b5d5b1a752b3dd7b4cf2b1cf372e1bfd51e60c5fcd74f8deaf81e99f1948d16a34d0f214db3a768e894d6cc3504746ed80d1eab0a90c12ee71349f898fd6f0f6a9ae621beaf226588a0839f25f583c775d46a4c76e944f0ddc9acadc215425af49d573b77c6d0899dc025634fd319df6f6cf905e196ac0765ccc7de84f13d99c5bcf9c17183e285149873b1a2101e1e73ddf69448ed28467bb094688a0211a9e49fe07305b6713d01bda6ace47383518dcabf15a7a080f86f2115ccbefd0f60f1e1a0885d0a944fb65974ea4518434d6020d36f84b779001750dcfc4531c11ff4dbc41d26fbedf115a6d58568215fb0cad0f1a1cff4e686c4043ff067892febcc7aebd13b60e569c1385c6e235084e5de82923161d071e542afa2498379934172185035f792c7be4c8a6d25fe13f28972809c0beb9cb8df3293a4da46305ad734a70d2397f56b850b2ec486523096b19554ab6f756941c126464efeba9174e8d97571eac712781a7b5d37574560295ba2efe8e59ac9f1483a4fefa620acad30ec9c2c3c9363b8045c255a9c741f9766ae2ebb3c1bb8230e757e1f09a2eee7f77c693dab4ed8165494172a8323d51aa36364294180ec57971924bf3d7308dc4ed1989bf97065d1e258baaa465d772a91b2a99429f52ce783ddb3f9ddee761e806f78a9aeb8be04dcd8c8cf77f76dca1f2f1598017e81560674d0b2e9b87f5cc3b3fa5d06956486ff6260c70ac9ab5c42cdb8e01a6e3d18cc388366f0515b41587303ed28356735ff5da44500224c34c064d116545f7cef8c5bdfbf6788ceb6ad0e0af2b43bc84ca7a11e88dfeae855e8e90691baa98661f1980244367d016ff10ef16f209ab241f590526241709c514906393a6ec2169f62129af728ebd376cca9b21036994132dadc111c25ab951b863e0b4837cd54929f18a61ef299e32f0100944f79eb3d1eabaef91e44fe26b55dcbe7b5b39492c9f31e41c5ed9965300e40bba0a0075175f4583f880f108de74cbaca9d7d8f1d6c37af20982f389a10f04dab6b05add8b2fc1c50659bed0d95925e650cf19ce1057f8c6d315a7a0916aebe10899db8efbe57c41a7d975d3bd0ea8d731005a7155cf520772c8608d90c4d236d413d24028dce26ad6eab0895a8a178467371e0af674c503aa08a31e36c299b28ee3d4f4c6d053230642889e77f817effacc1a8214e11abe00ef06819d42262d5d7cd1a8ef02329f571688601e74e73a123d0f00c9884a5339be5ba03ddc362566f32008ad4eced80bff63cde5ce84d46bdfbd35121646d81eb6255066c4f2d4b2fdf2c38da9ecddc2c71222f95c456ab04c4e32cfe44f1fcf7d9d6720e8ed33dd27dc60dad445155980a4dc2c0d2fd29a03a6af999b04448e6a8bbbebdd4e9e70731e14721c95d09bc0c4fcf01bf1e09e886bed0e6277a3b59078ad40411fb9b115bcab2359996b7f0543094ac7a13e752098a0f87d87c8457f09f3989a282296c816a79f8b5b0cbbe89fe336abef7b897376a0b866b811f8a5c222715181a22f52b30e48b401520b198f7fc039b3f33296cbea653e1d6e51a1da7e6aa327cdc0641252f21b07173ebd89cc45ca1db43ef460b325b29a690e5c3c3c8595b5261c95837260cf628eb33be32efc4419578abceaef01630cbade748c4f38c6af33ffaf9c420f8c383f660d64babee5555be05d8668e2a73a01113a9729221a4b6c5cc9f7725228f97533d687527bc15c80dab94936570bfdf487e84dec48f69840e603a7b9cd376c2606d913dd744fbe0311ed58574e6396f7bfb55f07ed101536d82d3c3dd7c94209980582d3f32d0f9b14fa5ee93a553da5ca489b960a3ed36b3885a5bff04df170593687d8785446d1fa7fb9ed7b0a7d548fbf6240e23b86a62be440f1c07a3bce6bb786ab7b9747e2713910d356318ad467b2ca10eabc2acc8d0e15c7dfe18fc537d775878d038a58ce1ad57822442289ef9f4b1a8127f0e1d801349990182d6143bee586c6ad2a1c5d3a9089f725c30c97565a19e195f6984b6fa1b1cf6496130d5712f43740a6a9f01a21b1231a4a491e6c9ef1fce512b2d8c206757b15468127a99ab5ae19445d996bcab0fa9c7c23339f86c53eb1e6b3740ac1f68525d409e3eba633baddcaf420a338b9d0140f7adc3c397a92672470f114b0e6012b4169ced1e85854327ac583266ffc1216e91187257cb3cce050dcc2e15b29bd8f6a97367f24c7a32a116d6edf253f5b04827fdad4f273b5b6e2b75508843c0a00db091554ac526cd41c152e87c14f54482df16ee454d6ec8b50f8f83de4342cffacf9d9aabc14e89bea9ffd25af1e3557a9c54431cb0e21a5362110e4c264f37d50ee628f7271c670937a554eb1fd00483a260715d156e8584f497f0038d94df877ce2616d62a53a589293f074a06efdcc2f7b4d7c58da76f0e671e127d23cc3a2178f6a828e4cc0a9941b739753c38157e44ed53d6104b533f60e32cee2b705d2b2f6f16be7309580971705ee9d35991d0a27e602aeefa6a11baa3bce538460843658840e6e86ff7c314ce778d938d3b3c629465fb1a62af9ed78f7aa8b2150b9c2cf80e87f87519613b960c27b235bb73f27f845b6dbe3b7b07610698f276c72a9958eeb266c373ca04a4ad6fd29fa0f89ace745c9962721af4426ab59918a641b606e1c857f3fc2665e357172e996aa567427540b643bbf7132592e5af5c36d8030bdc1a436268872090dac23d6f60d1d09dc4d064ad4d26bf5ea64072773c16a5ed9db14cfe203ac0828fe39f1ac8dcdf70e037c0d67e72163744df29f87fa1facf2a6f428131c7dc71e38aaf77fec4110841b2ba0cbcfc7152fbc305445576c203c2daaccd757f8c9b83a6d5514369c285c920a018fff044d12210a937ffa4ee099164622f911401d4d57e1852804161d21742e3cd82ba9bd6d4ed08a8c3bc540c3f1ba923b6fd38335a3b935e913ecfbc7ec3b6aa6bdcd5366802acd809b567de15b8063b793fabaaa9c06906764206c5826944dde7e4bb195583610de11ab76cb6ccb0cbed47ae2ab256d7bff1c7d8eb7395853844c8e9474e80c4be03f1dbd6674ce3e0652965e25ad240b3eea6a2d7fe4fd00a552fdc392506dc3e4a79f7254a273d48c96255472fe594ba953d758a4264add84f1922fe76c4108eb7c2b68a3cf5105cb11e6f3be65304819234e63c9a2880f7b752e8b144588e2cc8dd26908ab3893aa03751b004e8c35d7e8b8dd7e529b2f50cceee9cd45ce4ddc9118fe96be3745592292f5c2b390085fae759b5cf1f1bc13e08222441f93a5273f9480a0afc0efe66d461d55c01251e2718a9b7e25f670c5317e0552185abf089c0add67af1cd0eb3ed4d34103b5", 0x1000, 0xffff, 0x954}, {&(0x7f0000000040)="67149ebca47bc6ad94ca0fcb322a6f910ac3a43af1d67c13f606ac4d718c3647", 0x20, 0x3, 0x4}], 0x2) 20:19:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x30000000000000, 0x4022812, r0, 0x0) [ 1647.798111] FAT-fs (loop7): Directory bread(block 64) failed 20:19:04 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000000, 0x4022812, r0, 0x0) [ 1647.814449] FAULT_INJECTION: forcing a failure. [ 1647.814449] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.817496] CPU: 0 PID: 9379 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1647.818924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1647.820636] Call Trace: [ 1647.821172] dump_stack+0x107/0x167 [ 1647.821920] should_fail.cold+0x5/0xa [ 1647.822711] ? ext4_find_extent+0xa3d/0xd30 [ 1647.823591] should_failslab+0x5/0x20 [ 1647.824357] __kmalloc+0x72/0x390 [ 1647.825077] ext4_find_extent+0xa3d/0xd30 [ 1647.825933] ext4_ext_map_blocks+0x1c8/0x5850 [ 1647.826882] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1647.827364] FAT-fs (loop7): Directory bread(block 65) failed [ 1647.827971] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1647.828000] ? ext4_ext_release+0x10/0x10 [ 1647.828023] ? ext4_map_blocks+0x5e0/0x1940 [ 1647.828046] ? lock_release+0x680/0x680 [ 1647.828067] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1647.828086] ? lock_downgrade+0x6d0/0x6d0 [ 1647.828121] ? down_write+0xe0/0x160 [ 1647.828147] ? down_write_killable+0x180/0x180 [ 1647.836339] ext4_map_blocks+0x652/0x1940 [ 1647.837190] ? kmem_cache_alloc+0x2a6/0x310 [ 1647.838077] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1647.838563] FAT-fs (loop7): Directory bread(block 66) failed [ 1647.839017] ? jbd2__journal_start+0xf3/0x7e0 [ 1647.839045] ? __ext4_journal_start_sb+0x214/0x390 [ 1647.839064] ? __ext4_journal_start_sb+0x1db/0x390 [ 1647.839102] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1647.844218] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1647.845210] ? down_write_killable+0x180/0x180 [ 1647.846154] ext4_fallocate+0x415/0x3860 20:19:04 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x5000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1647.846995] ? __x64_sys_fallocate+0xcf/0x140 [ 1647.848030] ? lock_release+0x680/0x680 [ 1647.848848] ? ext4_ext_truncate+0x250/0x250 [ 1647.849752] ? ext4_ext_truncate+0x250/0x250 [ 1647.850400] FAT-fs (loop7): Directory bread(block 67) failed [ 1647.850682] vfs_fallocate+0x48f/0xd00 [ 1647.850711] __x64_sys_fallocate+0xcf/0x140 [ 1647.850734] do_syscall_64+0x33/0x40 [ 1647.850752] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1647.850765] RIP: 0033:0x7f6d60f48b19 [ 1647.850785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1647.850796] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1647.850817] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1647.850828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1647.850839] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1647.850851] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1647.850870] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1647.860031] FAT-fs (loop7): Directory bread(block 68) failed 20:19:04 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x7853, 0x4, &(0x7f0000001280)=[{&(0x7f0000000280)="907de77ff918a650353c459c489a8f7a67d36e5386b81d399af63cdb4bffcb8fe4b0c5b3457429a589a0eb50c8a05956d7b241f153bcae348cc43d434021195bf3b599540b246dd9ae98ee7e3b38371c7fefe997afb60ff60d6516f85f7f0875fff6424691b993217e33fdd417e706377bdaaa89260112cc9f2c7b850742b55217027f5a6741511a04d891a8a05aee1613916950189ccc508bbead8275d9861457a84f92c6c828f1cdc8befb373fbf6d6ff5a5c5677071b0accfef8be6f44c9735be396b5d53c6b3443846f08a8d6a83486b2bbcde18aa0385bf74cd3881faf91e4589e4fee3910f4e66d9308214456c31d221bcb3eab2a16767b8ea6c6f81be8c03599d487184810745f0717343ce443cf49d54d720adf32eb487f732a1d0a058787fe51ff3842af76e701e86716d478e002d546a7fcd7d2ad62f80c5b0ada53617d0ff57c78bec3bde5b9c68ee452499de1fc7d4f0226d7e0196b1118ca6fb00268e5cec5129e482a38a6a6a5dd9541f53cd9aeab70470a66fc62cbb83280f22f805132cf6521898b0126e446d73fd6b3a50e2230aca619679061dbce5e3d1e2a063d259c4d55ffa8e33c883c465bcec40612d101864584299b6a7c87c0e0c4a000da35b26a8b60ace62e54e998454f7e334d5c84e4482c624ba6835aa210fab8800ab5d8dd899e9f3059123f9934bdc90cf246223d901d480e4de829b6f0575cddcfe246207828da53b8b2c702545aa17c7971dd8bcab86da8326fa71643559dbb042cf9ecd41be3e7fba21a132da64fdb370bb9b067a30a4bbe2aabdb82b7c50eb2bcaa2417767c1dc1ed6b5bb16a8567ee60275163de2f1a702641cc3d5a2805e19e07a4057aac49dde4ba1070ecf6f7a14150a8ac4dbbf7fd66a36edbd05e506130f145d8d1191c08ecd15d900c164e958d0da2adfddd5f353905dc867b2058f5c0691e478f984f84256f40262c0cc38138969bae2c4118792488c3965b22f86f3e6a33ae28b3f6ece8fceb489e7f58934a46ef247e38654692803eb9b56763e9c171969495b58cc5bc324c034a114d8194829dd635796767b6aa90debf42b2296ed8b15a7c9937b1b1e4209defb1a93446f9613b3527d31218078075a04e38224ebe38c00e3cccb0eb464f5aca184988e5a79a15301320cb83b1c9b5120eee1b2534caa54e00ad43ef6f02aeafd9d0c9e157d44a9de1fac498e5874471a02f3c65886f61e83d2621b45326100ca40d436398d6e6f0b31bcd0801c4160874e549908993482334cdd0547d77e7cbe32397193dc9187644012853f7bba1017926341205bc765be38715c41d5826245d2cd634c29ff637a8f3609cffcef02894e282464b24d3d864f7bf2f022e159b880c971aaeb14e152526c2a52b8ddd681ed09b52af7878bf7f6f498d69b0057d6a75862a7e17bffc262758840a6f5a2d504e732dd1d88d8f28a5ff93fd065fa2b555832af52e35741803a43982c4f53de09bdee6a174d1e81b46280bb05ccff3e38b94b73306653259d3400b8d574a035a130f51c32128b4607c32fb1cf6777e1f01344d52d4e7fd5c5e957d966f59fb8da9c31011c00d14f19abd9b9b39e1e5fe199109f14317cf806f95d8da968badc7b82a4d406cf2cad8becde72b2f7a55d3abe0f350e146426ee2e87c30003faccaa5e0413d454f949415fe83bfa916266957866b63698a957653ad57904ab24e2a3ebaddd8d80a927186e82abd60abe7203633e2eef7728fc0525e628dedfe63ebf94d9850879267212e039402cb89f3a6a46d98f55d76460eb4984f69f02b35d66045ff38b5a7584baa4cb7c4209b56e0d18709b98004cea791da88679361829b2483fd6e9356f97af4eca114cb63649683d625d5d5f30a4d51e8b83a6a123757dd5d065dc79c1abf1f8f724780a15b50dba781efa966a21bc822ed8bfba5ba3038700cfead4171250e10799e345f0b94b1f0bc715cf524e803b2b51c10ea302e20585f42b141448c314adc18256093e7409dc1e765ad05eba4427fa0d0418933fec125cdf63f46ffb2d2577edea0198d9497381577d3218f58aed41af42ab655a5cd0ecac551b7cba808008da047664b7d9243b4cfc8bdbe4e8ee9fec36910cc69d6bd76371aa74da0b6cbda75b9e19783028b6168fdd6685981fb5fa3cd0319eac663456bb959dd2478a5a780148852ac95188f3eed404bbc473c86c45920497327c23e8d6869c656b0eca67d2ef99f323f32aebca87c203daa182ef233723521d685ae4e85626996ef52684fe77cacedf7cb2e0dc3c23217a399e1a1bdf1a9c409896a7d388f581b6c1fe3ebae6b0fc363653b34115984d937934e83724f97739892314345107b100f7311ec04ddcbb2d78b55b7f3ab27dc3cd8335228baa6e6a260f3101a0d822e9f5f76185e509a683c23faa5f38b95853078b6d8ca2dc340a4a908128cd4cc4ce44a1e0cda28cff6bfce51e294d2275170d2a7094e0f1e75cae2a0b78aa17c7c25aa1979294cccbd6d27aebc89899a361cf6cc1a12848777c43fc0a10d81ec56dd41a475da365aa04629dcc0012fbd7a8c08f069ce4ec70d8a7de099c16ec733e6f4ad22bb79568d5616b9a11d38cc14c94ecaa4e11ae2dcca8fba3113d9aa23d1acd3a8e5da2692badbd314849426f1e649529375bddcf2dd3070d5561f7c8edf77ca7cf8aec320ddb3196f4bd0213293d3a3456e498f93b0c208823d9c4e717a5c6ea1e808c37d997e78244d927253c849dd24136cab18c92552f1d2a2baa75e8468d4ad89965e78920a69c235d5a50c2b5b2bd28e890a752ac13c271889a60ecead15e46edfb40d26060d4774d87f02006b083d08492845f28fa3371113723d9908079d355fbc47b2585dcd7645befbc67a5af26d3b9de32b2dde03794c6c8d9bc57c23a0191eafe9b7a3c28cea9b3af835df2c2fdc27bf10ff2e87ccd7c57b09b937c019cc69414f3da9578fad562de5c8064387e33d4adc4dd4486ad982e0a3b47486789de5583bf8b8177c233c2f214090ac0fb4fd0600479c7e51b89fa78dc9671bc86a720b6c6f6e25a1dbb3cb563c239d4211faf30c4071d90236d21f3a40d23efd7bbec66f7eb10e5dc9f889994e92242d3a9a0347bcfd96a72951b63089c4a0c04a92d3f72326b414ba6e41302616c6574d9fe7e30f32f91a5131c4e006f986e251fc7fb05ee285abf1b1494d421f558bd278564e694b1db284e7e213fc7fd5f8bb20b3abba734e5efd404a60eb30c2442bf21d3ac2725b4f94e51e61eed8bb9cd567b1ddd1115998fe7ce544749fa9e6f0cdc7b7fc44788ed9dee548f51007fc268be600f383f0af1e48a812030746de8f974bf1f6c85ac3fbc2f0475ee15310354054e988c75de290f679acbdd6f90de0522528dcf63a03d3007dd3972ac706affb16d2d048bc2bdc44a897e797b5e2c5f4efebf620ccece5c2b86888f79cf3df7801acbd5dba9516f020d9ef21ed11da464e80a0929ab8819b955d42347c5acff565e66c4181bda90fab08c3ff828db327c354cc8936209399d60bbd2eb599781b52f1524b031a4cf50568356543167602ce88328c8ed41d6c1db7ff3a2818f97be6ce62a6ed90165d21cf381fdc81118446069d8d2609064bd4a34598ba68a2948427a484b830e4a100698db16744974a92831a0839d34f0d3b925a58fe79aafde3cdb533b9510ddbef4041321851246c8e75a43aa504115bd1a029a03c968ad749a44fb43e9072e7997a92514e8eae287b82c79c40aa4f2e923f28d177122c903bdcdc9f8314af0e08b3b2c35aa32e5f0c05f1580593e1574e61cfb7b1824c07441d954da07a4303a8707edc7f80212a445f8105c89417f793d55e659a7b0732723738b80ecde4b0cce5fdee343147c5f5bd72daa34a5d409d647fefb7fcffce8422b2e23b11d45ee0122f5a70d7846b2793732b4d39fc6c2f563a7462bed54c723d3940ea48cca7055c4a236762b30cb3a3bc095e06f1cc8dbb93d8e02723e57b793d41a1e067478c0aba0beff7f88a77935a9daf0972a98107631493b93116faf175afb42b94984a8da1bfe4c0f1f13c5d18d2f64e48ffefdbc0273ad371d80838e8e28992546bbcccd0ebe4689898121c16aaf3d375815978435dee23f660065c9411354f17346306cec2c877efe4483811552e5cf384470dc3bacf712f14600f99e20723dc997951691686411998093ad5e001ac4d334b0761c1ecb4c08613dd26eee8598a91a441bc57738acd3c6b5f2d72bbd1de52846400c4e4e42c6ea8d5f63f068f8f05d8750c25c28de1dfaa7a538fdf10d49cc77909cc4e504f9617e4e13dc0643a1d361e8817964d0513cd12cfd3f96be461f44790c68e375828e31ff54dc6f7069cc541ab1656934ee74a38027362457a3d4339397fa568134b8bd9de6da7fbfe8811c67ca62b19cbff9f3d8df483d187a24049c7d9d8ee4ce8bfaef3f6630c9b6acf27ebacb84c57c7ee95c60eeb9fde390f02658b4486fd2ccfb6a0cedbe87475fad739ba92856e98e31054cdf4744c52c6cd6fcd4c6365d3b1fd6bdab63c28d2d4983fec1bf3edad8a043a3ef6287fbe39a2f1a5ad0118533c48ff14808483d6bded58b0508add4c08db69678937882cc0cd233379901b090947fea0975adfd70647375b68134338749a3e0bc2f7d6dd67982cbda80e9525fd3fc803fa12147d0d3645794c7f7a93e598eab9c1e85bcdf2947422829d8f874b05cade91de1ca147f225d4f7d60d5dd655fa98881437a401453163034661c31a0d2a3d8546946a5f7283aa5729c34aeefef52ba7a4582dde4c3aef6500563e3cd87e684d50788d0e9a7d3f3c8beb009c7bb8420d54d9192652f0cbc3dc31c3312be767ef52d75a33c90e55834d1174b01a444fd85e92058d6dfbcd63c3ac698a68c018f9991c96e0787d449e3e64a220dac06218ff2c18ae94cf6acf8ddbe5e662f6c3c15a843c8b1a9ee60e35a92a7f52f3f2f7f615ed4f013b46d456ead398acfc9ea6a06beb239f9ffbab598463312aad1d0d8aef26e4da01f6dc8727a3480e8c353f9f81502ec0aeb2fec1a69e60d31fc9a037556f747ef8322e1d058e610c87d3034c7a001faeebe7ad5fc9ead6787886b07030a10548b71ab92434a623dc84f128171a00190d6af3f0f5260c4d7d8cf94e59e36bd3593ed20aa6cfeb2fd02cc58fd1b19e3c5663c12c7a1423410cbc77d421b27cd49f50fb6684a4ce1081b97f3913f1ae6ac169576f02c37c0b439f59ad69902a937d48b3cda6989d5e9e87fc3bd6d6a3dbfa1426e72fb34ba7186d43ea714b5cd0b8424632db27145124c1336ea469eb309a3177a71745ba8bbc71d253af83933ef0a5d37d0b6268d11021dfdb7c7c10c488bbcddc32efddf3fd7af112e30322b8935cdc6f113d3660acf55349265dc3cf14c61deaba34b1b7723d826dbf5dcaf320765bc40724d2e75ff7a05e341e034cdd2f58bd0b591e69da74010a8b793add32d25587c868d332c5290fe1905746e83ca41f3e0c5ca93061e847e8fee471a845bb1302861b134c0571871b62d6e09228d27b41753aa5840a89eeadebafa422b078f66eabf15f391bdb4e45e0c2fa6f0a6448d173e28b141b2a419370b7f2e39c347cadc0d5dd79257114a041c3ef9d17179fdd80e1778c43ca3f909404a4f006d979274d5df0142570aa94530e49e75de77ed21ddbb3801976ce9847cd803e31660543e8ea86d6731461352af9c75c4d4629208e801283255ffa2e7d82097eb0461f9188ac7a46b406648a2f79e39b35e7eb1ac", 0x1000, 0x0, 0x7}, {&(0x7f0000000000)="89e8f859bb6a02b14ae35fedce1ebd8d5821674917d219425eb52efa674116d148823f3afa7eee1cb56791ab176769cda6d2e8dbf0c3baa0ddfd2269ac0c73c20fa3370a665af94b7bca717e77a4f13425708b9e4b9248bf66bdf11ce60c25b6f9a5b00985703abb20bdd8d3b17ebbf431ea826563896c7d7b1a29bce8681d83316152d6d061a1667a90c4268ad70d1004e902561c3dd135b062ebf7e83ada748cbe91236ad7c0147b9095a114222410b63d805e33b60aefcd09d54cc46dfd2e948495e038", 0xc5, 0x8a8, 0xff8}, {&(0x7f0000000100)="4e5ca75ccc1cac5558d3494f103cfc91bdeb11b119bd0f5115e0382e73d4f44c45382a3f7e0e5d57c5aabed8c1ab631e81482d2647dc2cc508fa69a0636ace1712bd79680899e60752ac97b65838ff3e602a447bb2e6c1284d5e5c04600368f85d2df36478c0db4993f3027498d9efc429c4703332", 0x75, 0x8, 0x9}, {&(0x7f0000000180)="76716e54f04c745354243b8a2ccb1098c0bdbee0c2d55dc741f388ee3180be1656d76361ce818a452c8e225742feebf1bc98cf0b1842c15cd7a04e7355329c9bf5a784fe0f5414d2f1916cb61a2bb8ce71928cc9d3a2255744fd01b473a976152f00bc1a7b735b0f644f1845a46b1e49aa9cad82ee3358f413edd5d812ac1e601f0076f8b1c209a8cc9c4962426a5edf4de0b3b9a6d038ea4e2a45c24de94a130a8228b5ab22fd5aa1164dd0c0e7a9d34e", 0xb1, 0xe}], 0x3e0000) 20:19:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x1000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1647.917323] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1647.919123] ref_ctr increment failed for inode: 0x3e69 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000604c6fb7 [ 1647.925289] FAT-fs (loop7): Directory bread(block 69) failed [ 1647.928137] FAT-fs (loop7): Directory bread(block 70) failed [ 1647.931033] FAT-fs (loop7): Directory bread(block 71) failed 20:19:04 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xc00400, 0x0, 0x8800000) [ 1647.939057] FAT-fs (loop7): Directory bread(block 72) failed [ 1647.948769] FAT-fs (loop7): Directory bread(block 73) failed [ 1647.981073] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 20:19:04 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x6000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1647.982701] ref_ctr increment failed for inode: 0x3e69 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000604c6fb7 20:19:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000000000000, 0x4022812, r0, 0x0) 20:19:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x2000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5000000, 0x4022812, r0, 0x0) 20:19:17 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x200000000000000, 0x4022812, r0, 0x0) 20:19:17 executing program 7: r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0, 0x40010002}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x3, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x14}, 0x80000001) r5 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000080)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd, 0x71, 0x0, 0x3, 0x1, 0x1, {0x0, r8}}, 0x9) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:19:17 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xc80400, 0x0, 0x8800000) 20:19:17 executing program 5: r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_OPENAT={0x12, 0x3, 0x0, r3, 0x0, &(0x7f00000007c0)='./file0\x00', 0x100, 0x408200, 0x23456, {0x0, r4}}, 0x1) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="4de626bd7000fbdbdf25746bdb0528454895060001000a000000080003007f00000108000700", @ANYRES32=0x0, @ANYBLOB="050002000000000018000180140004002001000000000000000000000000000108000200020000000800020007000000080002000400000008000200060000000800020008000000", @ANYRESDEC=r1], 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) kexec_load(0x6, 0x1, &(0x7f0000000240)=[{0x0, 0x9, 0x0, 0x80}], 0x0) kexec_load(0xffff, 0x4, &(0x7f0000000480)=[{&(0x7f0000000180)="c625b6d63ed69c7577454f28afe30ec0c699913a1e3c9916b9d1864cb85fa83014fe429fb18e0b135edbe8d7e6b7c00b288612bd56c045226a5754ce2ff49eb4c31b906581ae313c708abf1e16fe5048e3ab1b6b98396abb8ae4639e1b761746d32dd6bbdc28b0a256c765923645f3deed78449a022debd3c2f867d691f2c4d367c608ec680a727e2442", 0x8a, 0x200, 0x7}, {&(0x7f0000000280)="11b9b872b0729856606ddc295d6827c7bdde77629edbd382ff54209a25d39c", 0x1f, 0x1, 0x800}, {&(0x7f00000002c0)="e82f7de81546fae322f7eb6a02cdc9a7434e97992d57c6682b6c040755c56142f1da4d2b43a12ec365fe7ebe4cb811544381f03d952cd4327c0f6f8933b08c1779721ea626ed7c9996f9b1239631cf18ff327416c6b8a45a4b7e03674b98a08f330f8ba82588a077702d19c2a1c71642d6e5501060905b805dccf00ce5a08e30b2cfaa71839cf83a4d3d4851709d7e99daa2452a4663d1cb355f6f4959a3cd2da1e23658d346a6087956642787e67c8c1412ffcc9c", 0xb5, 0xfffffffffffffffd, 0x6ba}, {&(0x7f0000000380)="10c827bd3bc6135af8fbf1b0a74c69b8ad78e5f5b6a8ba194e6c73e9964ae9fdc98268516a0fdbda5c9ca5b9b1aa44d46071ab00fbd5e992d564b7bf917e119d35b28c4e59c0c02548801dd26e62b2c439966b3ff8479c274064e623b1029c69e6352104b6dccfc55c230621ae23bafa70e67572628fd99d3139923b6ab71a7ab35d54013128417bc828bd71016e86f1073020b05b3b8b4bba88a6946734515a5a4b3660e8e26574d9401527883a17a2aa1ddc063571bbf11120add0f121f38db3124d549a0e9d3fca7b8ebb23c9d340ac1e47002fd8046e0846db55354f1a8a7a6e12b4daf52508da94", 0xea, 0x3, 0x9}], 0x280000) kexec_load(0x2, 0x2, &(0x7f00000006c0)=[{&(0x7f0000000540)="e4bdf378cc8ee345fe8b6535b905ac5352d4cd60689ddf69b0e208b01878cd6a54010b39f3a8f0f3d9c262d67066e5ab654009040c447e132c28872d35e82845ec87f5e34cc3f4a38fb66f8b5ea22b42c2bc55dc97a7ba5a164aaceeb98b2ee86b02325c0fc149f561e4f937560c2e8dcf890e088928e5258e0367eb80dea5a07e569b38021442a847a68e19842feae2fecd7eb120b462ccece9bb3a3b830601d5655a44d9e04204b42f07a92374f051e15f88ba8844ca630997d1f05792082e426ffa2d28b8ddfae0fc9b9fd75fdb87a966e0431fc95e33de5d70a07b24f61a5360", 0xe2, 0x7, 0x2}, {&(0x7f0000000640)="686df1e838d26a11f4cd372d99672401033680ad94758036184459a441f9cc6af65642270e04564998c442b448e50902e7a78e8aaaa81407711735cdd869ef2da48de069209d95ed6f2a49f03ad890c72d666c384f50d12cca8045268720831fe68f75afa4356dc941799d5da905dcfe4738752bc086d745e911c936f0a74994", 0x80, 0x51d8000, 0x7fff}], 0x160000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) 20:19:17 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x7000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:17 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 78) [ 1661.297740] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1661.299325] ref_ctr increment failed for inode: 0x3e74 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000c1ab3fa4 [ 1661.330052] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1661.331746] ref_ctr increment failed for inode: 0x3e74 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000c1ab3fa4 20:19:17 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300000000000000, 0x4022812, r0, 0x0) [ 1661.378183] FAULT_INJECTION: forcing a failure. [ 1661.378183] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.381040] CPU: 0 PID: 9438 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1661.382415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1661.384093] Call Trace: [ 1661.384646] dump_stack+0x107/0x167 [ 1661.385390] should_fail.cold+0x5/0xa [ 1661.386166] ? create_object.isra.0+0x3a/0xa20 [ 1661.387123] should_failslab+0x5/0x20 [ 1661.387923] kmem_cache_alloc+0x5b/0x310 [ 1661.388784] create_object.isra.0+0x3a/0xa20 [ 1661.389702] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1661.390765] kmem_cache_alloc+0x159/0x310 [ 1661.391635] ext4_mb_new_blocks+0x64d/0x45b0 [ 1661.392562] ? trace_hardirqs_on+0x5b/0x180 [ 1661.393462] ? ext4_cache_extents+0x148/0x2d0 [ 1661.394378] ? ext4_discard_preallocations+0xd80/0xd80 [ 1661.395486] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1661.396483] ext4_ext_map_blocks+0x1d68/0x5850 [ 1661.397432] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1661.398524] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1661.399674] ? ext4_ext_release+0x10/0x10 [ 1661.400545] ? ext4_map_blocks+0x5e0/0x1940 [ 1661.401431] ? lock_release+0x680/0x680 [ 1661.402273] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1661.403282] ? lock_downgrade+0x6d0/0x6d0 [ 1661.404184] ? down_write_killable+0x180/0x180 [ 1661.405163] ext4_map_blocks+0x652/0x1940 [ 1661.406031] ? kmem_cache_alloc+0x2a6/0x310 [ 1661.406971] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1661.407924] ? jbd2__journal_start+0xf3/0x7e0 [ 1661.408836] ? __ext4_journal_start_sb+0x214/0x390 [ 1661.409843] ? __ext4_journal_start_sb+0x1db/0x390 [ 1661.410869] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1661.411985] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1661.412964] ? down_write_killable+0x180/0x180 [ 1661.413912] ext4_fallocate+0x415/0x3860 [ 1661.414740] ? __x64_sys_fallocate+0xcf/0x140 [ 1661.415697] ? lock_release+0x680/0x680 [ 1661.416531] ? ext4_ext_truncate+0x250/0x250 [ 1661.417437] ? ext4_ext_truncate+0x250/0x250 [ 1661.418354] vfs_fallocate+0x48f/0xd00 [ 1661.419177] __x64_sys_fallocate+0xcf/0x140 [ 1661.420077] do_syscall_64+0x33/0x40 [ 1661.420839] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1661.421903] RIP: 0033:0x7f6d60f48b19 [ 1661.422673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1661.426553] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1661.428132] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1661.429592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1661.431079] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1661.432560] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1661.434015] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:19:17 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000000, 0x4022812, r0, 0x0) 20:19:17 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x8000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:17 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xd00400, 0x0, 0x8800000) 20:19:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x3000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6000000, 0x4022812, r0, 0x0) [ 1661.519946] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1661.521682] ref_ctr increment failed for inode: 0x3e71 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000005efc692e 20:19:17 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x11000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1661.602901] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1661.604700] ref_ctr increment failed for inode: 0x3e75 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000005aba661a 20:19:17 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x400000000000000, 0x4022812, r0, 0x0) 20:19:17 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x4000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:17 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xd80400, 0x0, 0x8800000) 20:19:18 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x2, 0x3, &(0x7f0000000280)=[{&(0x7f0000000080)="6c0d74529acdd2d0f7eff25aeaebd16a2a6686d1ae2e62a6ed27854560b43b357fb145071586fd570b81b6d4cb147313128e152891c0b531f322a580e65f78baa8dbcb0c9e9c3de906596aab9b0f7349cb135fef17b30f51304345b6bec4565904ef75420735fe7b0d373fd7eeaad0b9e191b238c6e4f794bc1c03efc1b9601f1a6d4d1cb7cc5e7d442bfa47319e79b22ee7f43b9833", 0x96, 0x10001, 0x9}, {&(0x7f0000000140)="38a752b9133552006c7556c7cd0418015593ef6f715494c571be8c1902b6a9e88728b4f4b4c6ac29231a19c72246fd5bdf9ea9e9d750676a45fb14b564f1cc6e1fefa1918bc9d7ef1959bf9e8f9abde1f1beb5a9df2b13cf0b58a5ec52c96bb4ef997f80d3754434be41c3e41c9d294c388c6beb45f04d9762180ae268aef323e67bf63eb13424", 0x87, 0x7, 0x7f}, {&(0x7f0000000200)="d0e2434bdfda0f4c8ddc1d88fcd1a62f64d4c7026a33b5d0e4ed11833bd0cb628bd93cb0", 0x24, 0x2, 0xffffffffffffffff}], 0x160000) kexec_load(0x8f, 0x1, &(0x7f0000000040)=[{&(0x7f0000000000)="68cd207eaa575381d634a5190132df064f6aead08a927678", 0x18, 0x2, 0x300000000000000}], 0x0) [ 1661.655184] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1661.656824] ref_ctr increment failed for inode: 0x3e75 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000005aba661a 20:19:31 executing program 7: r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_OPENAT={0x12, 0x3, 0x0, r3, 0x0, &(0x7f00000007c0)='./file0\x00', 0x100, 0x408200, 0x23456, {0x0, r4}}, 0x1) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="4de626bd7000fbdbdf25746bdb0528454895060001000a000000080003007f00000108000700", @ANYRES32=0x0, @ANYBLOB="050002000000000018000180140004002001000000000000000000000000000108000200020000000800020007000000080002000400000008000200060000000800020008000000", @ANYRESDEC=r1], 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) kexec_load(0x6, 0x1, &(0x7f0000000240)=[{0x0, 0x9, 0x0, 0x80}], 0x0) kexec_load(0xffff, 0x4, &(0x7f0000000480)=[{&(0x7f0000000180)="c625b6d63ed69c7577454f28afe30ec0c699913a1e3c9916b9d1864cb85fa83014fe429fb18e0b135edbe8d7e6b7c00b288612bd56c045226a5754ce2ff49eb4c31b906581ae313c708abf1e16fe5048e3ab1b6b98396abb8ae4639e1b761746d32dd6bbdc28b0a256c765923645f3deed78449a022debd3c2f867d691f2c4d367c608ec680a727e2442", 0x8a, 0x200, 0x7}, {&(0x7f0000000280)="11b9b872b0729856606ddc295d6827c7bdde77629edbd382ff54209a25d39c", 0x1f, 0x1, 0x800}, {&(0x7f00000002c0)="e82f7de81546fae322f7eb6a02cdc9a7434e97992d57c6682b6c040755c56142f1da4d2b43a12ec365fe7ebe4cb811544381f03d952cd4327c0f6f8933b08c1779721ea626ed7c9996f9b1239631cf18ff327416c6b8a45a4b7e03674b98a08f330f8ba82588a077702d19c2a1c71642d6e5501060905b805dccf00ce5a08e30b2cfaa71839cf83a4d3d4851709d7e99daa2452a4663d1cb355f6f4959a3cd2da1e23658d346a6087956642787e67c8c1412ffcc9c", 0xb5, 0xfffffffffffffffd, 0x6ba}, {&(0x7f0000000380)="10c827bd3bc6135af8fbf1b0a74c69b8ad78e5f5b6a8ba194e6c73e9964ae9fdc98268516a0fdbda5c9ca5b9b1aa44d46071ab00fbd5e992d564b7bf917e119d35b28c4e59c0c02548801dd26e62b2c439966b3ff8479c274064e623b1029c69e6352104b6dccfc55c230621ae23bafa70e67572628fd99d3139923b6ab71a7ab35d54013128417bc828bd71016e86f1073020b05b3b8b4bba88a6946734515a5a4b3660e8e26574d9401527883a17a2aa1ddc063571bbf11120add0f121f38db3124d549a0e9d3fca7b8ebb23c9d340ac1e47002fd8046e0846db55354f1a8a7a6e12b4daf52508da94", 0xea, 0x3, 0x9}], 0x280000) kexec_load(0x2, 0x2, &(0x7f00000006c0)=[{&(0x7f0000000540)="e4bdf378cc8ee345fe8b6535b905ac5352d4cd60689ddf69b0e208b01878cd6a54010b39f3a8f0f3d9c262d67066e5ab654009040c447e132c28872d35e82845ec87f5e34cc3f4a38fb66f8b5ea22b42c2bc55dc97a7ba5a164aaceeb98b2ee86b02325c0fc149f561e4f937560c2e8dcf890e088928e5258e0367eb80dea5a07e569b38021442a847a68e19842feae2fecd7eb120b462ccece9bb3a3b830601d5655a44d9e04204b42f07a92374f051e15f88ba8844ca630997d1f05792082e426ffa2d28b8ddfae0fc9b9fd75fdb87a966e0431fc95e33de5d70a07b24f61a5360", 0xe2, 0x7, 0x2}, {&(0x7f0000000640)="686df1e838d26a11f4cd372d99672401033680ad94758036184459a441f9cc6af65642270e04564998c442b448e50902e7a78e8aaaa81407711735cdd869ef2da48de069209d95ed6f2a49f03ad890c72d666c384f50d12cca8045268720831fe68f75afa4356dc941799d5da905dcfe4738752bc086d745e911c936f0a74994", 0x80, 0x51d8000, 0x7fff}], 0x160000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) 20:19:31 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa00000000000000, 0x4022812, r0, 0x0) 20:19:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x5000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:31 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x1}], 0x0) kexec_load(0x0, 0x0, &(0x7f0000000000), 0x2) kexec_load(0x7, 0x0, &(0x7f0000000000), 0x3e0000) 20:19:31 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x1c000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:31 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 79) 20:19:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7000000, 0x4022812, r0, 0x0) 20:19:31 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xe00400, 0x0, 0x8800000) [ 1675.465855] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1675.468857] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003a89a0f1 20:19:31 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xe80400, 0x0, 0x8800000) 20:19:31 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x6000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:31 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3f00000000000000, 0x4022812, r0, 0x0) [ 1675.532230] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1675.533105] ref_ctr increment failed for inode: 0x3e73 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000003a89a0f1 20:19:31 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xf00400, 0x0, 0x8800000) [ 1675.583457] FAULT_INJECTION: forcing a failure. [ 1675.583457] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.586246] CPU: 0 PID: 9487 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1675.587902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1675.589887] Call Trace: [ 1675.590532] dump_stack+0x107/0x167 [ 1675.591445] should_fail.cold+0x5/0xa [ 1675.592370] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1675.593486] should_failslab+0x5/0x20 [ 1675.594407] kmem_cache_alloc+0x5b/0x310 [ 1675.595402] ext4_mb_new_blocks+0x209f/0x45b0 [ 1675.596491] ? trace_hardirqs_on+0x5b/0x180 [ 1675.597533] ? ext4_cache_extents+0x148/0x2d0 [ 1675.598606] ? ext4_discard_preallocations+0xd80/0xd80 [ 1675.599881] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1675.601028] ext4_ext_map_blocks+0x1d68/0x5850 [ 1675.602142] ? lock_chain_count+0x20/0x20 [ 1675.603145] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1675.604217] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 20:19:31 executing program 7: r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r1, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r2, &(0x7f0000000140)=0x9, 0xdb7b) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_OPENAT={0x12, 0x3, 0x0, r3, 0x0, &(0x7f00000007c0)='./file0\x00', 0x100, 0x408200, 0x23456, {0x0, r4}}, 0x1) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="4de626bd7000fbdbdf25746bdb0528454895060001000a000000080003007f00000108000700", @ANYRES32=0x0, @ANYBLOB="050002000000000018000180140004002001000000000000000000000000000108000200020000000800020007000000080002000400000008000200060000000800020008000000", @ANYRESDEC=r1], 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) kexec_load(0x6, 0x1, &(0x7f0000000240)=[{0x0, 0x9, 0x0, 0x80}], 0x0) kexec_load(0xffff, 0x4, &(0x7f0000000480)=[{&(0x7f0000000180)="c625b6d63ed69c7577454f28afe30ec0c699913a1e3c9916b9d1864cb85fa83014fe429fb18e0b135edbe8d7e6b7c00b288612bd56c045226a5754ce2ff49eb4c31b906581ae313c708abf1e16fe5048e3ab1b6b98396abb8ae4639e1b761746d32dd6bbdc28b0a256c765923645f3deed78449a022debd3c2f867d691f2c4d367c608ec680a727e2442", 0x8a, 0x200, 0x7}, {&(0x7f0000000280)="11b9b872b0729856606ddc295d6827c7bdde77629edbd382ff54209a25d39c", 0x1f, 0x1, 0x800}, {&(0x7f00000002c0)="e82f7de81546fae322f7eb6a02cdc9a7434e97992d57c6682b6c040755c56142f1da4d2b43a12ec365fe7ebe4cb811544381f03d952cd4327c0f6f8933b08c1779721ea626ed7c9996f9b1239631cf18ff327416c6b8a45a4b7e03674b98a08f330f8ba82588a077702d19c2a1c71642d6e5501060905b805dccf00ce5a08e30b2cfaa71839cf83a4d3d4851709d7e99daa2452a4663d1cb355f6f4959a3cd2da1e23658d346a6087956642787e67c8c1412ffcc9c", 0xb5, 0xfffffffffffffffd, 0x6ba}, {&(0x7f0000000380)="10c827bd3bc6135af8fbf1b0a74c69b8ad78e5f5b6a8ba194e6c73e9964ae9fdc98268516a0fdbda5c9ca5b9b1aa44d46071ab00fbd5e992d564b7bf917e119d35b28c4e59c0c02548801dd26e62b2c439966b3ff8479c274064e623b1029c69e6352104b6dccfc55c230621ae23bafa70e67572628fd99d3139923b6ab71a7ab35d54013128417bc828bd71016e86f1073020b05b3b8b4bba88a6946734515a5a4b3660e8e26574d9401527883a17a2aa1ddc063571bbf11120add0f121f38db3124d549a0e9d3fca7b8ebb23c9d340ac1e47002fd8046e0846db55354f1a8a7a6e12b4daf52508da94", 0xea, 0x3, 0x9}], 0x280000) kexec_load(0x2, 0x2, &(0x7f00000006c0)=[{&(0x7f0000000540)="e4bdf378cc8ee345fe8b6535b905ac5352d4cd60689ddf69b0e208b01878cd6a54010b39f3a8f0f3d9c262d67066e5ab654009040c447e132c28872d35e82845ec87f5e34cc3f4a38fb66f8b5ea22b42c2bc55dc97a7ba5a164aaceeb98b2ee86b02325c0fc149f561e4f937560c2e8dcf890e088928e5258e0367eb80dea5a07e569b38021442a847a68e19842feae2fecd7eb120b462ccece9bb3a3b830601d5655a44d9e04204b42f07a92374f051e15f88ba8844ca630997d1f05792082e426ffa2d28b8ddfae0fc9b9fd75fdb87a966e0431fc95e33de5d70a07b24f61a5360", 0xe2, 0x7, 0x2}, {&(0x7f0000000640)="686df1e838d26a11f4cd372d99672401033680ad94758036184459a441f9cc6af65642270e04564998c442b448e50902e7a78e8aaaa81407711735cdd869ef2da48de069209d95ed6f2a49f03ad890c72d666c384f50d12cca8045268720831fe68f75afa4356dc941799d5da905dcfe4738752bc086d745e911c936f0a74994", 0x80, 0x51d8000, 0x7fff}], 0x160000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) 20:19:31 executing program 5: ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000b40)=""/236) kexec_load(0x7, 0x0, &(0x7f0000000380), 0x0) kexec_load(0xffff, 0x0, &(0x7f0000000880), 0x320000) kexec_load(0x7fff, 0x7, &(0x7f00000005c0)=[{&(0x7f0000000000)="3b4fee622776a0bf0b7e42c15b1c8ae8999f4545601a514ab00583a4a83160fd95d896c9ed38e2e84456bc708ba7aff7dddd04204aaa38f41b34375966d4030d132c4bd023a37a3791ed163451a242afb3f605560cd40064cc94c966267cb5b65621d4a43268209759f8c339330f82d896a4985a7af692bfa3447921eee77e1cdbfbddaa882f63d4c8035b7828ed74cb9986035c1d3c3ed34dda704c88ed46df7bf2b0b95e21b5c6c0f2748362fb2693ec6048781dc3ad2d412a01032f3220954982a2222cd36b651f8d8c2b7e912e1dabdd276a606e2af952", 0xd9, 0x1f, 0x6}, {&(0x7f0000000100)="5629a3d6a185c3a17e467baef13f49162e130cdbfee7c3c1a19bd28864df9892dca7e9e38fe16fc8dd8c37455d0f1f59531201aa231d4b699f3fbb25b8ec6b1692a45114fe03c7c4292e29848ab4d7584a4da7673125bc1510ab45309d40a01f63756de60f23cac44df9497af0298eb8233b9d7868823be09308f9b82caf40788e9ea396fa0e04295a83ca4cbcd1d262024d1be4db8e9b76e53d04a287225c6b976866b51900cf20680d4dbf7924bac62f527be46f2596dece0da5cf125c2a54eee900000000", 0xc6, 0xaac, 0x10000}, {&(0x7f0000000280)="6724c53505f3dae565c6fd609d712340e5624f4cb5d13fe081d87fd4b1632e9c1bb53f87fbedd1d00b9a5058cb6fda69602b71f5b6321e917336fc54b59b908a7ca7e89bdc8b4a4439834f7e8eb267110c690a7310a871f4d3e3773e329e68bbf7828283eaad6cd737124805854d1dc18c44460bfe5a12664dab5d08d8aa89f3c7c0e8c91b3b85f540721459aa37c1cf34635ded9b5877932c91fab3bea5ac5498d8bf4b73b826756fea3afca7d17a7e58286002228126f4224a02", 0xbb, 0x3, 0x5}, {&(0x7f0000000340)="f248bcac3400288ed28df4cadbb96ca09630e83c97a35794c4fe3c6ac22d2c1bf08bb0c8f70b12d1fa81f5bd94221c9b35dbe1a634dff1f3ba1466623f911e6e1f75e9f025f202f73385caeafc5bda9d4d55dbf886a1a417931227647e2b48927bc710e5ad47d70ddc56899080d80dff4aef0d4a6d9d333cbc6356a70bede767ec7cb229fcbd462a1ef385a33ad5fb24046808e7b090a98fb697", 0x9a, 0xffff, 0x5}, {&(0x7f00000006c0)="bfc9e74d25a02d611117cc46610b9abb5f7a2c59fbdfa832adb3722ca3d400de7a2f4d94450664780d7bcf0c6f852035a81f8590d6fe3076ff370f250839e3974e871c1c7665f691d0c846cfc3fc3ba7cbefc6e8f7671c27db6d920ab5ee54f1b3c7e4fbf932bd8eec61f6cc47600c5973dc7af526f097ce7c4bdb61857c38c3ba0932e44c8d8df17a143906a1f186c4360c98f95e40cf03b0a42e930e5575577f925eab607043ba79f2eac1a5c1f85405454e69a57897d1bfdb51f7631be30c3c80f9c841644e4bb0a0c987236796bad70a96c8db58cbf096db503e26a829f78a9b6f04acf47de0e3efc251b5525bee14d29db92bee9b4a0ed9e7f40af39d466b82ff097e9e9ffa4fa4fda8005918c88289c48c7b0a2e0366773941ba3d68bdc6fe7ba68ec1ae96f6a6ea8727923a19445fe437a5e3c34ef914e1a268e0a00a431b4211de53138bf04610776d5b393bdd6f0ea20aa498004618ef8423409d99583eb465c05a60", 0x167, 0x5, 0x3}, {&(0x7f0000000400)="b7dc0cf0be1fa697f2212569eb91a5a5692ae8bb0a4b33", 0x17, 0x5, 0x103441}, {&(0x7f0000000580)="434e02cdcf", 0x5, 0x9, 0x4000000000008001}], 0x140000) kexec_load(0x4000000, 0x6, &(0x7f0000000a80)=[{&(0x7f0000000880)="549f1f82571b4afcec6957171d0be2ec3c6fdd3d067360776d29923b6d398655e8ab7972b96822497d99b328e68fa83864c70a71e769832f3c8a9cf2672e8cdd2a341b97a756e10f146c260e392fe5b028092201e583d83c84d59dd69a4079d6286e1bb2125e5a5fe352ee6572242e90d1a2127556f1fa035c382f0d863082e351dbe98f44df31851b3cbd1baadf49b16780b38652515498569d040b45dbbdb9b58f37fead2a36490002d3726c8e8f6e31eb", 0xb2, 0x400, 0x1}, {&(0x7f0000000200)="ca13c03f277a0eb8d710a20609f1c30ecb5f8eedc17f79fa163a2ee858648ffe951fe3f79325e20b6d95", 0x2a, 0x2, 0x8}, {&(0x7f0000000940)="71fab1ac8247a5393a230ec4a0f25e79fb039982901c5e9807ab61dd13b7f04a261e94e0e8f6a2cbcd7f6d22dc934d8afeb50a571e58b0bacea753cbb4cde2e1637cf7b250ef108464a3f333a6f53145ad38fb02c559c4a57bbc435bf9fce7084f96edd40eacf7d345c5fb11d3eb1daca1b72f08", 0x74, 0x7ff, 0x400}, {&(0x7f00000009c0)="1006cfb883456a24a64e92e9b271fb231d924740065f6aa59f470b764fb1334d06b908508414ca62ad6a3e7d7b5343a1f87e9452bf6ed02aec0c91972c2907c73a3598a55ca669e67d5c71ae01f43b7c8606d93c0db5eb8769986f22fcf269701d8a95840afbd73af8a395a1186deed80c7fd66f1720a063abdd5a3f6c7613f4fa6e6bb5a9bb735d5c60fc21f4caa77957eb52d20ac5663c7e60cac46dd8ba4ab9ffd581a59da40789549af4af07d59afbcac5b3a3257fdb031f5bd78d2d8caa", 0xc0, 0xbda, 0x20d18}, {&(0x7f0000000240)="918784abe44c0601b0baee2b7e071fab0a45fe6e98fb197f3e239a", 0x1b, 0x6}, {&(0x7f0000000440)="241f022e9d320df66bc17a9f9838f64d059a00423ea9b9f89e13eea2886e5804d01cf42a5fa82e39a7", 0x29, 0x7fffffff, 0x75}], 0x3e0000) kexec_load(0xff, 0x1, &(0x7f0000000840)=[{&(0x7f0000000480)="14899fd1ab303e3628ea1daf7013a7b2dd162be662b5a6ec6695e0f7ff78bec147a0fca432238eea08d651e4751c64ba9b6622ef6dd434ed13c6f91f8363b9d7fdc8cdf150a4e63eb5ba628a4f2f52dc07f42b5a9c03ec98a38834fc58eeee40c2a484bc493d34132a4be656a43fcd5b61bccaef6164b384e103f1e676e9d735132aab6e5e12689c402ec83bd4ac473b5b75e3ed11ee00d5b362a0d3e7dc84898b2755357fa63fd08a658b2b19709b29d10e5fbf47207c446547049c5c2776873dbebc", 0xc3, 0x5, 0x80}], 0x160000) 20:19:31 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x27000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1675.605440] ? ext4_ext_release+0x10/0x10 [ 1675.606415] ? ext4_map_blocks+0x5e0/0x1940 [ 1675.607327] ? lock_release+0x680/0x680 [ 1675.608150] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1675.609127] ? lock_downgrade+0x6d0/0x6d0 [ 1675.609979] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1675.611086] ? down_write_killable+0x180/0x180 [ 1675.612030] ext4_map_blocks+0x652/0x1940 [ 1675.612886] ? kmem_cache_alloc+0x2a6/0x310 [ 1675.613768] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1675.614696] ? jbd2__journal_start+0xf3/0x7e0 [ 1675.615653] ? __ext4_journal_start_sb+0x214/0x390 [ 1675.616653] ? __ext4_journal_start_sb+0x1db/0x390 [ 1675.617675] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1675.618773] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1675.619793] ? down_write_killable+0x180/0x180 [ 1675.620749] ext4_fallocate+0x415/0x3860 [ 1675.621577] ? __x64_sys_fallocate+0xcf/0x140 [ 1675.622515] ? lock_release+0x680/0x680 [ 1675.623346] ? ext4_ext_truncate+0x250/0x250 [ 1675.624246] ? ext4_ext_truncate+0x250/0x250 [ 1675.625148] vfs_fallocate+0x48f/0xd00 [ 1675.625956] __x64_sys_fallocate+0xcf/0x140 [ 1675.626860] do_syscall_64+0x33/0x40 [ 1675.627625] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1675.628693] RIP: 0033:0x7f6d60f48b19 [ 1675.629471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1675.633299] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1675.634851] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1675.636292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1675.637740] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1675.639196] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1675.640645] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:19:32 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xf80400, 0x0, 0x8800000) 20:19:44 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 80) 20:19:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000000000000000, 0x4022812, r0, 0x0) 20:19:44 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xa000000, 0x4022812, r0, 0x0) 20:19:44 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x1000000, 0x0, 0x8800000) 20:19:44 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x40000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x7000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:44 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x80000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000000)="f9b71f6fe604f2ef3fd8be36e7c23d38ced84481ff66dc23ef8c5948b02fe94489a178571bf469c1862eaa84e2b4f2dd59193a1558ed97ad5cf4fc41de22374ae28e48bd6da12713794069ac2266edf030503e9ff13e7c90915b5c05df7368ac706717425c742901ebd429b31d17322314fae717eefc7039f940039f39568adb337bf375579f5fd661484a1e5556b595494cd6ab7ffcb35471bb9a65b8b3b5a6dc814fec63a55cb77a7bcfe03292944c498fcbce3b27d929594df6e2c7c513144654651bd7b08291b2932dba3d5d410622487e9f9e", 0xd5, 0x4, 0x2}, {&(0x7f0000000100)="4741cdbb6bf2b49468520f6ab35d4faf0b4e76d439e11a2f34fbe0cba45e36af75232ea75922a14a936d7a44a84382a57c484a092258ff160cd120fe3c462de3d815e4bbd1b09a2929a895a9ccc5f94bf2f3e0f6d26e380aba05c2fc4350841dca65aad14182f45ee7928da29d858b1ec73e00f6bf61dc", 0x77, 0x10000, 0xffffffffffffffff}], 0x140000) kexec_load(0x5, 0x4, &(0x7f00000003c0)=[{&(0x7f00000001c0)="0e", 0x1, 0x5, 0x2}, {&(0x7f0000000200)="84650f653467acb948f4c9e7389477146a2147d92e4d9b1c281abcf214a9179a1958b6fe0e70", 0x26, 0x1, 0x48d7d50e}, {&(0x7f0000000280)="4540838457116f5069eaa25c68b3842bb26bacf7231d1b71ee379480fd6548942cae494cc5e1edea6e4f7f4f59a03496fe0f647619b4d20f425a4cf98e8c476da6b8d47e928402e68cfe9ff958e449cc6709d73765d9d648ad197cadf323e3893d2773e3bb32242deaa14fda3e4d2a75b4ff59a6703275b4ab7887d97744dd8c9c89ac3380bf74d5a9802059d29ab93088212de843382b70258def7bcb055c0974b68abb1e5a85d6e7aee7fab2511b7c58b601", 0xb3, 0x81, 0x4}, {&(0x7f0000000340)="0764a010f91fd4441e6b18adc38be82fb8f08d4dbc1c11af0907ad131b126c5a30a98adb803fab768052e4b59135c11998fabe83160aed43534908d995e848596a75708e7402c724477379b8c46c66ccddf95d9bb77b266a3780d99fcda2adc42f52a40281ff519664638f34e0d4c791de4a039f015a2b3a", 0x78, 0x6}], 0x160000) kexec_load(0x101, 0x2, &(0x7f0000000580)=[{&(0x7f0000000440)="cd91b15b39c6d3823d96c249d19d4b791f2baec8f12d2f84d676b6f765d025c1546dac894000e356441a2e21d20f0ae779b78167e37a8e0bac309c063c09822fcbc24b7db9027401cfb51054c68b1ff3ad4e9ecce6111c1699ca84b85fce3dc3d6ce20f1d040fac85dec9c57f24896dbe835325a1c7062a2313f0eb03065094411c724143d86e6ce45edf1b434ded2dae6775adb4830087afafee7d3460f679e06ea777711469235cf41333eb496d58b64b603b4e5ec81829664494b854bd917a7db2100cd421ac57ad27776c49c534d4918be5e053eaf32d61570e89b99", 0xde, 0x800, 0x8}, {&(0x7f0000000540)="fb731e5cf46fd4515c33273200bb81814c701d6fe9f0c171a2ca286c4ef94d03c00b4178832e377c54b8a27a57", 0x2d, 0xe0000000000000, 0x100000000}], 0x2b0001) 20:19:44 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300000000000000, 0x4022812, r0, 0x0) [ 1688.228161] FAULT_INJECTION: forcing a failure. [ 1688.228161] name failslab, interval 1, probability 0, space 0, times 0 [ 1688.229578] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1688.230547] CPU: 1 PID: 9551 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1688.232263] ref_ctr increment failed for inode: 0x3e86 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000e771f831 [ 1688.233607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1688.233614] Call Trace: [ 1688.233639] dump_stack+0x107/0x167 [ 1688.233667] should_fail.cold+0x5/0xa [ 1688.239508] ? create_object.isra.0+0x3a/0xa20 [ 1688.240445] should_failslab+0x5/0x20 [ 1688.241221] kmem_cache_alloc+0x5b/0x310 [ 1688.242067] create_object.isra.0+0x3a/0xa20 [ 1688.242986] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1688.244036] kmem_cache_alloc+0x159/0x310 [ 1688.244903] ext4_mb_new_blocks+0x209f/0x45b0 [ 1688.245845] ? trace_hardirqs_on+0x5b/0x180 [ 1688.246724] ? ext4_cache_extents+0x148/0x2d0 [ 1688.247666] ? ext4_discard_preallocations+0xd80/0xd80 [ 1688.248758] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1688.249751] ext4_ext_map_blocks+0x1d68/0x5850 [ 1688.250714] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1688.251812] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1688.252883] ? ext4_ext_release+0x10/0x10 [ 1688.253748] ? ext4_map_blocks+0x5e0/0x1940 [ 1688.254649] ? lock_release+0x680/0x680 [ 1688.255479] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1688.256459] ? lock_downgrade+0x6d0/0x6d0 [ 1688.257340] ? down_write_killable+0x180/0x180 [ 1688.258296] ext4_map_blocks+0x652/0x1940 [ 1688.259169] ? kmem_cache_alloc+0x2a6/0x310 [ 1688.260067] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1688.261016] ? jbd2__journal_start+0xf3/0x7e0 [ 1688.261949] ? __ext4_journal_start_sb+0x214/0x390 [ 1688.262969] ? __ext4_journal_start_sb+0x1db/0x390 [ 1688.264009] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1688.265106] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1688.266112] ? down_write_killable+0x180/0x180 [ 1688.267083] ext4_fallocate+0x415/0x3860 [ 1688.267924] ? __x64_sys_fallocate+0xcf/0x140 [ 1688.268853] ? lock_release+0x680/0x680 [ 1688.269681] ? ext4_ext_truncate+0x250/0x250 [ 1688.270767] ? ext4_ext_truncate+0x250/0x250 [ 1688.271690] vfs_fallocate+0x48f/0xd00 [ 1688.272502] __x64_sys_fallocate+0xcf/0x140 [ 1688.273396] do_syscall_64+0x33/0x40 [ 1688.274176] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1688.275247] RIP: 0033:0x7f6d60f48b19 [ 1688.276003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1688.279772] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1688.281411] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1688.282865] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1688.284345] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1688.285804] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1688.287280] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:19:44 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x2000000, 0x0, 0x8800000) 20:19:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x9000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1688.305806] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1688.307553] ref_ctr increment failed for inode: 0x3e86 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000e771f831 20:19:58 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x4602, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:58 executing program 5: r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x2010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x11fe, &(0x7f0000000000)={0x0, 0x2b4, 0x4, 0x1, 0x376}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r0, r1, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4004, @fd_index=0x6, 0x3ff, &(0x7f0000000280)=""/4096, 0x1000, 0x3, 0x1}, 0x7) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:19:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7f51010000000000, 0x4022812, r0, 0x0) 20:19:58 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 81) 20:19:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0x7ffffff7}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xc000000, 0x4022812, r0, 0x0) 20:19:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3000000, 0x0, 0x8800000) 20:19:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf000000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1702.272153] FAULT_INJECTION: forcing a failure. [ 1702.272153] name failslab, interval 1, probability 0, space 0, times 0 [ 1702.273543] CPU: 1 PID: 9585 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1702.274318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1702.275268] Call Trace: [ 1702.275589] dump_stack+0x107/0x167 [ 1702.276008] should_fail.cold+0x5/0xa [ 1702.276437] ? ext4_mb_new_blocks+0x209f/0x45b0 [ 1702.276961] should_failslab+0x5/0x20 [ 1702.277390] kmem_cache_alloc+0x5b/0x310 [ 1702.277866] ext4_mb_new_blocks+0x209f/0x45b0 [ 1702.278375] ? trace_hardirqs_on+0x5b/0x180 [ 1702.278877] ? ext4_cache_extents+0x148/0x2d0 [ 1702.279399] ? ext4_discard_preallocations+0xd80/0xd80 [ 1702.280006] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1702.280544] ext4_ext_map_blocks+0x1d68/0x5850 [ 1702.281076] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1702.281680] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1702.282302] ? ext4_ext_release+0x10/0x10 [ 1702.282790] ? ext4_map_blocks+0x5e0/0x1940 [ 1702.283305] ? lock_release+0x680/0x680 [ 1702.283773] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1702.284335] ? lock_downgrade+0x6d0/0x6d0 [ 1702.284841] ? down_write_killable+0x180/0x180 [ 1702.285384] ext4_map_blocks+0x652/0x1940 [ 1702.285874] ? kmem_cache_alloc+0x2a6/0x310 [ 1702.286378] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1702.286916] ? jbd2__journal_start+0xf3/0x7e0 [ 1702.287453] ? __ext4_journal_start_sb+0x214/0x390 [ 1702.288030] ? __ext4_journal_start_sb+0x1db/0x390 [ 1702.288614] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1702.289236] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1702.289810] ? down_write_killable+0x180/0x180 [ 1702.290347] ext4_fallocate+0x415/0x3860 [ 1702.290827] ? __x64_sys_fallocate+0xcf/0x140 [ 1702.291363] ? lock_release+0x680/0x680 [ 1702.291835] ? ext4_ext_truncate+0x250/0x250 [ 1702.292358] ? ext4_ext_truncate+0x250/0x250 [ 1702.292869] vfs_fallocate+0x48f/0xd00 [ 1702.293310] __x64_sys_fallocate+0xcf/0x140 [ 1702.293818] do_syscall_64+0x33/0x40 [ 1702.294260] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1702.294866] RIP: 0033:0x7f6d60f48b19 [ 1702.295316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1702.297481] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1702.298363] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1702.299212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1702.300005] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1702.300837] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1702.301639] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1702.313690] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1702.314681] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bbc56572 [ 1702.331693] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1702.332579] ref_ctr increment failed for inode: 0x3e8d offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bbc56572 20:19:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x46020000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:58 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10000000, 0x4022812, r0, 0x0) 20:19:58 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 82) 20:19:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x300000, 0x4022812, r0, 0x0) 20:19:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0x9effffff, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:19:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xeffdffff}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:19:58 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x4000000, 0x0, 0x8800000) 20:19:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xccffffff00000000, 0x4022812, r0, 0x0) [ 1702.443172] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1702.444100] ref_ctr increment failed for inode: 0x3e62 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bd1d6bc2 20:19:58 executing program 5: kexec_load(0x0, 0x86b, &(0x7f0000000240)=[{0x0, 0xfffffffffffffdaf, 0x0, 0x80}], 0x0) [ 1702.466817] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1702.467728] ref_ctr increment failed for inode: 0x3e62 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000bd1d6bc2 20:19:58 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xf5ffffff}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1702.506784] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1702.507854] ref_ctr increment failed for inode: 0x3e7a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000594d2ab4 [ 1702.550159] FAULT_INJECTION: forcing a failure. [ 1702.550159] name failslab, interval 1, probability 0, space 0, times 0 [ 1702.552804] CPU: 0 PID: 9613 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1702.554224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1702.555983] Call Trace: [ 1702.556553] dump_stack+0x107/0x167 [ 1702.557299] should_fail.cold+0x5/0xa [ 1702.558086] ? create_object.isra.0+0x3a/0xa20 [ 1702.559034] should_failslab+0x5/0x20 [ 1702.559834] kmem_cache_alloc+0x5b/0x310 [ 1702.560691] create_object.isra.0+0x3a/0xa20 [ 1702.561607] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1702.562668] kmem_cache_alloc+0x159/0x310 [ 1702.563569] jbd2__journal_start+0x190/0x7e0 [ 1702.564512] __ext4_journal_start_sb+0x214/0x390 [ 1702.565502] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1702.566605] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1702.567610] ? down_write_killable+0x180/0x180 [ 1702.568576] ext4_fallocate+0x415/0x3860 [ 1702.569423] ? __x64_sys_fallocate+0xcf/0x140 [ 1702.570367] ? lock_release+0x680/0x680 [ 1702.571231] ? ext4_ext_truncate+0x250/0x250 [ 1702.572160] ? ext4_ext_truncate+0x250/0x250 [ 1702.573079] vfs_fallocate+0x48f/0xd00 [ 1702.573896] __x64_sys_fallocate+0xcf/0x140 [ 1702.574812] do_syscall_64+0x33/0x40 [ 1702.575776] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1702.577079] RIP: 0033:0x7f6d60f48b19 [ 1702.578027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1702.582001] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1702.583676] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1702.585150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1702.586650] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1702.588154] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1702.589647] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:20:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xf0ffffff, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:20:12 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 83) 20:20:12 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf5ffffff00000000, 0x4022812, r0, 0x0) 20:20:12 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xf7ffff7f}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:12 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0xfffffffffffffffb, 0x80}], 0x0) 20:20:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x20100000, 0x4022812, r0, 0x0) 20:20:12 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff0f0000, 0x4022812, r0, 0x0) 20:20:12 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x5000000, 0x0, 0x8800000) [ 1715.970437] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1715.972047] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000077161398 20:20:12 executing program 5: kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x6, 0x8, &(0x7f0000001500)=[{&(0x7f0000000180)="a3f3e3c56e37f2c047fc39f4b29fca11b3d9dc02338969180f1bad9c15a2f8b6f82c06b25b9b77e4154f1cdc93911c6c9d2ba242145600c186403d8f93842d6d", 0x40, 0x8, 0x76}, {&(0x7f00000001c0)="8cc8224910c653156800ccabcae441b1d5df5d043b9719b3", 0x18, 0x3ff, 0x4}, {&(0x7f0000000200), 0x0, 0xfffffffffffffff9}, {&(0x7f0000000280)="0452c69172caa620ffc42f402e18002b05ab792c91cb0786457d4ef84b1725d9c691b2e81f2ef320c432aa75e3de37bdc54895e2335ee10005856df993a5aae2a2847cd2df1ebbd0e5696973192ecefbb4a10dd27046df773c826e2a48ee9102fef2603bcf4644a78dcdfca862578d5a6ae593fb7749426896108bb5130d5ad81936dde4be4323fa888afa19b50ae42900f9a08a2fb6607c23704a714670b6cff9ffdac35436282b7b44fd2f53bcd44a8d53458d002088a1fcd3a6d2ef09424be710f1e352be2057fd71837a4c3bdf0676a5970b342c6e5bc4f557075822f5f6186ffd90c2ce70bd59ac90571e16979da59f14bd492fd08d2c12f282ae00bffefc02fba951f370a8a47c84a594d591420d4dfc259ce9207577c7860a95ffb649db755ae0fed0393b454b8599ed0f28216bfb5352498ff9c72688988a67234470bf0c2aa6d4886d03d5af43d8bcdf8f82cefff6a7a20e25e3e5253591b3d4c4ae65530d9ac80b955f62b9c1f6ba73fbef2132d15f60274f93a1dd32c025d7d767e02b79f20e68302a5f79a6e654f0668841b6b07831d9b6feff92b6b4f9186013723bbb3441aebd3a3fa6c45fff47ac2dd340b7256933d99aa9b9f9f9f766ec0c4cbac89a9ca6b2d5acf982b6d8a7b606087ab3a9ff8f4be6363dafaea73e47a9461a987bd1a363601c0bf290fb0ac1bf08cb49da93f658dad669c73ef434b98f539dcc1b6fa5cb487241620e5e4292db6a9a2d9dec664a716a2abcc2352859beb056271e9caa847687f8425b92ae8b7e6c2586213314383a07f1156adb9ee5087e6f37eb6cfde93420fadb8381b1249520d439ca86fc9c64b1d6bff77edb9394d594906971492e25a7146664aab300c959df809f66d091dadcb1b20d0edf4cc281d31af08e544713c54b53159e5c959cb0750dad50f06835b0cd72398cffd2090cbe889096ecaa9b676805d0e3c71415b5800d2b7b2125f9bcaed00c4e914aaa20337b866baeda6767a6615c5084c156f1dfb640e4df0e48e637af96c43380cf3ce65f72ec2289d371305765b98b6748a3e7a5c732312087d1667c3801b2dabbbfe28e9d10bb22d31fd3981afac87e46e2992acd3bf846c81b19135118a08d79ec5c7d805b0cbd47e3eda509fd152ed06347625c4a0a06496cdfff9b7e87a5a4ee69b649f0a4d292e698483480723b8aa8932d811b3d8b1547127d8a8440af21971b7d8bbef7a540e0367c53cc0f1ea1e1d1b92d5392bfa6ed2e1ffb6360fcdc3fb3bf7f6f9f0bd725614a9f1d3701b7bdd5266480871b6e9c5ed5ba38e3cd55a9da1ce235bef33ee5f4a52f191c82a10803652b9fbccf8fc19dfab9a5a7757969c21ad536108087b37ea58b8049806bdcf293dcadbb417b449966873428eca1816bd2c4a8140a6dc18c1e04862abbc185ed5e904ca321896628e4507d199fd9835e1ce775f06c602e95c67c80ade0adfb7607f8d0e955cb8c19cc8f81e7d4cb01aa34c773eecef3c29ecfecf9cea795f4a0057c0fa7f2f385929c4c4745bf75ebfbc333ffae6b22555e70fba54046ad6f3744493f487fa8fbaed63d6839018f2875ae9d26e686fd57aa21dbcc171c1abbc5b969f108680f6a9df9b27b26cecef709ef56d7d709479e2f8ab1aaefdf6902c6d4f393a8d913c83bcb253e023f7f27f5c0936269bc3c6978e2576c5d79ee29e2a5a2ded122a514a4eb240aacb05736986dd774cde177a32701a46ca571ce59e96281a5c8eb5c38668bb36bcc0b023ff7e22130f5ce07c698af05e4c9c59c178f1923b4114aba3b34c6ab035934c87f0e7ef57df63f88f26cf8c718922f5459908a97089ae9280effa2150dcb5800e177fc73a6ab50bd71ee751d13433ec6abb7eb18a68236b42a7134941f799de37b5313f29f997b6423dcf855d7ae8d625c90c3f56420353c88d19772ae80fc068ffed55405611c9e7c94c8d106e780e4285342ea956daea2166bfb397c5a90097739461476af504bfd10a7f6c7a9f7321659663961de2175269ecb08394f93cdd3b80fc498653bc0ac116f4c987a8ce8125576dbd0ee7f034ee60266971b7e100aa66e639a841203dc91f8b834284d9228f0c5c0693373cea5c32365056982b0821968d120b1a011be8306a8ea6c84c9d7655c63a94c636a659c52e8e9b11f6e7733724ee1a84f2fafe063dfc785fb3ccce4391db14c850025ec259d6f8d0b98177466c1a888229da7b48a225e8e3735f27454a92ee8279556d875a945ffe5c0327d7c932db1f0f8404976bbbfdb3a23d1dae46095c022e18c082d766f778810c0787839e5d18063d24f4e18208e2df87c97f7a53d5a2da8b749244ab9dab2818f5c1bb5d863607040e658f50723ef85a97cb656bc69a2d5de9a5cef3c861fe22dd98d66e7cc0076d4979a704980fd030517014f0d170e376e824ed8859a09b55dc1f29cc157ebd7ae6fc1cf7db4363ad6c310606c02947da1d54374de03f7459b18469d98727b12fe2f74cd54e4d28477570dfc7afac5694c8aa944ab2aecacbf97f9becd6588cce248f3be45629f48511cd65020034e64d49a056d8b78dd31d539bcaeeb93c4292727919142e05c658279f50c8a93e55b043367f6ee6a90762cd596849efdefee2d06dd59730b9cfc504ba131a4776b2b2c07f47a15f3a3ba314fcf6156d449144d84d045089ecbe2a14b0f80d4cffa8f6274645be3788e0e6f780b9d518e189e972d66388df7a15e397a75c1370e188be2747a786ea5076bd9bd6e55ef37cdc6b2d6f0349dc9e87b73f1cef2861d0989476c0948f046868c02da6b06b129b58acb375454c0067e32089fab870a70f90243a9a93d2a0ebdad741cd7860fbc4e918d48cb0a1dd5350d9f0152a77bb9e8a1b1c938ae1de8b2a53c861ca561b5bb717bbcd642be3712ff013572c9ac4c69d6b2e5af8bdac473a9eebf8070d532072af5cc523996d90a05219bfa25e25f6269ec4a8c96fac491de7eeb4a16bd2ba4a4de0bdb5262733468dc88383fd10267558a80eec70b9279132fc29a82daf4a71a0b8fe6bcff102f6f9e6a6d81aedcd56e0172213fd31437e357080cb809f66da143ed97c3e91aad8183c322398678236f770dd7ac3772b8d3dbb60ea272270759d458303a53a8c8d845bd1d0416121859cfdf4d5fab26daa9f3eb2ab4c30681dcd8958529d61e3e0224f980a861ded26dd3ef810e2f73880e8f235483eb6ae039e99b9eb0611993672a2a7293f0b2912c2ce93708913cb863e72c6839747c2fbd384b3a822e1aecb8bc3dd529bc70ec29f4c9955cdcc8ed6fc0f3d234209824174674b52d3f10fe496cff1fec7269b0a8ff3940313d8d1fa51e673892985d7160996118e17bcd4908358be7c4118294f12e884f877c4f1ff3ffd54705a459ce4a9d7e3f3329abdaca2f0613ba8628597cb511fd7234dc4104a95b1858147306fc969204641f2f79ba5c4c14974bef5271d4abe3852d7a91da561a48c1367566517555674ab7d46f081e7ce7b21ade533360c9d2452df762f928151f74d95f2766de9f2555fe77097cf4036cff83bd95e4513cf168a2652dad7b2f97d137797d699a3a270f06d1d1c18804e58c9203f5c3ae64140d5568856d24988062cbbd7843031c1ed5d279b82b54b61eee577e05772a42932bc8b4a7ee922744865272fab861491e55625bfaf60e6b7bdca41a9b67c1f0b2df3bfdbe726644862fa8c1fb3df1cb445e07729bbea7700fb44c81fe222ad10f35ca2e72858e5130497accf40fae04ca0ebf8f4e2029729ff4520d3081304d0919f79c54c98aaf76e8ed8d524e49084b934c3ee262a0a380fab777dcf3472329ff29b10ef7a5a763d2c2f093317cb0fd46f862e26d638f5919c39ecbf1d1631c72dd31e79ecab9ffc1a7c2f95ec34785d2555d6701639597ce50aece28d9ffdef869365a608401bb76f6f05ed9d1e8ffdb834fe7b0719d681d495be8f47772e65f82bea4ac7896a758b3995cc91bdf9e68b61e40cb2a429d9675e4174723507cc9fcac23ab167f6ae1f5d85add0daf6b6a4a06b7cbe813d0a56424e0cea7e3574ec8ea698a1962ef6646855484035fa014f9cf64e89dd9d876e13aed272728d3d59bbfd583ea0fa984317b3e376e65543e50b6e62ec2647bedb966f6e8d94361a6d7acfe0e13fca7c08d772577f6e67a492af6e6c1c9aa9ce9529e3652888a3a88216be400cad835195729d775545f05a5cc72b943828c6c745557e2c1b9cc377a951856e242aa95fe7291e9696f1197451eb8fb17a4de7486e9003eaf70c0b9baaf9662105c7cedac4157aa64badd64fe27e2f0b6ad9998076548623384b56e2d5514293ecab95e9f93b0ac5d49debc9e33f1c7c3295f49c23706cdbd93ee24cb5f191769e04ab676f59c4af5e748a57a41052917ae837eee9f8abdab1aff180dd077b432fb7fe5071ee28e7a08cff25d1f99acf28fffef826a3c4802e9186df67c7f3c89811d3ca3345a7ef04345fea54f54eb2a3909fe010236f3697901911cf3f7a5785606eacd5fb41e5731f898c402d2a20c7a8ed94bda28dee667a9c6b646e9694d064fd945aa4ddb271dcce942fabd298c70d98d819b564c02476495cfd33ff74895b3d6e640496690c684dbf609e4388055e29fe80ca2131ab6792b8fe2728286c71bc661143c4f88b7bb5305f992f902b3dd77a5231e4af288e4dd8daf35da955e106b5bf7f879dfe382fc669038828dcd24d3213e5ea17ec166519acf1b90927c2921f1843165900419c07929c71b7bfe77190724c3c424f5c5410fb19b66ae196af974dffd638f941ada9b5db72825cf639d2f6207d706edef2f751cc44624893658a21bc60564e187802314bd4a67cb1eb3b1884ba2a240c00ffa5272ff01aaa4ebf3da5d140118e46cdb23aac38e8c26ac4ff23f83c63b884660ae6c5cbc6f69f520d12eade24608bdc086abd10726dec6ba7f97750250f1a18502d040149c1a5dbefdda8eba679ca3e686b96ebaac10a18f4c373140d3282bb2a208f34b7cfca22d5f311a090030c35685c8344b30630419ff4a8ed712f2437470de92c3dbe9f7cfcefa949f528d89a90068795d22ca85c0b2daba33ac1bfd927ee61bc537632246b327c8118f58ab6f53ca323570f0af0bf1c3e0d550bdd370108bd777f7eb245a5ecf287f0159c368f2a1521347b2715ebd4130e844024730b087f5f3df2e0330df0e6520e5aa8d6366e3877084d2f990a9e98399520653e03c2c262bb28295a94dd24189eae63a50007c8aae8528928a7d97092e0030f23c52d7dcbe0d712ecb3281ba8c952de666fa5b5eebbc5eeb5f5c193196fab3fe393fc33453246282fa14fe88b9484e97f0d9edfa791d9a1c5ff5f14307bcf8b996dd2c32c4c197de01446b8f62386bec2d8545156dda56487c553e1781b3c7e60a3fef153b9b0aa8ae67db71aca3fb343d319a6a039c696b92261afddc03e75d5de8f7b00f11f8b0c609196a81b787110776b76770a7d74c2fe9c7417e8abae88ee2d551f9503752c347414b9891a4c3cc020a8d8b556f904779a8c1b063dee7729ecc37b024b20d69573621146b4069d8693214c317b250418f808d278636445c7ef7760499a6c37dc10f7a88b213807ca757a724a3cb89b96c11f6364e2bf6ebeb662aa3187e9d7188e1269d48dbcc4ff37bfdac22aaa090d20987a77bc5a3022a4080e72214010726627e131e7bd613f78a2a0072d8140a46b6a0c9795749ea63d9efa51e098df6bd09f25bec28d4dc40a1babeeb6de6d140c831caeb7fcc9b99e10185", 0x1000, 0x5, 0x401}, {&(0x7f0000001280)="11f63c1a61c42846dcdec19d4581360e72ae061efa28696db4d56578a7cee31656b25c20b288fdfd3a5a3da9e23ab40f6903e46c4904ab6003d142af4e106e561721815d5550520ed6185e8bd41834ab95cd68744d3e5f420d48133ded88e7db182a597aa972c043126acd2f68d2e8bf84f84c273af8046957911c7f32a69727b02ce6f549b1b541a2e5ca45858390087ecf9f10c725e8899590f8901294e88d3d7a715589dd5ab3b8ca6b9f900b7cd7e96edddb25", 0xb5, 0x6, 0x8000}, {&(0x7f0000001340)="05ba1ba4abf1aafbd019725b13401db5dc82078161dd873f8bafb4a84966ed8774ceb0930b8ec638f38cde6426b41d5fc83019391952fb54c7f8d1e5c6f6f8cdbde4c32ed333dc9a1b1188aac72fea651b9f9c5bd926ce96271035365a2308eccca03a5a1d5ab0bb925e313dac10481b74f4feb3cd688c9d92a99510bffa24d6dd3ab4c65aea7884840a9658505d6c52bc8c0604b82e7f83bc5abf124ace15996ad1e0e0647a3fe94cfb9b4a71df8b27", 0xb0, 0x3, 0x8001}, {&(0x7f0000001400)="9f26f49f237369e1cbaad61cd768c0896d78aa7d1e480df9f68d3b766e0952869a950a250fa10e9f914b45f4d7788533b5c4ee9f2363f23591d4cd35ac086874afebac868f2b676a00", 0x49}, {&(0x7f0000001480)="ab7e9966ba6b32ade499ee036be74258a80bc1ee73d4be8eb7a6a093b09190a0f36b221bedb46380ce582e58a2b2c98273d0aa0c22daa3d08c9bd3100777e0efd2e5ca5536b1f0b996e8", 0x4a, 0x3, 0x2}], 0x3d0000) kexec_load(0x0, 0x2, &(0x7f0000000140)=[{&(0x7f0000000000)="4a37c21d5a35c8107a5926f7f2dbe420370e3734ea5a8f94d31ad646615bc2bc9fed66b855f3854527", 0x29, 0x9, 0xfffffffffffffffa}, {&(0x7f0000000040)="7729c2590af74d289f4585dd4d6ddd8ba7db46b1071da8f1abc4ac543155ebcfc0b7b80e98b7d9d3d798ad5b15c8b4fbb14a94235491809085d6a48421ea235948a95e0b7656ce56c8c2db55d09d49b070af66d23e6d33be06074af4c311fb9234c1a06170cbd305c466e0f14066380147e211f1540f22d5aabd6ac34be9d8ec5c722acf2e07271440cc273fbb95df6a9e6c8df59a4e7feb7d3f87902a0c5d1e33deff2557094ef95065c37c7580da85c0945f13f0e6e8f6e2955b9edc582e689c7a9a4c1a73da040a2cbadf62562f493ac294b67e06d9c28253158e013b760347b74ba6dfa3717d3db4fbc7133037022d75", 0xf2, 0x80000001, 0x1}], 0xa0000) [ 1716.029814] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1716.031614] ref_ctr increment failed for inode: 0x3e8c offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x0000000077161398 20:20:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xfcffffff, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:20:12 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfc000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) [ 1716.062415] FAULT_INJECTION: forcing a failure. [ 1716.062415] name failslab, interval 1, probability 0, space 0, times 0 [ 1716.065394] CPU: 0 PID: 9639 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1716.067161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1716.069227] Call Trace: [ 1716.069872] dump_stack+0x107/0x167 [ 1716.070754] should_fail.cold+0x5/0xa [ 1716.071711] ? jbd2__journal_start+0x190/0x7e0 [ 1716.072808] should_failslab+0x5/0x20 [ 1716.073721] kmem_cache_alloc+0x5b/0x310 [ 1716.074701] jbd2__journal_start+0x190/0x7e0 [ 1716.075815] __ext4_journal_start_sb+0x214/0x390 [ 1716.077212] ext4_alloc_file_blocks.isra.0+0x2b0/0xb40 [ 1716.078483] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1716.079904] ? down_write_killable+0x180/0x180 [ 1716.081014] ext4_fallocate+0x415/0x3860 [ 1716.082192] ? __x64_sys_fallocate+0xcf/0x140 [ 1716.083270] ? lock_release+0x680/0x680 [ 1716.084265] ? ext4_ext_truncate+0x250/0x250 [ 1716.085191] ? ext4_ext_truncate+0x250/0x250 [ 1716.086094] vfs_fallocate+0x48f/0xd00 [ 1716.086899] __x64_sys_fallocate+0xcf/0x140 [ 1716.087798] do_syscall_64+0x33/0x40 [ 1716.088557] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1716.089609] RIP: 0033:0x7f6d60f48b19 [ 1716.090375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1716.094127] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1716.095685] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1716.097132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1716.098576] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1716.100033] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1716.101474] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:20:12 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6000000, 0x0, 0x8800000) 20:20:12 executing program 5: kexec_load(0x800000000000000, 0x7, &(0x7f0000001540)=[{&(0x7f0000000000)="0706e2dad0f4959a5688127630aaa1fba9aeadb1ce715e0bd60df492030d6254a86c1e502e4a940c412002dbf620bc7d1cb764f9494d1950a462f3c97e61c792e848eddb286cb634eb3c0490f67eb2a20a61e9281fcae59ced856ae8d617a18efa08d26f9a1bd00febc64b873dfd1b68fe7e724d0150acd95f83e25f5f604cdf1e684896233647fca1fd9d7ff027f9a737d3c0882fd0c19249dfe34a2e8c572e43ac935d33db08a0357733672af6813a875220cef44a8304cd4ea14b8e2dd12b02e629d0c6d5d4b7200311", 0xcb, 0xbac, 0x1}, {&(0x7f0000000100)="d9b4a5bac2b87d9a0b7791bcff3182092bf2fcdcbe07376cde75158529d05247c426a38687bb877cbb693abfde5f4198861f59c39bad9337201bf422f0e9624f59f83c27a36fb98e71dc85014ef827e8959e5933f7c77048097a2a55192a33515638361a29a84abdf2be17a4fdd4e2029330768faae306dc47a1a891f953c795d11550f0a3897f4516b08309436920f81cc2383383f44b860ed727c99b53cb46865dd20c13b4d2d05f52b27b9096255b1e2dd03fec741b7094b811fee3da1df73f0dc88f4eee465b472a6afb7b98af2147a4d49b0502ab61f4a0562a684317a48185edc58c8c5f96f42e6d8595c9f9a4c6267f43f2", 0xf5, 0x2cb}, {&(0x7f0000000280)="84f1ee961fd00fb95176a4fdea8c3e5ba61679022819a5dd4c2731df66a319f567c40060df78a064885ae75e09ed64ba5317185b7ae8dd84277442e00ff0b577fb75642f0608ca2716fc93b9eeea", 0x4e, 0xd5, 0xffff}, {&(0x7f0000000300)="d13140ab8de29e64fbb11cba1cb13ab2aa75d26a2dd7b320eb23d53ef20a7c9c34a2aec35ab1eae8b717953e2c50dbd90b01bff1ec4d372df7e421e1141a76158a1fd09a882c6069d73c21bbd5dc73cd227c7e8f892f6c36caa99fcccb34f818249d8f98d2d5bc094cbc25c832cf162287358b7b32584f308366f54f97691d1a091dbb752a000a7ed08fbb2639540a622cbe83092e8b0bd2e4f57f195ef54ddb042687cb23102913bc6d524c544b9f8a4bfca1472b28c257a800e07be4", 0xbd, 0x3, 0x3}, {&(0x7f0000001640)="854c80e5ec5da912cece1077a24c5380ad6ceae88c2736ff557c928c7f1afe844aaeb258de9445f1e9c5bbb90b0409d75559146c63438992a38fe7cafc1b1d6a0305f830ec3448ddb0cd0efeb3c54e7dd91037458a6ef8fed94efb5a25b4536e8925e3b49d33a203bb8e654a70ede90a04ab3a85288e9f34d148296260a6dba8097ce570da3b020cb4e452c862f8746ae401923ae60958b65fd536dc8119340f2c54dabdbfe25e8ce2d244a7b725", 0xae, 0xc1e4, 0x5}, {&(0x7f0000000480)="ad378c499b2c397cd8b203aaf54e1e1bf964e838d7252f04b29e66e0077038b9b86139dd42513f6975861855f7585679059a90bfffcb96bd005b6a2497710fb084506c09d566733f3e81bdcbce6c36277243de97138cef367284098112fb5c1394e1cb860855d1b580bb1936dc77e82903022a98bb939d0302e248af1af280b186ccfc26d4c0844c4a4048a150075cfacb60516b3849ada7a124d9e70eab8b10", 0xa0, 0x7, 0x7}, {&(0x7f0000000540)="0fe0511f62cc9becf7a634d2ff13a4c71d3d99912de978e66394a21372802e3b4b0d4d57f67d4393b93389daafa0f4f1d42cc23719e27d8a62d98cc8e6bf324fe53a3798af8cf9d43ef490e0aa005c701c00bcafeb21bcd83fd9c2c37febf4d882cb2040a81d4a6c2ef85e87eb66c16a1b40337b6ff6d26feaf7c9127c3cdf954a02e885522fceeb59aeddda6ccadf5e5577b32e33edd3bd0d3d8f55c62a372613c4633d44a99c750a986e3849fb48cd7af0979e053d95ca14238fbe4885a20870766293c531aeebe9427e80d1bffe8ca8f203b03c33662fe91bc4c2280ed4c73d2f345175ff61d023ada0e395755dfdb6f49d5ba89a56ac4e0c8075d669f8ccd9c88a904b944262d09db10a586995ca838fc63e7d0bde69ba081dd61e53945234082526b863e9cd63f521212d710579eafe662beb3b6f2c5975ec94dfb8784a4be998257aa37521194aa489e3042a3655dd6b24cdf869aaa14cf343a5f97d36815346461ee42095263b33e878d2597dfe657fbd734a2006fa9442cf75d470c51655c65b0a0e2ba4b7135a29b858e5e8122f73c3c1553c82d0ab763fd2e135c35fe7b19a3761b7da16a4e5c729b3882c07616204eb7c35e61036d2ea10fbfff2c3c80eb2976a26cda239539370e6eb830fe0ae1b4c276b8b2e3a82e8f558d7548400497db5d7c4262eb4b282c28479f95faf3ee4d5c56b6ba68921e022173328cc222bc4ceec79edc0dafcb6e75a737adfd5249d242d60c86b266e668a1482cba7fb78ef427f3676254ea521d8019b436d2788d7ac855f0fa2237a6e6b6ebaa7caf15b61f74c8cda64a222943603926059f774a986a8b8461f4f48e888283b3916a7fdcdf168e46050d61ff2564ac19b741ae4732f96cb832ac94ea668a70ea58b4bbc753bb6deda3a836ef16f6ac645f2d88cdf3e87988e7e44db40e9eaa7ca224ac8224fba297b77608c21402f5151c41b969dbcf33af7b3d96864b31d8b0bf728a10a2235e864de6ebebd50d2651a33f6447ea96ad910c56b4bcfd04f7c3685f765014b1a13c4390c14eeb2d5b62dcb382e7c6b8995d264bd0a79acf9aa8dbec3ec838e723a750414c16adb6be5ad1863c1310263b68d114f99443c8a62e3f04168eacfd319490ae9a6402689a02bbeaaabb423a8ae2092ea10ce30adc8d973a178fed70e5683bc43070fe4c96c719b684d04fb4ef8dae7e518f9fd2fd06c28e387c03ec80a88e4d15aa1511df3bec9dce57ad8cfd19e686ead3e46eb9df5a399419dd618642e794bea7c176d21f9a3f277a8b0aae3374f26184eaae8b4112f8afe0783b3a8b2d822cdbf441320fda88d6f951ab965cbc86aa3311abe65d3a40a62b582dc896132e7c1e0370c9b8a7077e51555433ce3f9203e3391c1987c6ff9524e8cd40e912320950428b5388e66f8bb2657889de370b04ce7cfe79916157dd366dd2363ab764985332c3526b2ee20c7d7ffc4584aacd6ffd266db5da8762716589b283159c764e3092b280d71c49f5db4123a5f47838cd19c98fedd242c0728618ce8cfddd4456cd253a9a62888b1864ec34379fc0cde232a2617f13994c72c1cf0753cb9b5e39bff5371a9af414d81abed9e9175ae5238e5b5d4e99aba41cc28f90f46f6ec0e90863fe12f0a1c2b71ed2336280752f3b956ead214ecebff536ff53d8448da72ba4e523c480e08a33484af3cfac802210b55e87f4d37a4a55a60fdff1ab5a1e75dfa7cdc59d9ee897e924b4e60b42a818d298845b227d52dec21cb341d76676712ad9d57078a54fcd990d625628cd5ff617eeed0805ad82e1b0ae180031443fcd18c1721385e32ac1b8f5a181a1684dead3851b8411edb902be90de82936b96a9350a5ccf5909ebaa5bfc27539f6c41334b359a75e93692aa1a9cf25fe9954987b84714f2ba95d5b8393ea21ba339bdfbe19ccfe3765eb753515c0feb87e10ce48ff950bc40a9c55f82f80a7024d084e28d78ab6559af1aa38507e06e79c5f55925e6f5600a74565f6f0d1a82fd9e0fdddc03308baa2ac952948fb79b9e54a59039e1f5743b05439034fbdee186b2df26bb87d22a970f29063724dbac5de9a5dc25d72db3e1714891f332fce9d83244e26a3e51ad1fc732f2754abb07dd9ff14fda597a93f56194dd69dcbaf6c6d9d7fb6bc965169361553035c447ed73bafa2bea5920fcd28e847c336c4464bcb7ee72eec4a7df4dd6995619d6ce4794dfe45bfe545ec42b295c1a5812c4acc2257f79e25113d486589f1083294d1065c1759175c699136c48c2450f8316c096e49a0804b6c0b66402630c161b64ecd307c2112eb4ff3b12586b24d34d9194965540fa1aedaf3b33a32b3ae9358b100c9b2eb5854ff9728193a4e5f4a8add4e6b2931f12b5d4d7b2cae6dc783d8a086041e4dd0306ada30435433e3ed8b7575c5c36e842ab51090d7778155f3c4f9a7ce4fc8f2bf2927d1eabd733b5110de2f7431d24278325c75f958e1b2194275c58a92b4d465841424ee28e41c4a8ad3b7cfcdb96be877ac952a556dbccbdb50f747df58ce08f9de6072d949d7b3983e47da5cbaf7a625e04771cd43a7c035dffcedb3dce1aac8a457e266e727aceccd98a4cf8c6f472af71318df82e271b64ac0338a69a53b7d19c89c616382de58f75ddb5b78d8062ce9ec0ef2a72f327935804d6b1b2d976ca46999ec41c01c7ad165510f2a5963a490128cb5b19c5a1d024f02d0e85f467bd08352f5d872700891a8c4dce69eb1fb5d2b9143dbf82e708976a304a4b5637b88f6d8883200b2a592d321e3dd669c2fa13f1bb98948a3ec44f386940c6d19357a1b2d2c70b0d69bc746af1c789f7c757ec1c295f5c4ba58f77b8fc9c431b1ce3203ba5f4fd184c2714fa5876f74086e3fb7d183512d18c343b80229d0578a3fba5de96359bd79baf3bc24394b104b2aa24e52023dbc256d5d1ce1371e176a8164f75bfbed77d78fd362213bd97fc7c59aa0ca118e3bd25c69a797b9cd3207f1694e2d65b61fae2022b75eb240263b8de74fddef65bfc65d30320c7d1a1e6a15fa12d456b5ddf479c401ff34990878146182d22e4edf2c00f31f6397cf0f9f50e742a84d5a33c9a5e924a7fa6e0d7183c3350d44fd0a06420feebf1ef34308433221b7b594d32a9a79f8c04484ef216ee1c91d084a94b70072c35043f5c9b690e0c7c5ce06be22bc35aa479635bb470ce9b44de0da0409879b90f99b74cc9f149d98fb11f4404e98a663a4c0baef8eff495fb22826d3a92449756df258a0dfe29f830b05663fb88d38097b70adfa0d9bcf92d56ab94d817261c10cec2c0b3a73fb8c0cc53e8ecc039dd14db47a9749c7f75d503cad07b94d545df4d5103f04dcea88c8af2ed8c6a51438745124b5a9b38694a39a2282faff176997b681481f19ed592927c7185704a40a8ec775c1444b5c6be018fe7613d376b2b5db1544d11c6b43e9ba55facbf99898eeef07173a9764ff222a2fcce913661cae119faa8a8b4c609770c6dc62fd9fea4a37f6fa70f12f41145ee5c74c5f1ac663dc711b5bc6d87ab65ec8660e8965c4d37a9c596d46a26c7c776b61db240c387a30f57b3618903caa25534b0d9b30606ddf3a26c8fc3f2fdbd60922b0d80f4a6748751e6b17f522e7e529d9783cf86b594b59f4cf8022ba3c954e0a2bfd81be9e88ddc63087b6fcbe451b8fe848b911de848ca881b935be220289f9e6c47f2c9a11e62c657ccab2bda00d31ca2b9cf9e5634a18ae4493bb0c1add469b0a5e166145a9aef5641170f7fd579b3ceebb3ba3e3c7cc73c1683f5c67e3ec85b5218641acdee042a843b867ce8fd505e63597ee8f5bdd096bbd365577f5285734a03051bb210e08a4e59265d94adeec0ccbc4cfef37db3771db2a4ffc308c399230ac686456610f6a030498ca3cd940116119fafde4ea2fbd48aba9043ef56702a8c95ca28a3baa54894bbad7ab3406c449b332e93d67fff94e9e80a7305a8d1c89f07e6123426afa1ef6e570aa33bc29d1cf8eeb38978d4ce0122a3179e1daebff48ae4e140f85af47e789435370c761a7c854d34325d31a3c04dd9849251783d9b2ac53502bbc1f5230cf1642d8918d2723ec5501742bafdb7ddbe373b75613a10aec3d0329fb4dc79fc0735995d4d413d9860f40b64ac5f6e6dbb14ad90e9db0c828cfee02406e4e75059bf5b0f022866f3bbb4328a73a0693f415d5492359442a6dfecf5fb9f3f485e58450bbcd6b6d15817571cbc28f38892c875b45dd0375627a503857f424cb055117158790de9dbe73dd259aac6cd6e41c964050acb7c316f51042b5069a003265feff09eeff9a96b863b9c4d20f54ac75e9a394486ce1f8c5d293c8f24c59e50f468493582d06d328745b9334993b3355ca37f693d7f035ab0006935d65c79771f398876a40afd3c34aa88256281cc45ff4a42e94d39922f94a4f793e6356e62a30e456c047e44692e77a1828fc4e2e07d838f3b1a1d78f6b62736c8c20d1c26204bdebf34e7efa554632d3aa1d0804340f7d85935593b16264d6703d01c2b52cf7403222c7ae8f4cb4786fbb752d71788f94dc746f4e218121e7a9a472edc4340246a075bf532a8eb7177da34daf019fc2caecc52b82cf5a2b246730d3ff308684239733993f1846421dab195d63286c35049a3cb265de6b52be6843ef243db2ac6c4637e24eb1a650ee4b21c3d056a95b26563e8f30eb52da71c269b8a1b985c0c88fa01330b1e7fdadca39cd76a9e23fd2be2688da6f387ed66bfd389ed3fd92a47808f5f1eb3290ea3650a611709bafe8ff8a12090c754e8653d6e073d69b0a29abf3de87cc0b36b24f738c02d68d5a8a7273493862a7b529e41247f2349eb20cf51d8270667aa4fa00b96d33fcf4dce598d7f3972c496a56b882f2059148877f45e63a1ee885a58aa98a79059f4e751c57b6fc7a5be29ce0358f0ea6fc87bb6726699c933b768296135880efc8a7a7b99db316c9406891e112ca6bec7074f9589fc0d90509de9ae16e2d26badbe1d05e3135e46167e834445d1a68d368c362e5f4bcc321a09aaf7b65a34a83195288f58f9f7b0cbbb075b0a73f1649b6dafa17f4c2aca4b160c4a63451a141ce41e005a5931676ab022054a2ef05d2c8c0f7c7639dc3464e4c5e1882d7d41cba6a3de2502fcc0ce6fc7446f1d151d8776f9ab9d7fe24a9c26f2f1259622b8ce9bf3f9f7118d5d64d9e9fffa59bcc71111d12ede29f791d60d702485d7e4e7a48fed5a9a0cc0db71c66813757668104a4ef8c634fd887c65b77f1ecace09eb66486edb614187f5c1732d51fc80de15f2fd032ccdc9f9a420c425db50831dd3cadd5c0ae19c7412bfe9deaef22332a4252cc6593acec32111f869b658b2fd370217ff27eebf4548b676db40b1e6fefdbe6d2220380f8e473ad1c60a400d347d94bf7583e5a640be4a2c2825820d7900eb71b99286a4ff3a69a73c7f253f5ee18e979a5e6dd20447bffdc852cd60851d2c7536477393ed22fbced20cb6eff532d3ffdc491041602a2b1a00ac65b72fc11ce67d68319337d7db237eac068b5a2a882d396f0f7672f10fc9de1f17b1103e511a988cf40844987bd4a4b6a397312755450f0d0136a7ae855dead6d46951c2277daa34eb195bdf9eaad51b788fe78f19f54d88cee62e2933ca9fd44c38c5474526eaf98aaf2a04c684ee52592540fb8ed8a5aa43f26d8fdeac16c41c84f2411da60e2b5cc9b38a8a6a397eaa98f6726372eb1fd6aa0845f5a89dc53e77d3564b8a8fe376526123c110df85e9697758f295c", 0x1000, 0x4f8, 0x366f}], 0x140000) kexec_load(0x1, 0x4, &(0x7f0000001800)=[{&(0x7f00000003c0)="e3b94ec737a33d601c706aa5f51664565c6623953f392e28e792ff7efe58837cea8ab3a30ce070c04315421d52d226f1ae2d6256faf489de9fed593e46da364b18546dd7b0c835b3f730451ab2d78cb5bdf47d7da1a4f55ef34288dad7ef60390daf8b120ba5026bbc57a7ee193d34920d20b080c8edea084d8ac05ec621d5ff783d44b94338d4ec0ac9c017c96c10b0098281da53550f27daef512a930b15c492", 0xa1, 0x2, 0xfff}, {&(0x7f0000001700)="eba55f1250e582296fe62cc06b77f7a45f5c28cc1954bf7f82b30005c7114a271921b57846ea23f6e444157bc9dbe319251bf282230e9338bbaa91df0a903003de7f61bd39fb428dbb0ea5dc6348d8a8ffd69b328e90914d57799532512eb01fb34ae03e1e5aabda65c0b93c47fab4ad32fd7fc7b5173cd9acf61a3b87ee96e7d22963c8aaf81f0bbdf5ed191d93ef1a258a69e76c3586b7e2", 0x99, 0x7fff, 0x81}, {&(0x7f0000000200)="68407a53a2422c803e6339d627fafb54dbdf1e5bf72b835ac2f72a0517ba220743e35c3868aad32ae6bc614ea5fa078638357286fed3d41a71c6d08ba8bea29917815a505fdc394147b4febb183fd33d0260df63eec91c335fee508063b985a289d4", 0x62, 0x8, 0x100000001}, {&(0x7f00000017c0)="eb78540bbe157b30e52fba0068f3f151a941eef5c855ec232587fbd682147f92ca997c2fbe0a30021a47d7195d22a76dee", 0x31, 0x1, 0x5}], 0x2a0000) 20:20:12 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf5ffffff, 0x4022812, r0, 0x0) 20:20:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x230f0000, 0x4022812, r0, 0x0) 20:20:12 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xfcffffffffff0700, 0x4022812, r0, 0x0) [ 1716.219000] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1716.220715] ref_ctr increment failed for inode: 0x3e86 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009830c4b7 [ 1716.290167] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1716.291799] ref_ctr increment failed for inode: 0x3e86 offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000009830c4b7 20:20:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x240f0000, 0x4022812, r0, 0x0) 20:20:26 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfe800000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:26 executing program 7: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x6000000, 0x0, 0x8800000) 20:20:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xfffff000, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:20:26 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x8800000, 0x0, 0x8800000) 20:20:26 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 84) 20:20:26 executing program 5: rt_sigtimedwait(&(0x7f0000000000)={[0x1]}, &(0x7f0000000040), &(0x7f00000000c0)={0x77359400}, 0x8) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) 20:20:26 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff0f000000000000, 0x4022812, r0, 0x0) 20:20:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xffffff7f, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) [ 1729.827418] FAULT_INJECTION: forcing a failure. [ 1729.827418] name failslab, interval 1, probability 0, space 0, times 0 [ 1729.829790] CPU: 1 PID: 9699 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1729.831195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1729.832919] Call Trace: [ 1729.833456] dump_stack+0x107/0x167 [ 1729.834209] should_fail.cold+0x5/0xa [ 1729.834984] ? create_object.isra.0+0x3a/0xa20 [ 1729.835924] should_failslab+0x5/0x20 [ 1729.836693] kmem_cache_alloc+0x5b/0x310 [ 1729.837516] ? lock_chain_count+0x20/0x20 [ 1729.838361] create_object.isra.0+0x3a/0xa20 [ 1729.839251] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1729.840293] __kmalloc+0x16e/0x390 [ 1729.841021] ext4_find_extent+0xa3d/0xd30 [ 1729.841875] ext4_ext_map_blocks+0x1c8/0x5850 [ 1729.842804] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1729.843874] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1729.844937] ? ext4_ext_release+0x10/0x10 [ 1729.845776] ? ext4_map_blocks+0x5e0/0x1940 [ 1729.846652] ? lock_release+0x680/0x680 [ 1729.847454] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1729.848420] ? lock_downgrade+0x6d0/0x6d0 [ 1729.849268] ? down_write+0xe0/0x160 [ 1729.850018] ? down_write_killable+0x180/0x180 [ 1729.850948] ext4_map_blocks+0x652/0x1940 [ 1729.851794] ? kmem_cache_alloc+0x2a6/0x310 [ 1729.852662] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1729.853565] ? jbd2__journal_start+0xf3/0x7e0 [ 1729.854482] ? __ext4_journal_start_sb+0x214/0x390 [ 1729.855484] ? __ext4_journal_start_sb+0x1db/0x390 [ 1729.856487] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1729.857552] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1729.857574] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1729.858525] ? down_write_killable+0x180/0x180 [ 1729.858555] ext4_fallocate+0x415/0x3860 [ 1729.859388] ref_ctr increment failed for inode: 0x3e7a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004455f03c [ 1729.860288] ? __x64_sys_fallocate+0xcf/0x140 [ 1729.860312] ? lock_release+0x680/0x680 [ 1729.860336] ? ext4_ext_truncate+0x250/0x250 [ 1729.865315] ? ext4_ext_truncate+0x250/0x250 [ 1729.866201] vfs_fallocate+0x48f/0xd00 [ 1729.866991] __x64_sys_fallocate+0xcf/0x140 [ 1729.867877] do_syscall_64+0x33/0x40 [ 1729.868624] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1729.869650] RIP: 0033:0x7f6d60f48b19 [ 1729.870401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1729.874094] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1729.875626] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1729.877050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1729.878478] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1729.879923] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1729.881349] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 20:20:26 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfec00000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:26 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf5ffffff00000000, 0x4022812, r0, 0x0) 20:20:26 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xa010000, 0x0, 0x8800000) 20:20:26 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xff000000}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:26 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xff2f000000000000, 0x4022812, r0, 0x0) [ 1729.950348] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1729.952209] ref_ctr increment failed for inode: 0x3e7a offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x000000004455f03c 20:20:26 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfffffdef}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xffffff9e, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:20:40 executing program 7: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=0x0) fstat(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001d40)=[{{&(0x7f0000000140)=@abs, 0x6e, &(0x7f0000001640)=[{&(0x7f00000001c0)=""/119, 0x77}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)}, {&(0x7f0000001280)=""/67, 0x43}, {&(0x7f0000001300)=""/194, 0xc2}, {&(0x7f0000001400)=""/227, 0xe3}, {&(0x7f0000001500)=""/68, 0x44}, {&(0x7f0000001580)=""/139, 0x8b}], 0x8, &(0x7f00000016c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000001740)=@abs, 0x6e, &(0x7f0000001c80)=[{&(0x7f00000017c0)=""/13, 0xd}, {&(0x7f0000001800)=""/220, 0xdc}, {&(0x7f0000001900)=""/116, 0x74}, {&(0x7f0000001980)=""/104, 0x68}, {&(0x7f0000001a00)=""/202, 0xca}, {&(0x7f0000001b00)=""/43, 0x2b}, {&(0x7f0000001b40)=""/150, 0x96}, {&(0x7f0000001c00)=""/124, 0x7c}], 0x8, &(0x7f0000001d00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}}], 0x2, 0x10001, &(0x7f0000001dc0)={0x77359400}) r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r4, &(0x7f0000000140)=0x9, 0xdb7b) statx(r3, &(0x7f0000000180)='./file1\x00', 0x3000, 0x10, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r6, r7, 0x1000) statx(0xffffffffffffffff, &(0x7f0000001e00)='./file0\x00', 0x6000, 0x100, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r9, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) r10 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001240), 0x107600, 0x0) mknodat$loop(r10, &(0x7f0000002040)='./file0\x00', 0x2000, 0x0) faccessat(r3, &(0x7f0000002080)='./file0\x00', 0x31) sendmmsg$inet6(r9, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r9, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="83cc1155bed4966c24e08cf91550a4a740a8e9822c7d6f9eb61360cd826631b651dca8410d6baa056153ea84f9b32e66b9ba2c7f7feea6b24af75d7c4faeaa", 0x3f}], 0x1, &(0x7f0000001f40)=[@cred={{0x1c, 0x1, 0x2, {r0, 0xee00, r1}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r6, r8}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r9]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, 0xee01}}}], 0xb8, 0x44}, 0x0) 20:20:40 executing program 5: futex(0x0, 0x7, 0x0, 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = add_key$fscrypt_v1(&(0x7f0000000180), 0x0, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb342b87ae631f7a548867a29f29fd1637ddac658a709b49b093393d0e1c7391515c7ab7c"}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) keyctl$chown(0x4, r1, 0xee01, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80743, 0x88) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000040)=0x1, 0x4) write$rfkill(r2, &(0x7f00000000c0)={0x0, 0x0, 0x3, 0x1}, 0x8) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x80}], 0x0) kexec_load(0x7, 0x6, &(0x7f0000000400)=[{&(0x7f0000000000)="0600bd566adc0f536a0c07345b49cf4b4b0600d0d8fa694d23caa46d0a7fd04679a67ce94616dfc0a3b2d62016050c709ea8142790e4c1685d27bbb52ce3a213b6c285b0e4f8975890d79bc95c6c66342a7cc2711edaf68306d6ad81dea9239b93c886f99f55bb7dfa1c94eac4a4a0ef9164d723ccc444ad0b668a1a3e625986d84d0eb1a06b12b4c6f604a87b39bae3c89bf6a2683ec6b97d6d6d9edc936f5e87", 0xa1, 0x7, 0x2}, {&(0x7f00000000c0)="ef8accdf1bf3c5dfcc1ddc9c05e4a7f84522372a26964bb8b5df1f5833d5907d585c67d4a2f1746c81e99e3c17dfdad8ef4f8887443b382133fe91d8e18e0bef07ac6675a63ac775d7b36c7d385e2ebc6aaa6e81529c985ad6da8bf18b32dc8c10735a0b854b15381f46bf287885fe895769dd0706f597e0da692b6d2ba22b61a705c25e01874c584c8fee88c0794e08afa6965ac7173e4778be95e01ca707fad3868f7d79767bc1f8dfac458a8d56637f74a840e02097fdf90c70", 0xbb, 0x0, 0x7fffffff}, {&(0x7f0000000180)="163345d6a284857c56f92b57d13a0ee5117930c9850744a685aedcbbef19c76254e29793f22a2fdacf76350ebea8ba529a93c1207c749772b596b677a16b6a7d94e4fb5aaceb7a6461e981531751654bdd9ff1f70eccb533a003c5d041a8f19b189219609fe7d44b969730a5d702d1d85a4b05d6ec06305a3ca8d42b1018cd7138bcf918e07ccd15f3f8de515f96af5cfb18c241916100"/160, 0xa0, 0x4, 0x2}, {&(0x7f0000000280)="24a5027bd443", 0x6, 0xfffffffffffffffc, 0x100000000}, {&(0x7f00000002c0)="103d195f13190859f245f33d16f9b6f488cd2467f18dafcaa3b8b1777ef21b2607874330a60630709030e827967d37cce69e0732175192c2b1ad4ec0f346e1f070f8635994a8f99d44f5fd1c41d6d573fcb7f6f3e98978a59b816269c900e6629ecad2e28ef041bc708a27c2927d74caac5bec3a286a8ef38c4735aa5f8b811ad92c9017c8f72af5761cd9324a40286409d35061f57641d53e0901d822b7ef753210214dfd5d98e6f396f98a9d1d505a91072a46df57a3905085507bf841cea53a162005823f09a40cedab075c395643069968822832f638bc9fc0d7f945b3db12a267efe93653eba4b9e68622ae0dfa4741cf", 0xf3, 0x8, 0x7}, {&(0x7f00000003c0)="196efcbee28d60ba4a298eab34871b0601c0260fcff2", 0x16, 0x0, 0xc1}], 0x160000) 20:20:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xfffffff0, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:20:40 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="020000d0"], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000002, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3f000000, 0x4022812, r0, 0x0) 20:20:40 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xb010000, 0x0, 0x8800000) 20:20:40 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xffffff7f}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:40 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 85) 20:20:40 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000080)=ANY=[], 0x1020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xffffffff00000000, 0x4022812, r0, 0x0) [ 1743.966674] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1743.968519] ref_ctr increment failed for inode: 0x3e8f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000d43e9cb1 [ 1744.008073] [ 1744.008459] ====================================================== [ 1744.009711] WARNING: possible circular locking dependency detected [ 1744.010970] 5.10.204 #1 Not tainted [ 1744.011716] ------------------------------------------------------ [ 1744.012999] syz-executor.5/9755 is trying to acquire lock: [ 1744.014115] ffff8880182acae8 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xa90 [ 1744.016103] [ 1744.016103] but task is already holding lock: [ 1744.021168] ffff8880182acf40 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xef/0x1240 [ 1744.022910] [ 1744.022910] which lock already depends on the new lock. [ 1744.022910] [ 1744.024581] [ 1744.024581] the existing dependency chain (in reverse order) is: [ 1744.025162] FAULT_INJECTION: forcing a failure. [ 1744.025162] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.026073] [ 1744.026073] -> #3 (&hdev->req_lock){+.+.}-{3:3}: [ 1744.026111] __mutex_lock+0x13d/0x10b0 [ 1744.026139] hci_dev_do_close+0xef/0x1240 [ 1744.028603] CPU: 0 PID: 9752 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1744.029643] hci_rfkill_set_block+0x166/0x1a0 [ 1744.030531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1744.031454] rfkill_set_block+0x1fd/0x540 [ 1744.032866] Call Trace: [ 1744.033862] rfkill_fop_write+0x253/0x4b0 [ 1744.035574] dump_stack+0x107/0x167 [ 1744.036500] vfs_write+0x29a/0xa70 [ 1744.037036] should_fail.cold+0x5/0xa [ 1744.037947] ksys_write+0x1f6/0x260 [ 1744.038699] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 1744.039490] do_syscall_64+0x33/0x40 [ 1744.040282] should_failslab+0x5/0x20 [ 1744.041086] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.042043] kmem_cache_alloc+0x5b/0x310 [ 1744.042852] [ 1744.042852] -> #2 [ 1744.043679] ext4_mb_new_blocks+0x64d/0x45b0 [ 1744.044792] ( [ 1744.045646] ? trace_hardirqs_on+0x5b/0x180 [ 1744.046331] rfkill_global_mutex [ 1744.047250] ? ext4_cache_extents+0x148/0x2d0 [ 1744.047597] ){+.+.}-{3:3} [ 1744.048498] ? ext4_discard_preallocations+0xd80/0xd80 [ 1744.049131] : [ 1744.050090] ? ext4_ext_search_right+0x2e3/0xbd0 [ 1744.050632] __mutex_lock+0x13d/0x10b0 [ 1744.051748] ext4_ext_map_blocks+0x1d68/0x5850 [ 1744.052089] rfkill_register+0x36/0xa10 [ 1744.053107] ? lock_release+0x4d1/0x680 [ 1744.053968] hci_register_dev+0x42e/0xc00 [ 1744.054892] ? __is_insn_slot_addr+0x123/0x290 [ 1744.055782] __vhci_create_device+0x2c8/0x5c0 [ 1744.055805] vhci_open_timeout+0x38/0x50 [ 1744.056644] ? lock_downgrade+0x6d0/0x6d0 [ 1744.057553] process_one_work+0x9a9/0x14b0 [ 1744.058512] ? unwind_next_frame+0x13ef/0x1a90 [ 1744.059476] worker_thread+0x61d/0x1310 [ 1744.059499] kthread+0x38f/0x470 [ 1744.060475] ? entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.061300] ret_from_fork+0x22/0x30 [ 1744.062302] ? ext4_ext_release+0x10/0x10 [ 1744.063186] [ 1744.063186] -> #1 [ 1744.064153] ? lock_release+0x680/0x680 [ 1744.064897] ( [ 1744.066035] ? lock_release+0x4d1/0x680 [ 1744.066855] &data->open_mutex [ 1744.067732] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1744.068419] ){+.+.}-{3:3} [ 1744.069270] ? lock_downgrade+0x6d0/0x6d0 [ 1744.069618] : [ 1744.070458] ? lock_acquire+0x3ef/0x470 [ 1744.071064] __mutex_lock+0x13d/0x10b0 [ 1744.072083] ? down_write_killable+0x180/0x180 [ 1744.072622] vhci_send_frame+0x63/0xa0 [ 1744.073503] ext4_map_blocks+0x652/0x1940 [ 1744.073843] hci_send_frame+0x1b9/0x320 [ 1744.074660] ? kmem_cache_alloc+0x2a6/0x310 [ 1744.075507] hci_tx_work+0x10af/0x1660 [ 1744.075528] process_one_work+0x9a9/0x14b0 [ 1744.076514] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1744.077374] worker_thread+0x61d/0x1310 [ 1744.078204] ? jbd2__journal_start+0xf3/0x7e0 [ 1744.079065] kthread+0x38f/0x470 [ 1744.079084] ret_from_fork+0x22/0x30 [ 1744.080040] ? __ext4_journal_start_sb+0x214/0x390 [ 1744.080889] [ 1744.080889] -> #0 [ 1744.081869] ? __ext4_journal_start_sb+0x1db/0x390 [ 1744.082733] ( [ 1744.083730] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1744.084594] (work_completion)(&hdev->tx_work) [ 1744.085432] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1744.086257] ){+.+.}-{0:0} [ 1744.087330] ? down_write_killable+0x180/0x180 [ 1744.088028] : [ 1744.089100] ext4_fallocate+0x415/0x3860 [ 1744.089462] __lock_acquire+0x29e7/0x5b00 [ 1744.090542] ? __x64_sys_fallocate+0xcf/0x140 [ 1744.091408] lock_acquire+0x197/0x470 [ 1744.091428] __flush_work+0x105/0xa90 [ 1744.092491] ? lock_release+0x680/0x680 [ 1744.093030] hci_dev_do_close+0x131/0x1240 [ 1744.093050] hci_rfkill_set_block+0x166/0x1a0 [ 1744.094047] ? ext4_ext_truncate+0x250/0x250 [ 1744.094385] rfkill_set_block+0x1fd/0x540 [ 1744.094405] rfkill_fop_write+0x253/0x4b0 [ 1744.095210] ? ext4_ext_truncate+0x250/0x250 [ 1744.096126] vfs_write+0x29a/0xa70 [ 1744.096147] ksys_write+0x1f6/0x260 [ 1744.097134] vfs_fallocate+0x48f/0xd00 [ 1744.097980] do_syscall_64+0x33/0x40 [ 1744.098900] __x64_sys_fallocate+0xcf/0x140 [ 1744.099681] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.099694] [ 1744.099694] other info that might help us debug this: [ 1744.099694] [ 1744.100751] do_syscall_64+0x33/0x40 [ 1744.101722] Chain exists of: [ 1744.101722] [ 1744.102658] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.103554] (work_completion)(&hdev->tx_work) [ 1744.104598] RIP: 0033:0x7f6d60f48b19 [ 1744.105463] --> [ 1744.106286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.107095] rfkill_global_mutex [ 1744.107979] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 [ 1744.108804] --> [ 1744.109721] ORIG_RAX: 000000000000011d [ 1744.110830] &hdev->req_lock [ 1744.110830] [ 1744.112667] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1744.113397] Possible unsafe locking scenario: [ 1744.113397] [ 1744.114339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1744.115344] CPU0 CPU1 [ 1744.115357] ---- ---- [ 1744.116378] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1744.117090] lock(&hdev->req_lock [ 1744.117549] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.121214] ); [ 1744.121869] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1744.136149] lock(rfkill_global_mutex); [ 1744.137461] lock(&hdev->req_lock); [ 1744.138696] lock((work_completion)(&hdev->tx_work)); [ 1744.139746] [ 1744.139746] *** DEADLOCK *** [ 1744.139746] [ 1744.140950] 2 locks held by syz-executor.5/9755: [ 1744.141924] #0: ffffffff85619628 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0xff/0x4b0 [ 1744.143867] #1: ffff8880182acf40 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xef/0x1240 [ 1744.145744] [ 1744.145744] stack backtrace: [ 1744.146668] CPU: 1 PID: 9755 Comm: syz-executor.5 Not tainted 5.10.204 #1 [ 1744.148077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1744.149740] Call Trace: [ 1744.150263] dump_stack+0x107/0x167 [ 1744.150996] check_noncircular+0x263/0x2e0 [ 1744.151859] ? register_lock_class+0xbb/0x17b0 [ 1744.152776] ? print_circular_bug+0x470/0x470 [ 1744.153678] ? alloc_chain_hlocks+0x342/0x5a0 [ 1744.154571] __lock_acquire+0x29e7/0x5b00 [ 1744.155404] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1744.156450] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1744.157502] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1744.158582] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1744.159683] lock_acquire+0x197/0x470 [ 1744.160446] ? __flush_work+0xdd/0xa90 [ 1744.161223] ? lock_release+0x680/0x680 [ 1744.162020] ? lock_release+0x680/0x680 [ 1744.162815] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1744.163885] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1744.164968] ? trace_hardirqs_on+0x5b/0x180 [ 1744.165830] __flush_work+0x105/0xa90 [ 1744.166597] ? __flush_work+0xdd/0xa90 [ 1744.167380] ? queue_delayed_work_on+0xe0/0xe0 [ 1744.168309] ? hci_dev_do_close+0xef/0x1240 [ 1744.169177] ? __cancel_work_timer+0x2a9/0x4c0 [ 1744.170108] ? mutex_lock_io_nested+0xf30/0xf30 [ 1744.171044] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1744.172094] ? __cancel_work+0x250/0x2b0 [ 1744.172900] ? trace_hardirqs_on+0x5b/0x180 [ 1744.173779] ? __cancel_work+0x1bb/0x2b0 [ 1744.174587] ? try_to_grab_pending+0xe0/0xe0 [ 1744.175461] hci_dev_do_close+0x131/0x1240 [ 1744.176327] ? rfkill_set_block+0x18f/0x540 [ 1744.177181] ? hci_dev_open+0x350/0x350 [ 1744.177972] ? mark_held_locks+0x9e/0xe0 [ 1744.178778] hci_rfkill_set_block+0x166/0x1a0 [ 1744.179686] ? hci_power_off+0x20/0x20 [ 1744.180455] rfkill_set_block+0x1fd/0x540 [ 1744.181276] rfkill_fop_write+0x253/0x4b0 [ 1744.182097] ? rfkill_sync_work+0xa0/0xa0 [ 1744.182933] ? security_file_permission+0x24e/0x570 [ 1744.183955] ? rfkill_sync_work+0xa0/0xa0 [ 1744.184798] vfs_write+0x29a/0xa70 [ 1744.185527] ksys_write+0x1f6/0x260 [ 1744.186257] ? __ia32_sys_read+0xb0/0xb0 [ 1744.187067] ? ksys_write+0x260/0x260 [ 1744.187832] do_syscall_64+0x33/0x40 [ 1744.188582] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.189610] RIP: 0033:0x7ff8a1fd3b19 [ 1744.190361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.194133] RSP: 002b:00007ff89f549188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1744.195666] RAX: ffffffffffffffda RBX: 00007ff8a20e6f60 RCX: 00007ff8a1fd3b19 [ 1744.197087] RDX: 0000000000000008 RSI: 00000000200000c0 RDI: 0000000000000004 [ 1744.198506] RBP: 00007ff8a202df6d R08: 0000000000000000 R09: 0000000000000000 [ 1744.199931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1744.201346] R13: 00007ffdfe57838f R14: 00007ff89f549300 R15: 0000000000022000 [ 1744.257780] FAULT_INJECTION: forcing a failure. [ 1744.257780] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.260088] CPU: 1 PID: 9771 Comm: syz-executor.0 Not tainted 5.10.204 #1 [ 1744.261447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1744.263093] Call Trace: [ 1744.263617] dump_stack+0x107/0x167 [ 1744.264353] should_fail.cold+0x5/0xa [ 1744.265103] ? 0xffffffffa0000000 [ 1744.265798] ? create_object.isra.0+0x3a/0xa20 [ 1744.266711] should_failslab+0x5/0x20 [ 1744.267466] kmem_cache_alloc+0x5b/0x310 [ 1744.268287] create_object.isra.0+0x3a/0xa20 [ 1744.269161] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1744.270168] __kmalloc+0x16e/0x390 [ 1744.270878] ext4_find_extent+0xa3d/0xd30 [ 1744.271726] ext4_ext_map_blocks+0x1c8/0x5850 [ 1744.272626] ? lock_release+0x4d1/0x680 [ 1744.273422] ? __is_insn_slot_addr+0x123/0x290 [ 1744.274333] ? lock_downgrade+0x6d0/0x6d0 [ 1744.275169] ? unwind_next_frame+0x13ef/0x1a90 [ 1744.276092] ? entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.277149] ? ext4_ext_release+0x10/0x10 [ 1744.277973] ? lock_acquire+0x3ef/0x470 [ 1744.278762] ? lock_release+0x680/0x680 [ 1744.279556] ? lock_release+0x4d1/0x680 [ 1744.280369] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 1744.281312] ? lock_downgrade+0x6d0/0x6d0 [ 1744.282134] ? lock_acquire+0x3ef/0x470 [ 1744.282936] ? down_write+0xe0/0x160 [ 1744.283684] ? down_write_killable+0x180/0x180 [ 1744.284597] ext4_map_blocks+0x652/0x1940 [ 1744.285420] ? kmem_cache_alloc+0x2a6/0x310 [ 1744.286280] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 1744.287173] ? jbd2__journal_start+0xf3/0x7e0 [ 1744.288079] ? __ext4_journal_start_sb+0x214/0x390 [ 1744.289055] ? __ext4_journal_start_sb+0x1db/0x390 [ 1744.290031] ext4_alloc_file_blocks.isra.0+0x2eb/0xb40 [ 1744.291077] ? ext4_iomap_xattr_begin+0x530/0x530 [ 1744.292123] ? down_write_killable+0x180/0x180 [ 1744.293027] ? ksys_write+0x21a/0x260 [ 1744.293785] ext4_fallocate+0x415/0x3860 [ 1744.294597] ? lock_acquire+0x3ef/0x470 [ 1744.295384] ? lock_release+0x680/0x680 [ 1744.296198] ? ext4_ext_truncate+0x250/0x250 [ 1744.297090] ? ext4_ext_truncate+0x250/0x250 [ 1744.297995] vfs_fallocate+0x48f/0xd00 [ 1744.298769] __x64_sys_fallocate+0xcf/0x140 [ 1744.299624] do_syscall_64+0x33/0x40 [ 1744.300373] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1744.301412] RIP: 0033:0x7f6d60f48b19 20:20:40 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)=ANY=[], 0x8) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty, 0xfffffff5}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) 20:20:40 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0xc000000, 0x0, 0x8800000) 20:20:40 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r1, &(0x7f00000003c0)={0x0, 0xfffffffc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6}]}, 0x24}}, 0x0) 20:20:40 executing program 0: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) (fail_nth: 86) [ 1744.302179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.306107] RSP: 002b:00007f6d5e4be188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1744.307620] RAX: ffffffffffffffda RBX: 00007f6d6105bf60 RCX: 00007f6d60f48b19 [ 1744.309048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1744.310465] RBP: 00007f6d5e4be1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1744.311903] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.313320] R13: 00007ffdd1e974af R14: 00007f6d5e4be300 R15: 0000000000022000 [ 1744.339749] ref_ctr going negative. vaddr: 0x20ffa002, curr val: -12288, delta: 1 [ 1744.341425] ref_ctr increment failed for inode: 0x3e8f offset: 0x0 ref_ctr_offset: 0x2 of mm: 0x00000000d43e9cb1 VM DIAGNOSIS: 20:20:40 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=0000000000000004 RCX=ffffffff8156acd0 RDX=0000000000000000 RSI=ffffffff8156b290 RDI=0000000000000001 RBP=00000000000000a4 RSP=ffff88801b047628 R8 =0000000000000001 R9 =ffffea0000d24d37 R10=0000000000000000 R11=0000000000000001 R12=ffffea0000d24d00 R13=dffffc0000000000 R14=ffff888009dda538 R15=ffffea0000d24d00 RIP=ffffffff81408ab4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe3900000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffcc6123c58 CR3=0000000038cba000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822cae81 RDI=ffffffff879e8240 RBP=ffffffff879e8200 RSP=ffff88804718f2e8 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001 R12=0000000000000033 R13=0000000000000033 R14=ffffffff879e8200 R15=dffffc0000000000 RIP=ffffffff822caed8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ff89f549700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe5700000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020002040 CR3=0000000020820000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000