eab3d17d4402b54f4988a05febb6d8f2584287ad2dad261688cfdd7c2f5513dc07c191573d11e6ba1562abe1af1ece7f7d88a71576d5fadd8a8d4fe3b59ccba2382b2d47d5612813d0cad020bdbbe4da6645abb73fdb263bb8431cf92e5e3bc5953a79c25c91d8bba3513432ac90f82bc3925d286454eefb77f8ff692cd8635b71a3a0d3817f0617412a424be1b63ab58c9bc98f37f69efe5aa3b8ffa672c938afcd9ac4f6f2ce0f3e498a77207e3d793dbd33181795b405124fc51e885df81c8a241a46d77841dbb8dec44f7298c3bde0f5f936ecbc26dc48d90b1d4fd2626819382fa42992ddd26672ceeee885ee807847db36832395485fb4b7f4db744f22a77c991ded4c0792553640be394f0777c13f17357e98726a3e802a492345871d7a743e783586d35139177b7c874150e28913c94f93a0bad991c7657c033542d7869cf27b60bb4122bd4327d54d3bb1e7b27ac93c821093a3ceb2287a6acb1bc86c33a37dd3414ca9685a643cdefed06d3106a473fcaa2888fe7dc674a1f17af41d40036c440738e5b878216bdb0ddf1b7b802f2939e108823d3a75624a43543bca92e9d61f3a89519044d2e2efc80a38de0f5daebe284820ef5370471bdf17739c75a94371f2197f0ec3526c1c24926e244197580381893230a1a9fb47da35c5f73a0e0f0eac88ba766c1e0574912c87c5e2249bb46b263c162e77faf0a28a99842a4108fb888a374a982d1373884e2c074b2029659a56e45d258cbd25109566e87721c62620d92a05a6d8723b1adf9468e326dc7718d2d20c58a0492398ba0f84445fa0fc360149154ecbb3281ba601135be093c488f39eca13d17420cf869cab93f80d3f476fed3c7f02143133bd641ae3d0c12b0967d57935d69391e2cad83ed25dd185e3643dfbaa6f75836070e87cb4557a423ed4c372f85be6f896b00736a8c8049a5204d94d1d5b232e3f1dba71664a29b1356631a4bd3e01412b8daf6357c1ba4086e3eb8213861ce813faeb15f9ae1da850fd81780e2c7f448f701401d52518c719a8da6c82ed9bb1728fc261c0b935f59daad36e3f6bb4783dd9dc4550b72b9e726a6475a095a8793e2bc846b74268aebf9dac870fa6b5717b94c84021920791a7661fb311750f45e8de866cd1ae0e725cfd11f310c41844ad82e8dc8887407f54fb4954cb4798cf122932576f7ad2d4817e510ddd439727773e5d8dac69cdefdc2b48d50ac20ac3284747dbb2c966a5a1b19e7d56b83559c85137d8595c06580e6a90ece4b25dd4f2d543fbf811f17230bd0605612662aad647f7757f3fc63583618206aadda922aa8e6281ffd55a152e05c38b7587c5ee3a0789ee24e42d7afddece8c08fa1cf02198cea607cbbe64791fd2694888280e5308182b1965e214e146a5f99969f77d139afb9430fe5f09cf9bd604d1e537ef15be4a655ba6c8607eff3b1831124b7c7276b7db930f7543d69359b7e5f7b18780a1c84df00ab46ab82e9c7fd97bc2da03d9c919d779a5892ae9a6b16d1cbcd97", 0x1000}, {&(0x7f0000003080)="06ad0acbafb07738e011638b9712558daf1243bbb95911167dcc6384b59abad5c9868666b6ec8b8e92ae0c71f75934598bdd5df6846c0787e61b7e71b688f2fcefd88ff878ecbb73545c8f350296cba1aff35d32f3ad066f98d2dd", 0x5b}, {&(0x7f0000003100)="269985ba91e277389d254d1144e7e50e75b536612f44f39222ba5d82efe68a94729f67a0d14a1751b32329d89c8f9ab9e226dcee61f36d2d357f462ac8bffcb09c79103e95191c8b71b7cc8be1b987f4b84dc8093a810f9a4c9ae5580629e3d2ac1a46c3588b11ea8e8e3600503770cd02fb0af75580dd6b093e856426376fa21da0f9d4d4ffc27b2256d3e02dfc5826bb7b1ec0da3155839969aac48b0424a17eb9e3ef040bf21f54629af08ce3f594e109679a0d63a55ce65a2e9b58e76934d7ab9821cb2ae260a06b20d753f766711f2649f011716090b4fc89fd06232b44dd3773ab57776de568399f3610ddff", 0xef}, {&(0x7f0000003200)="16d0bfb4c84a0bec7f96e0da0d3123942a24fa5381a7425223125fcf81fc159c9133e8d9f95d497bf98684bc5bcae7507cd33f2d07a72073667e2e216bff112eccfe0a2c653038888fac2e3815ae3768bb9d53e1d9173b03cb6b0718ec51ef5cfa2f55b825edecc7ca32b68f1d076c0f40c46d93b827bab648bfea31d1cafacc179c65ab6c6d2345e7b25f33d8e86ce4494dcf055eca54cacd26342850fc8c7e1db5ba1b91c0a1b6df5660132dd9a86d117de22845c0e333004a3c5d3dd45bc1", 0xc0}], 0x9}}, {{&(0x7f0000003380)=@can={0x1d, r10}, 0x80, &(0x7f0000004980)=[{&(0x7f0000003400)="2d0686a06b636c30a5f0401988699d3d09a865be629577374d1429c7182aa7b321938046109c20fdae2972b7ee848401fd5d658edbd61846cd5bddf9105cdee63118f760f6a91354864183f3fd759c0c2ff548dae905e10657f4e923bccbe17f1abb1ed7088e2a1e88fe157d6135f7d7b0563088e645bb22aea875bfc2f8af445154adc3362694bb81aac451f0c9d159139ee2edc7802f7137773e56b0aecd117942386576ffe649568eed2f2b58c36e39c3934c3dc44acb7ade0cb7a407a39de370306fc48b19a44cc170e5d613970937c5df8b4e14e4b83526fc46db70467b4e14f0b958e2eaf74d1fdfbf8cda611a8c5ce122907d2c4c0c7ac6", 0xfb}, {&(0x7f0000003500)="ac2f422d8dec6cd49cb6e3ada26679cc634ebf0e302eaf572721598f4c7da9e28a8e6ea76c577f36f2fb0dd2c81924d186436a0bbe0da862253e3a27183318e265a5c83299ff3685a41a6ceb8eeff51dd166e7ef2105c0adcb251888f900903eeac12592eb7e952efe074ef246f09d5e992b48afa9e4395e3a0d1e452d09ed1759646eeab299b39e52730003ee27b209d3ab4f39daefa6685d89ec8a03c3068c220fd6c7a6aa2a417940bc5eb5554898e21a0fdf5fed7bffd2a4079bd2a4239c05e2d62dd2ad3658227226e1a886bc6fd1627d6255c4503f8d8c262e4601bd5b87eb", 0xe2}, {&(0x7f0000003600)="8f9dac5a6d3420351e61e0d972813a3fead8a2d28ad2e2bab6a58326b425e1b541117c23775c98fd9c1618c08c74c532e655bbf353f81feb7e518ebaffc40a674b4f6962f15942dcd9b86bf75590180309d6292ff21aa7da1b869855b839b6bf78ddf90a8054f34ef0ef254764fa1a45b27b8166f0d941c3b6888719ff6d6d908c692dde701659a2816a2d7cf46a8a504d130c664c1b77ba5f1b4512bbbec9f5ba81595be93791fd1b8d711857c1d3788e70cbe51fcfddfdfe8491f004c34799d098babce4ca707d0138a29852041ea290af0c48d135a58272202a18fcd62db6677ba51e5aa21c1833d91a73b53906b6b8f3f17ad11b9ba16a7f6cb423b72b258ceae5fa0e36eb8037cb8eb49b8af38cdb0fcd1d92e57276e6cd2ef252b5ba9fb5eabfec2918bf11e60e68f25f77b92ef3065c479e556950a2a4bab6a3fda435f7726e5f40156804c191e997f2c5a495b55f332198175588b849fee6456981d25becc1207c11f96667f6e8b3e1141ad850f6094616fa1a6a1fd29b5589918807b1871837499e7ba83d82ebd6d80e9e9c3fe4914f38ff62d64b64f5bbea9bd6e2cf830507731ee391de30a1887cc67cd79e1ca79896114fc416fef317e0895bd3af1415e6510b5dcdf21c56f7d7f4e54c597e63dfd56cc4710e402264bde4f09d37beae1397c37c961fd0ba5560ab7f12efc5b6b33ca0d025054b327ee19feba0695645657ad409c354745217045c911accf4476ee7983aae86c3ee9e8a62319eb61d890edaf19ac7bf7eaf49013114a71ab5bc64f3c5eb633482134bc98d4a66644b28ce6d80feef0c12761d34065368853700fb866e5b6ac11c19d4a890d9343261baa155b84d74e99923716880a86caafebe4bf35fccb00beb1d9cd9c3ca5ce9cc1a80a3aff8b781379328c94fc46f5c6c7a6b306989fafacb3deb9be275e9eba84782a87adc3b8eb65b4a4c039edfb8f9b3f8211af9ff18778559c23286f5b4982727ec8a5f40b33c455812fbcf0e4e307b05bf93cf13567a365565458472b5875dd3f62e0e45db3bbc17ce48353eb14325fa2e0f7ddbb165e276132aa1399349219feacd9decb377638a40b4187a11343c653458d20847e56457db4bf662b386b12b3957163ce7295b40a2a905c14ec3665a437f730de8e997ac1f2fe87c23c0d317070fde1f3d4ff5c984cf43035956c6f9ea0921686f78c699d45f2bdf536b310e3171ee923650d1b45f9c1cb543ff7f4d86c82e3342188b762722205e566aebe864b370b2be74dd7d1492f1bd624514b8d60c009a5c3bee36256e84bce1cbccba81986d4a8be3632fb140782b491fcadf99fe0395858d9da1b4ced5facb791a2f091b8161f5002b676edc0ad6ecbddf3e2207f57e124f91cfea9a0281956668c4a43b3c0c9641500e6303e1c45647d695d358045aaad1f7a7b2a52a04c2b74b981912a05b0c53ed5f3d900140563be1b8b03a92b3eaa78e44149c87c78e261b8d709225c4259edd3b4bc0984fe016668798fdc9247c0a8d192593463c80fdd6fd1dc01593dda33ff8589f41d841d97310b8d735e36a6fced6697070ad599fbc40cef4cc76dcc290caf6657af8d49bda19a76c20755524ee5c17903bd3d3cd0d5a3e208fedb2f2628da83cca3b1413cedead5017a534d2bfa60a5ef956098b148238d4fc0dacd258223c78d70af3e2c65329dc032f66a4b70cc08b74aa8d04c02097e673ec2ea8ff05225d3a80f98ac50d8fd6cb8d4c139d042b3839f4a3063e82ed1abf76b6a5785b1eae095eee10d2982d2d3536d8d42decf1d8edcd6d9ec97e0faf949310061b44aa5185e2fe75af6cb31312b8d392adaf92c486b5d97e63ce42107a46f02fffa040e3aad6f8092cdb213fa57b3e5bf44380d0334ed63dea5cb5a743a56039215b615ad1f780a5f7050c9b9bc7f8c0195222fad9d52263785ede56c3e95bcefa0f8b81ea81e29504f199a0fd145b40196b16ecc82d7f86c71371bea8089eb16591051c528a96392751dab12d78d7499e82bc91b8eefbe82ad5ee8b7054f5299b44764e6153adcf85fe8b5a3d6c86726b2d8268582a7524f1f8c5186e397f385917a9dc41b8aa0d5146e8c51ab505ba1f262842bb90eae5732ac1ff888a012990b1971df69c39b7be158eeeb51bb2a5dc9dcaa36beb2abbca53309b78c1193b04de2c690437ec377d637d12441a20aea7cf12804c505c18a5b988347408b9fef91b8c9d9b7273b8bc85d6388f8d9681feea3b43653f3d60ced0165d4c3cbd8f6a574662948995acd3beb5ba01ed7657e0d4018c5f93afcb3e1117adf7a71be62057e3233a3010041b2998710aad90ea130eab124979a8fd237483bf6522b3397c652bae3ca943e60d5f113ae325132bcb8b244c59d3876c374511ef440b1b1641f621fd6af9c86ff8e3ad236fdac4c30004b4e6fbbbf2690f53f358d0192e163d6293fc612dc54f3e9864e68dc45d6e9471a8e4af1485b8678f6777b3cca76747c762f37dd0a3b9c3207ad8a5bc5cc0d09a109073ff274e39f7ea8bfb61ed0bc81816a1ad5ecdf00ef42f34cadf66d147c469a014913bad57144af0ff73c320b3c92d4c0045db2126348f54c1c01b56032553c6913e78b23aaaa095af46330edd1d9845a253500ff8fcfe4c932411eb7b5c30342f02275e2be26d494d12f3929b8b26866f5e085e38f1242a66ca3ac896b21b6ad913ae73d35e3912b7fadd908a53f255e94182d4d844b4293aa47ea77cfd355efc12e62e43c30755df435e35872de6f644d9787f7143e1adb73dcc346964f0fbd28c5c41cdd739700ccba9bed28b869f68dd51f75ba9f4f06d2c5a4781534e5b29e0b38c63af570dee2c76c3ff998efa6e454ead0a414195f08a1646ea03581be279b8ce8fb2acea2c9ae6f80446e972e421cead4dc55127f781d459394a816fcb2383bee8d30c9e6d4917c0e8f0a1aa58bf9e8cf440da64a6052de246dc0ce8dceb2a4e4ce73317dfc2eaab089a424963caf537c7c99856b161eb0faca8c00430cc0e1b622997760dac5f15c9a7c6346b1c39a5c2a9f5b2636ec09b62ad0c72d7cb76ad17c12699321fc834e3234fb6dc4dcb6af8a996c99f4d7cdc7ac697579526a251a5efa20166f833e9ffc35fcae891bfbaecf87d0942569a3f0988b94589f3a5b79189f1d855d223ec8c4c882b2ce291786a6548441e9db5bccc7e9dd01811db756cde685a132065d7adad018a046dc6c0ec75ea3a330258414e24e6e7cdf6b285f21b3186a10ba0583d0b01c214aae9b0b13cd51cc5f05de6fcb92de52ed68bde01401e2241259711bbcc46e29c9173c1574db99a63cbb8ab3190d550bfde78051c5bb88e314e6d75a9a9d08ab880a5ee6fc6bfd9d43c83ba46182bb6498a192f2eb25593b79f6db328c2496d62febc1c0f925d6155737da7da3348dac6a6c991ba0c9af526268e74658ff90db8b2ed9ce1a715e75a4d76cc5937e9e0f455ff0615993f450fd35b5af9130b39aae5359a4da33b352577e3ae4530f78fcc10f0eb9c5a42cb1c36e835ca2f0f28a39251dda9b5b357a28f9bba9fa7b7613fda5564d6a478003efc2d3f10bed387129be6b3ba2108a3fe91c8e2d5e20cfe9deb9b0983f3cac97d9137df6e351a2ac1467523c9d3c9e9c36e400abc2e07d44f71ebb788ebade2e76eae3071835996c27fcde687f5308b4f9c6d19650a2770c24f1dd771af5ba8c7d98fb744bf8b44960d8b82465df1a8194795577902c5b203714e34a01cb1eb73bb3488012f8b0fd8173766f480d94c158cf8a6fda9311591e5bda5f01c31cbab6c3365977bdea09a6432bdd2957140fa5409d5517178d6f8e301398415bff5aa45f87e669b814cabea8cc7cfadeff1a7fae20702b9173b05b90098c4e41948e2858dad560c6562ab06b6b394920ca63addd14be3d6a2e6f41a40699ecf4fe6766bc37eddef5d93ae0b454e0e6d6d184dbad8a706a71669adb4ec8ba25c226e9b317bc7a534adf5905da5870201fd0c2018d04168287aa31e66fd06adbaac1ebbe75acc56445a33b6e0ea551cd12fcc7f9c2b7bae0f5371a89df53ac5ef4f43acb4731ac667942cdd890f0a4c5be98eab1f1bdedb2ba7583a48927e9e78e392b3ba9fd2637ac5da5cec210071763877dcd1a131422f14b9e563f538a612a31b72ac9eb472448ccea604a715f3aab79497631765f66ccb9d7e126a4e198a23a38e67c9b37f21fb31569dd171ff43ee94312eff3e979152cad7c419bb792441a79015ad0aca4b27793ac2d6102a22466fbc5f2c67e19ee72b09749870bf2e8733cdc95136dadde35a99e1b72211b4b7a933ed371cb6c7cf52e9ae115ae84eb37ceba914d1bb11e0c14ee34f3a2edd9147e57fe0c0f79cc47a05804842e244cc1942084e9b7177511e366f43a7bc61114eae56a1fa730ea5990e0c45c1fa95d16ec8addc3c3a8296650d8e51af5bcd924dd5749748fdd3653117799393fe16256720e2ff8a13f555689fb06c5c526761a600f3c45c016a4f154b47a4aaeb1e591fe58b0112b49bc6d739b34a7d2ed79ef2b7e0c603be9ab54f1dc4db18c44f527e6e261b5c2481b062ab0a95b1ac0a323dea24be42b544d3ffa2a4d2728db12f624f65b7016e23a02ae20f2a0e3c5371563389bcabb4fc60b85ff767c62c5cedf2dbf0c5c4e2c03f818f3b326b05316f8187d69fa3a852b3dc3d9a1a3b38d0a962ee2c6b9eb838147b3c7575e108d83f5b77cdb1168ad24de67a4f7b131e482673cd722d36cc5dff6f81bb33ddd4eeeb07f614543172135d453977d9e1760c4788ba71d57fe9d1a154a4545b532e68ad1f29a054e2e350ec4419fa19f30b7d3c2e7f503c3c7dabc8f58ebc019694fb23457ff12467b28e9973ce9db61a16fe861d8e5bbf1ba05b9e06f5369dc17b1bead8bc1106b022070d6e752eee106c7e1b4ba72bfa8d6b53c693d82dce2873addefd9d8a04f787cbdaebaa3e8833298f9de6f78af621bd7b1e30ecc4a443e9c6280b33f096f93183dc868ed748d121df6ee303d13e2eef40ca06bd060c5b70e4f18456f355bb31ae5ebd94fa8a4bf529d4fee850891ec4a3840a7a0f0c1a7f2764da91ee6b03300b02ec405631ef05497fd07124d87c62b24c87a8505fa63565b7e3d3f9da0fd4b38808e41a2cf30c5b22b8d0484a2e0f566ef626f099ea962eb57b76f28e8c46b9238b03b6af44a2e2e599c93e7110f3c4113b27693448d19cc522ae5f1134d94125cd76d7fee3da6115664ecd8d95df04add0e31144737b284d34742f56332946f5ac123bf798564d89b385984d4133b86d1afcc7dd49ddffccf0bf3e73f760d084de0c6cc1cc3e9815ffe09c1417eddd33799b179ada9a8a369ed9bbe6f78c0d906a78906e906242e60e9735034b95f75b163ad85577a8c0d226c3c9d5fcc9a58fe8ca991ed0aac3625faa72507a3de21009c829ab36562867bf22a7933f6398a226ae4d8299cbae89b33f48f0d926d135e4fc6a656d42779fb3592dd08d78c26bab7e0f168c02235893d398bebccf13351844178532257bdca98e6febf381c332ac91402cd2bb3f90a4a8e29046c45b3460007897b71ce23e5c677a54fce240aa8c8aa27c5291f8109295db95de91d9b1a789aab4d3d2c5680c7aa2ffffa93d49e647bdf3ba7fc3b108a54aaf3f04cb9b9a016e8e2600046cb253da7b31921ffc871416bae8c61a2d4b41fc7bf1a328c6139a0e0255c762dd94f00404c7a5865102165231b1d921a7c4fa99d787532b1386a11551eaac4d1ba21f9de52552a265d04429", 0x1000}, {&(0x7f0000004600)="c30b7951be56404f9038681698c1917e89c100e9ae69d84617cdbb47505cd4c6f40e5e4a19c951bb82c88fea53906c60f4babca4d642215d0358c3bc443c874db15ba385985bc0ce43c928b28b6b8770f3a7ae872954ef6a2dd1c912cf627b5cf979c5fa188eb09605cdadbc9d5babf91f19219313e5c052c74774b732689d019bb2af813ff6b7af2fc852dcea48b2b848dbe48c6fea6a921ae296c1b69ec02ef47e3854c5d00e55183470d7e1a88ae8353f27fa33d6f5f827569e50b0b23108e59d35f0c5ea6ff5a35b24f0485f8c858c3cdcaa53305533c8f63dea99f1ddb6ddc82b627d9ae4cb525734145ac5add926551bf450", 0xf5}, {&(0x7f0000004700)="48d826c198aea7373500a13b6ddf19dec0bd62972272c6c1c1b4cbb8c5b6b711d46e44d5d765002a9488a19dfec656b57a9069d2e22bf75ffc93e81a3111565e4ced401f59e4f3ae460251f1a721d719b819929c11bce5481fd71e6d5a9425655d2b93c2d05c164ad3535221d7a492d17b3799f2bd06b9a3c3b99c6d8e58f248392b7cfa3e37275a83d3596983ed0c9187ac43df1ca0ab14a14f0cdc51cd6f791adb4662f3764bd510dcaf7d4a2bba7ec83326ad47e8c33c0b9e0ca840b951d188c4c6b103b363c979d9e7098b", 0xcd}, {&(0x7f0000004800)="2d885717e867ce13474204b045c1cdb0a030e5c66d9bf084961ed1b74032c22ee57080e79f6cc4a31fe943ce627d442114389ef1081545708a2efa66a390d1cc69e2d99450beaeaca4e8547bb79e7139", 0x50}, {&(0x7f0000004880)="78520b39e0ef0df6c734b659dfd8e80953d82c2d62072979a6a1c56bdd077ca7bb0493041807c18d82f2b8648172d28e5670449040cae922efd7cd747a7e895ebb84d3b1a8539929ddc49be4b59dc6412c8362db9f0bd33d018ab0eaa99f367fea4e92ccadb12203b537e0137411c816d08bab971b153f7730aca54a0fe94b69881ba4ed5c6f44d4a438119bb243438dd2ce7ae73e7dbf63d8d13996e74f9145f610c245bdb5d1982536f14f579f3680640cafad83e39a6dfbee4bcc6398a13f897f86686ac6f6c344a7fd71fd78f30cd0", 0xd1}], 0x7, &(0x7f0000004a00)=[{0x90, 0x130, 0x101, "b0b1292e3c9989f9220733894781c79449d9d9196626941594ff381ad7df91c51dcbb74af889ea22d615d3a345b5e30a2b338bf7418590be343b900181b16d2b6d22b6de4ef286ac5998942705187bc6416b2490cff1ac3437e020802e4a94735d1e52ee937bacb924e29b1892838d6f28ad703bc7e066643a08"}, {0x48, 0xff, 0x3, "c68d3f5f6252e870b47e59de1e67311f5184be02297ce77a4400ec0d348eb12f395d76f9ded7055e2ee4c5ba92cfe03b7c640b11"}, {0x68, 0x10f, 0x5, "3e277d283989831b30bf9b330930563d04f0e9fadd5410db815c292a9a09bad3d2141216778bd8bf56ff465af565150ef7f56c5c288d0f3728781f499ca6572e007ec2f0435b211c361433fd5b775498ba"}, {0xa0, 0x11d, 0x1, "1fdb34d635457ac6a5b5c76327e4ee83f77cbab8cf9256fd7210095902f46f01ee7486a7a5f7d22d9917c722f75a68885a6f20bfef8f332ce4e5b4c41faf95e7dc2e402a887c0959738b672b848054e686a5ec5b85a12d357345bfe69598a154110133bd6de1e2c40df51a5ef88bce1c2fed2a0eb132f1a959b445bf24c7415709edc5fe3c8b87386c"}, {0x30, 0x6, 0xf0bc, "0489c10a84d18dd0d16beb670eaa489dd4d396c977172a7a077507919d4b5299"}, {0xc0, 0x10b, 0x3, "95330ac7a079639d0017870a4e8e770a26adc9bacf6591247a2e98722579e7c92f0244781e552d383b64065178f05437701248e291a28042c3e1803f11c193a900763c8258c0039ea15a815b059a93311c4c314e28524ad5c40a00c3a28f2f25a24197c94bc38d83d2abc27b5a3279a05f47e3fd2b0752c72b1541d2a98397c5f3f819e1f7c2bc7466ad480ef988ae4d02c356bf88b42330521d2d484f389fde0f8f0e319b75d17a2928c911c8249895"}, {0xe0, 0x105, 0x101, "1b41ad6b2173d76849c618ae71300b008fecd126fa9afa351dac0867b7e36a075ef94bfff077d837f65b39960c4e79ac7ffd0c984c51cc48b351ffea198792b8b167aecd0346f0009d3a0aa03ac5126d86a1eebf345436334487f4a89eec25bb99ffbdb1689ca7a891d5c4c00840e82b4205b4642d3a146362a2592a02a06d7da3b617d15fa99ccbfec2621c76cd11d77c16b27ca4ddca4c5dda1c2dc83c643b2ed7aea54793d7090e7e52912fba6f16d29a859b82cacfa701733caccd6e521aa95bb13b91a3a3041a611b86"}, {0x70, 0x115, 0xa49, "16ddae8afcbc1f5d83a88982d9f89b394e59d9f8b6441237d2301b98c85fa18799e7e183832bbe80ca130d1b3f38e8c4d60bfb0ce059a034a49b1c8be163669b75aafd62364fba9576c800672522763e762094cee367ea5c447ff1"}, {0x108, 0x108, 0x8, "e3124ed30f0dcb0abfad2a775ef40578801e87ce969bf812f722f14694bee5f9e9d9afddaadc853391c2bb7cf4429e482ccd19057587d07cb067c8955e85ca8d1275fb1371a0cc3ce55c013676eff379b798f7ab2c1e63fdf5ee65e97ecd4fc5ec81a5eac748b0aea46ac5c1771d455047b2c9a6e2d453114ea76f9fa2ccbfc82d948fb964b49dc643edfc2fac7711d3c0ca0afe92214ed98534a79aa3de6845c69e58fe0c37b6da5f065a5eb47f080b58c1b9f0b4c5d5b32821ee84231ee3f979e7a166f8d25d3092aa65141dba8c46fe86f0f96b7354fe3d63ef179e36104eb20223cb6a8f14a4c25a2858e911abab4548"}, {0x78, 0x109, 0x9, "a773b1fc2bb623fb228f80fb7d98ef36a5f9a71f04ac37e769a7a0bdfc681f0ebd1c574b449c603539b80fcf7a40e809f405eef0fa78c68003a5767f69ae6fc3e3ab2508508bc6650566ffa8b4a6c3022b6bd44439917307acbdf2988499ad00218f"}], 0x5a0}}], 0x4, 0x4004804)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
setsockopt$inet6_dccp_buf(r4, 0x21, 0xd, &(0x7f0000000100)="180a8f7466f48dd43d5878b23f3147dff8ca938de8d13285e39b500c761ec3d3a0f04d70da8b64cd29a542fbafda5e4acdc69db496b6cad5984498001b3777e99debc71fe2d4828495bc1d2a819ccb835d6b1189a226f608db65f393cabe4f5425554e4ea56c88830bd716dbef4b5d120c2fdf641801150ddaf5b96030618125aef66f4f0fad6432a8122966", 0x8c)
ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f00000001c0))

[  790.647038][T23955] FAULT_INJECTION: forcing a failure.
[  790.647038][T23955] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  790.669697][T23955] CPU: 1 PID: 23955 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  790.678417][T23955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  790.688644][T23955] Call Trace:
[  790.692007][T23955]  dump_stack+0x11d/0x187
[  790.696418][T23955]  should_fail.cold+0x5/0xf
[  790.701080][T23955]  __alloc_pages_nodemask+0xcf/0x310
[  790.706490][T23955]  alloc_pages_current+0xca/0x170
[  790.711521][T23955]  push_pipe+0x18b/0x340
[  790.716473][T23955]  ? __radix_tree_lookup+0x18d/0x1c0
[  790.722041][T23955]  iov_iter_get_pages+0x49d/0x8cc
[  790.727108][T23955]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  790.732999][T23955]  bio_iov_iter_get_pages+0x106/0x5a0
[  790.738386][T23955]  iomap_dio_bio_actor+0x5e8/0x970
[  790.747000][T23955]  iomap_dio_actor+0x83/0x390
[  790.752351][T23955]  iomap_apply+0x1e6/0x660
[  790.757527][T23955]  ? iomap_dio_bio_actor+0x970/0x970
[  790.764085][T23955]  iomap_dio_rw+0x67e/0x9a0
[  790.768577][T23955]  ? iomap_dio_bio_actor+0x970/0x970
[  790.774354][T23955]  ? ext4_file_read_iter+0x2b4/0x360
[  790.779820][T23955]  ext4_file_read_iter+0x2b4/0x360
[  790.785232][T23955]  generic_file_splice_read+0x2df/0x470
[  790.790785][T23955]  ? add_to_pipe+0x1b0/0x1b0
[  790.795470][T23955]  do_splice_to+0xc7/0x100
[  790.799983][T23955]  splice_direct_to_actor+0x1b9/0x540
[  790.805431][T23955]  ? generic_pipe_buf_nosteal+0x20/0x20
[  790.811020][T23955]  do_splice_direct+0x152/0x1d0
[  790.815912][T23955]  do_sendfile+0x396/0x810
[  790.820795][T23955]  __x64_sys_sendfile64+0x121/0x140
[  790.826001][T23955]  do_syscall_64+0xc7/0x390
[  790.830535][T23955]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  790.836508][T23955] RIP: 0033:0x45c479
[  790.840702][T23955] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  790.861583][T23955] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  790.869994][T23955] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  790.878569][T23955] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  790.886554][T23955] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  790.894664][T23955] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  790.902734][T23955] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000e
04:46:01 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[@ANYBLOB="00000000100000000063f570f68a000000000000", @ANYRES32=0x0, @ANYBLOB="a370f6569c4610ee0000005da63eaa1000"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x5, 0x0)
r9 = getpid()
sched_setscheduler(r9, 0x5, 0x0)
r10 = getpid()
sched_setscheduler(r10, 0x5, 0x0)
r11 = getpid()
sched_setscheduler(r11, 0x5, 0x0)
r12 = getpid()
sched_setscheduler(r12, 0x5, 0x0)
clone3(&(0x7f00000006c0)={0x8000, &(0x7f0000000080), &(0x7f0000000500), &(0x7f0000000540)=<r13=>0x0, {0x20}, &(0x7f0000000580)=""/71, 0x47, &(0x7f0000000600)=""/72, &(0x7f0000000680)=[r8, 0xffffffffffffffff, r9, 0x0, r10, r11, r12, 0xffffffffffffffff], 0x8}, 0x50)
getpgrp(r13)
close(r7)
r14 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r14, 0x200004)
sendfile(r7, r14, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r14, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:01 executing program 1 (fault-call:16 fault-nth:15):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:01 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x5)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r4, 0x8982, &(0x7f0000000040)={0x7, 'wg2\x00', {0xcc7}, 0x88b})

04:46:01 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x81, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xaa, 0x40000000}}, 0x0, 0x10000000, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  791.511886][T23979] FAULT_INJECTION: forcing a failure.
[  791.511886][T23979] name fail_page_alloc, interval 1, probability 0, space 0, times 0
04:46:01 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000000200)={0x6})
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$RTC_EPOCH_READ(r7, 0x8008700d, &(0x7f0000000240))
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000080)={0x0, 0x2})
fstatfs(r0, &(0x7f00000006c0)=""/4096)
r8 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80000)
getsockopt$IP_SET_OP_GET_BYINDEX(r8, 0x1, 0x53, &(0x7f0000000180)={0x7, 0x7, 0x2}, &(0x7f00000001c0)=0x28)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  791.579889][T23979] CPU: 1 PID: 23979 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  791.588706][T23979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  791.598793][T23979] Call Trace:
[  791.602457][T23979]  dump_stack+0x11d/0x187
[  791.606814][T23979]  should_fail.cold+0x5/0xf
[  791.611456][T23979]  __alloc_pages_nodemask+0xcf/0x310
[  791.616767][T23979]  alloc_pages_current+0xca/0x170
[  791.621819][T23979]  push_pipe+0x18b/0x340
[  791.626090][T23979]  ? __radix_tree_lookup+0x18d/0x1c0
[  791.631520][T23979]  iov_iter_get_pages+0x49d/0x8cc
[  791.636613][T23979]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  791.642535][T23979]  bio_iov_iter_get_pages+0x106/0x5a0
[  791.648019][T23979]  iomap_dio_bio_actor+0x5e8/0x970
[  791.653311][T23979]  iomap_dio_actor+0x83/0x390
[  791.658242][T23979]  iomap_apply+0x1e6/0x660
[  791.662874][T23979]  ? iomap_dio_bio_actor+0x970/0x970
[  791.668993][T23979]  iomap_dio_rw+0x67e/0x9a0
[  791.674040][T23979]  ? iomap_dio_bio_actor+0x970/0x970
[  791.680640][T23979]  ? ext4_file_read_iter+0x2b4/0x360
[  791.685950][T23979]  ext4_file_read_iter+0x2b4/0x360
[  791.691238][T23979]  generic_file_splice_read+0x2df/0x470
[  791.696929][T23979]  ? add_to_pipe+0x1b0/0x1b0
[  791.702026][T23979]  do_splice_to+0xc7/0x100
[  791.706506][T23979]  splice_direct_to_actor+0x1b9/0x540
[  791.712786][T23979]  ? generic_pipe_buf_nosteal+0x20/0x20
[  791.719113][T23979]  do_splice_direct+0x152/0x1d0
[  791.724529][T23979]  do_sendfile+0x396/0x810
[  791.730044][T23979]  __x64_sys_sendfile64+0x121/0x140
[  791.735463][T23979]  do_syscall_64+0xc7/0x390
[  791.740484][T23979]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  791.746925][T23979] RIP: 0033:0x45c479
[  791.751306][T23979] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  791.774413][T23979] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  791.783192][T23979] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  791.792038][T23979] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  791.800464][T23979] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  791.808532][T23979] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  791.816636][T23979] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000f
04:46:03 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:03 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000080)={0x30, 0x5, 0x0, {0x0, 0x4, 0x100000001, 0x80}}, 0x30)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="0000000010000000000000000400000000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:03 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x64, &(0x7f0000000200), &(0x7f0000000240)=0x4)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r9 = socket$pppoe(0x18, 0x1, 0x0)
ftruncate(r9, 0x9)
sendfile(r4, r7, 0x0, 0x80001d00c0d0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000440)={<r12=>0x0})
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f0000000300)={r12, 0x17})
ioctl$DRM_IOCTL_DMA(r11, 0xc0406429, &(0x7f00000001c0)={r12, 0x3, &(0x7f0000000040)=[0x7, 0x9, 0x4], &(0x7f00000000c0)=[0xc0], 0x0, 0x1, 0x7fff, &(0x7f0000000140)=[0x8], &(0x7f0000000180)=[0x0, 0x7, 0xafa, 0x1, 0x9, 0x8001, 0x5, 0xde000, 0x20]})
ioctl$NS_GET_NSTYPE(r7, 0xb703, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:46:03 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f00000000c0)=0xde5)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r7=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r7, @ANYBLOB="00000004"], 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
r10 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r11=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r11, @ANYBLOB="57a1ac0e"], 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000700)={<r12=>r11, 0x400}, &(0x7f0000000740)=0x8)
sendmsg$inet_sctp(r5, &(0x7f0000000800)={&(0x7f0000000480)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10, &(0x7f0000000680)=[{&(0x7f00000004c0)="be1c43a6294bb0cc6b2fb11b6347f98587812ff67eaa9caf5649a6270b6f557b893d907bca5f06f33eeffe", 0x2b}, {&(0x7f0000000500)="7d68df3e1b9bfe6141ed2dd2da72ed24a9cbe826e2e315568024b5f86afdbc2afb7e765cac43271ea661", 0x2a}, {&(0x7f0000000540)="7e03b6cca10fe10e1a0503efd581283d924cceac90a674a8505617a03b4401cf820438cc1f8a2c6e49181a6ca153fdbc40e42e527fee62d60eb4d7727d289b7250823550646bbadc3d19ed9e25060251914c78e845ca02acc0ad8df7cf687b3bc901ea1b72c080839240a2f6b9d672120c91fda6c98b05010336cdea53", 0x7d}, {&(0x7f00000005c0)="d9ba5c3e9ba55a0811018738941c93e467df5cb97542174a87c17462d9c79eadd7ce5155f6acf15592e9", 0x2a}, {&(0x7f0000000600)="77e584eafc8c84ec2d1d4aae64e6668a73f28aa991c0b81ad5d5567759492e08fd5a11ab0d76dad348c8b8df2fcfa54ca26ebcc57877deb984231871044d712844d9a9ad60c7041dc1eac7f8ccc9ee1afaf0613af590b40f212bfe0d87f3d754dbd3d2a4ae690082c65a684af6ac5c4924c725993abc", 0x76}], 0x5, &(0x7f0000000780)=[@sndrcv={0x30, 0x84, 0x1, {0x2, 0x1ff, 0x2, 0x7, 0xd4, 0x5, 0x7f, 0xc8, r7}}, @sndrcv={0x30, 0x84, 0x1, {0x1, 0x6, 0x1, 0xfffff000, 0x4d, 0x0, 0x1, 0xff, r12}}], 0x60, 0x4044004}, 0x1010)
r13 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
r14 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_ENABLE(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x24, r13, 0xc573de0d27bdfe6f, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x10, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x9, 0x1, @l2={'eth', 0x3a, '\x00'}}]}]}, 0x24}}, 0x0)
sendmsg$TIPC_NL_NET_GET(r1, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x220, r13, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x663b}]}, @TIPC_NLA_NODE={0x24, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xbe6}]}, @TIPC_NLA_NODE={0x28, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x80000001, @mcast2, 0x3}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x3, @rand_addr="01e1ee6c9c6296494473cc7d0fe7ab87", 0x1f}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x29e}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x100}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x40}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x469}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x8000}, 0x1d)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r15 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r15, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:03 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x5, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r2, 0x10, &(0x7f0000000000)={0xffffffffce3d77e7})
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:03 executing program 1 (fault-call:16 fault-nth:16):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  793.617750][   T27] kauditd_printk_skb: 57 callbacks suppressed
[  793.617767][   T27] audit: type=1804 audit(1583210763.884:7442): pid=24003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/552/bus" dev="sda1" ino=16769 res=1
04:46:03 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x100)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r2, 0x28, &(0x7f0000000040)}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  793.669110][   T27] audit: type=1804 audit(1583210763.904:7443): pid=24008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/513/bus" dev="sda1" ino=16961 res=1
[  793.697941][T24016] FAULT_INJECTION: forcing a failure.
[  793.697941][T24016] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  793.701168][   T27] audit: type=1800 audit(1583210763.904:7444): pid=24008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16961 res=0
[  793.715659][T24016] CPU: 0 PID: 24016 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  793.741089][T24016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  793.751415][T24016] Call Trace:
[  793.754722][T24016]  dump_stack+0x11d/0x187
[  793.759175][T24016]  should_fail.cold+0x5/0xf
[  793.763704][T24016]  __alloc_pages_nodemask+0xcf/0x310
[  793.769151][T24016]  alloc_pages_current+0xca/0x170
[  793.773655][   T27] audit: type=1804 audit(1583210763.904:7445): pid=24011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/604/bus" dev="sda1" ino=16962 res=1
[  793.774210][T24016]  push_pipe+0x18b/0x340
[  793.800818][T24021] tipc: Enabling of bearer <eth:> rejected, illegal name
[  793.803865][T24016]  ? __radix_tree_lookup+0x18d/0x1c0
[  793.816531][T24016]  iov_iter_get_pages+0x49d/0x8cc
[  793.821871][T24016]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  793.827793][T24016]  bio_iov_iter_get_pages+0x106/0x5a0
[  793.828266][   T27] audit: type=1800 audit(1583210763.904:7446): pid=24011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=16962 res=0
[  793.833206][T24016]  iomap_dio_bio_actor+0x5e8/0x970
[  793.833244][T24016]  iomap_dio_actor+0x83/0x390
[  793.863497][T24016]  iomap_apply+0x1e6/0x660
[  793.865738][   T27] audit: type=1804 audit(1583210763.904:7447): pid=24008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/513/bus" dev="sda1" ino=16961 res=1
[  793.867930][T24016]  ? iomap_dio_bio_actor+0x970/0x970
[  793.893528][   T27] audit: type=1804 audit(1583210763.904:7448): pid=24011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/604/bus" dev="sda1" ino=16962 res=1
[  793.897723][T24016]  iomap_dio_rw+0x67e/0x9a0
[  793.897828][T24016]  ? iomap_dio_bio_actor+0x970/0x970
[  793.923015][   T27] audit: type=1800 audit(1583210763.924:7449): pid=24003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16769 res=0
[  793.926711][T24016]  ? ext4_file_read_iter+0x2b4/0x360
[  793.926736][T24016]  ext4_file_read_iter+0x2b4/0x360
[  793.933676][   T27] audit: type=1804 audit(1583210763.924:7450): pid=24003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/552/bus" dev="sda1" ino=16769 res=1
[  793.954774][T24016]  generic_file_splice_read+0x2df/0x470
[  793.954800][T24016]  ? add_to_pipe+0x1b0/0x1b0
[  793.954825][T24016]  do_splice_to+0xc7/0x100
[  793.960694][   T27] audit: type=1804 audit(1583210763.934:7451): pid=24011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/604/bus" dev="sda1" ino=16962 res=1
[  793.967230][T24016]  splice_direct_to_actor+0x1b9/0x540
[  793.967252][T24016]  ? generic_pipe_buf_nosteal+0x20/0x20
[  793.967273][T24016]  do_splice_direct+0x152/0x1d0
[  793.967304][T24016]  do_sendfile+0x396/0x810
[  794.051861][T24016]  __x64_sys_sendfile64+0x121/0x140
[  794.057086][T24016]  do_syscall_64+0xc7/0x390
[  794.061701][T24016]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  794.067603][T24016] RIP: 0033:0x45c479
[  794.071616][T24016] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  794.091482][T24016] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  794.099930][T24016] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  794.107966][T24016] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  794.115951][T24016] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  794.123957][T24016] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  794.132301][T24016] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000010
04:46:04 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
setsockopt$packet_int(r5, 0x107, 0x10, &(0x7f0000000080)=0xb213, 0x4)
r6 = socket(0x10, 0x80002, 0x0)
ioctl(r6, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:04 executing program 1 (fault-call:16 fault-nth:17):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:04 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x0)
fcntl$setstatus(r4, 0x4, 0x40800)
sendfile(r0, r1, 0x0, 0x20008)

[  794.707685][T24043] FAULT_INJECTION: forcing a failure.
[  794.707685][T24043] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  794.746120][T24043] CPU: 0 PID: 24043 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  794.754828][T24043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  794.764951][T24043] Call Trace:
[  794.768316][T24043]  dump_stack+0x11d/0x187
[  794.772764][T24043]  should_fail.cold+0x5/0xf
[  794.777305][T24043]  __alloc_pages_nodemask+0xcf/0x310
[  794.782742][T24043]  alloc_pages_current+0xca/0x170
[  794.787968][T24043]  push_pipe+0x18b/0x340
[  794.793697][T24043]  ? __radix_tree_lookup+0x18d/0x1c0
[  794.799273][T24043]  iov_iter_get_pages+0x49d/0x8cc
[  794.805557][T24043]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  794.811840][T24043]  bio_iov_iter_get_pages+0x106/0x5a0
[  794.817288][T24043]  iomap_dio_bio_actor+0x5e8/0x970
[  794.822873][T24043]  iomap_dio_actor+0x83/0x390
[  794.827760][T24043]  iomap_apply+0x1e6/0x660
[  794.832280][T24043]  ? iomap_dio_bio_actor+0x970/0x970
[  794.837872][T24043]  iomap_dio_rw+0x67e/0x9a0
[  794.842982][T24043]  ? iomap_dio_bio_actor+0x970/0x970
[  794.848332][T24043]  ? ext4_file_read_iter+0x2b4/0x360
[  794.853654][T24043]  ext4_file_read_iter+0x2b4/0x360
[  794.859030][T24043]  generic_file_splice_read+0x2df/0x470
[  794.864737][T24043]  ? add_to_pipe+0x1b0/0x1b0
[  794.869353][T24043]  do_splice_to+0xc7/0x100
[  794.873985][T24043]  splice_direct_to_actor+0x1b9/0x540
[  794.879390][T24043]  ? generic_pipe_buf_nosteal+0x20/0x20
[  794.885844][T24043]  do_splice_direct+0x152/0x1d0
[  794.890795][T24043]  do_sendfile+0x396/0x810
[  794.895260][T24043]  __x64_sys_sendfile64+0x121/0x140
[  794.900575][T24043]  do_syscall_64+0xc7/0x390
[  794.905113][T24043]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  794.911166][T24043] RIP: 0033:0x45c479
[  794.916033][T24043] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  794.936037][T24043] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  794.945830][T24043] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  794.954134][T24043] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  794.962136][T24043] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  794.970558][T24043] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  794.978685][T24043] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000011
04:46:05 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x8, 0x90a00)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205648, &(0x7f00000000c0)={0x9d0000, 0x6, 0x0, r3, 0x0, &(0x7f0000000080)={0x990a65, 0x9e6a, [], @ptr=0x7fffffff}})
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x20)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)

04:46:05 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3}, 0x0, 0xf, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:06 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:06 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000540)='/dev/mISDNtimer\x00', 0x81, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
r13 = accept4$alg(r12, 0x0, 0x0, 0x80000)
r14 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r14, 0x4, 0x0)
r15 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r16, 0x200004)
sendfile(r15, r16, 0x0, 0x80001d00c0d0)
r17 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r17)
r18 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r18, 0x200004)
sendfile(r17, r18, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_G_EXT_CTRLS(r18, 0xc0205647, &(0x7f00000016c0)={0x4, 0x2, 0x6, <r19=>r1, 0x0, &(0x7f0000000580)={0x9a090f, 0x7, [], @value=0x60fa}})
r20 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r20)
r21 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r21, 0x200004)
sendfile(r20, r21, 0x0, 0x80001d00c0d0)
r22 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r22)
r23 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r23, 0x200004)
sendfile(r22, r23, 0x0, 0x80001d00c0d0)
r24 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000018c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
r25 = syz_open_dev$binderN(&(0x7f0000001900)='/dev/binder#\x00', 0x0, 0x804)
r26 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r26, 0x4, 0x0)
r27 = fcntl$getown(r26, 0x9)
getresuid(&(0x7f0000001940), &(0x7f0000001980)=<r28=>0x0, &(0x7f00000019c0))
lstat(&(0x7f0000001a00)='./bus\x00', &(0x7f0000001a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r29=>0x0})
r30 = getpid()
sched_setscheduler(r30, 0x5, 0x0)
r31 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r31, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r32=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r32)
r33 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r33, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r34=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r34}}]})
r35 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r35, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r36=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r36}}]})
r37 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r37, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r38=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r38}}]})
getgroups(0x8, &(0x7f0000001d00)=[r34, r36, 0xee00, r38, 0xee01, 0xee00, 0x0, <r39=>0xee01])
r40 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r40)
r41 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r41, 0x200004)
sendfile(r40, r41, 0x0, 0x80001d00c0d0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r41, 0x29, 0x22, &(0x7f0000001d40)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r42=>0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000001e40)=0xe8)
r43 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r43, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r44=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r44}}]})
r45 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r45)
r46 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r46, 0x200004)
sendfile(r45, r46, 0x0, 0x80001d00c0d0)
r47 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r47)
r48 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r48, 0x200004)
sendfile(r47, r48, 0x0, 0x80001d00c0d0)
r49 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000001e80)='/proc/self/attr/exec\x00', 0x2, 0x0)
r50 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r51 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r51, 0x4, 0x0)
r52 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r52)
r53 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r53, 0x200004)
sendfile(r52, r53, 0x0, 0x80001d00c0d0)
r54 = getpid()
sched_setscheduler(r54, 0x5, 0x0)
r55 = getpgid(r54)
r56 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r56, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r57=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r57}}]})
r58 = getpid()
sched_setscheduler(r58, 0x5, 0x0)
r59 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r59, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r60=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r60)
r61 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r61, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r62=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r62}}]})
r63 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r63)
r64 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r64, 0x200004)
sendfile(r63, r64, 0x0, 0x80001d00c0d0)
r65 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r65)
r66 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r66, 0x200004)
sendfile(r65, r66, 0x0, 0x80001d00c0d0)
r67 = syz_open_dev$audion(&(0x7f00000031c0)='/dev/audio#\x00', 0x8, 0x341481)
r68 = getpid()
sched_setscheduler(r68, 0x5, 0x0)
r69 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r69)
r70 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r70, 0x200004)
sendfile(r69, r70, 0x0, 0x80001d00c0d0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r70, 0x29, 0x22, &(0x7f0000003200)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r71=>0x0}}, {{@in=@empty}, 0x0, @in6=@initdev}}, &(0x7f0000003300)=0xe8)
r72 = getgid()
r73 = getpid()
sched_setscheduler(r73, 0x5, 0x0)
r74 = getpid()
sched_setscheduler(r74, 0x5, 0x0)
r75 = getpid()
sched_setscheduler(r75, 0x5, 0x0)
r76 = clone3(&(0x7f0000003580)={0x90000, &(0x7f0000003340), &(0x7f0000003380), &(0x7f00000033c0), {0x36}, &(0x7f0000003400)=""/173, 0xad, &(0x7f00000034c0)=""/109, &(0x7f0000003540)=[0xffffffffffffffff, 0x0, r73, 0xffffffffffffffff, r74, 0x0, 0xffffffffffffffff, r75], 0x8}, 0x50)
r77 = getuid()
r78 = getgid()
r79 = eventfd2(0x0, 0x80801)
r80 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r80)
r81 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r81, 0x200004)
sendfile(r80, r81, 0x0, 0x80001d00c0d0)
r82 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r82, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r82, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r82, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r83 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r83, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r83, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r83, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r84 = socket$inet_udplite(0x2, 0x2, 0x88)
r85 = syz_open_dev$vbi(&(0x7f0000004040)='/dev/vbi#\x00', 0x0, 0x2)
r86 = openat$capi20(0xffffffffffffff9c, &(0x7f0000004080)='/dev/capi20\x00', 0x141040, 0x0)
r87 = openat$procfs(0xffffffffffffff9c, &(0x7f00000040c0)='/proc/vmstat\x00', 0x0, 0x0)
r88 = getpgid(0x0)
getresuid(&(0x7f0000004100), &(0x7f0000004140), &(0x7f0000004180)=<r89=>0x0)
r90 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r90, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r91=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r91}}]})
r92 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r92)
r93 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r93, 0x200004)
sendfile(r92, r93, 0x0, 0x80001d00c0d0)
r94 = accept$inet(0xffffffffffffffff, &(0x7f00000041c0)={0x2, 0x0, @loopback}, &(0x7f0000004200)=0x10)
r95 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000004240)='/dev/vcsa\x00', 0x30441, 0x0)
r96 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r96)
r97 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r97, 0x200004)
sendfile(r96, r97, 0x0, 0x80001d00c0d0)
r98 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./bus\x00', 0x141100, 0x34)
sendmmsg$unix(r4, &(0x7f0000004380)=[{&(0x7f0000000040)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000100)="3698b3e3ec206ab02514db22b349fe582e369f9a5f8cd43fff42afc99a86", 0x1e}, {&(0x7f00000006c0)="d73dff0ee3ec9cf3c254ff27384037b93572bf0f8590a67566a0edde608f26f57a313f5ff543eebd0317daf9d78904862726ef8844078b2720a26691f8dd0a877f6ddb456989fba1e6c95058f343ae66828aa5f9a40137899f17a5c406848ead5207c44153a8a584171ced3f9da816f778aac1d2e37cbbcec8f91ee7a9f4da3008389e248c40aa9251b7a66ee860a0642e80b0707cae15e70dd3a68ac05b8a2f50d9e1b5bc5563670d4755711ff43b4ea1d8bfb1f19a47cded93725af2e06a2fa8ad1a8979ed3d75905d8524da0acb10b0a78e7906179750862d792c1d0d2c586e2596db7e2a34de85a14bd59e9ca8751a1b127be0e787167d78e3bb50ba080b67a4df3daf9e28ae68cf68cd571b9c3d40a47208e4ed0f916029dd11ac826d48d23ce0d42d7330f55ec9613ea9cf0ef287f7e18e5c991e61090f16fa4fedf4b2d6dd236cb78c2ab06046245d840d3b2a3ff2bc9c00fad424fc1f9e2f2ba5455c32ef7f86438e0500729a4d47c48b62c612e4e30007eb152868b0e74def99d0523f36b059dd952d73b906919c8600f0eed3b7bf3529f3332e3ade07b74687ba8ca671be22d2ab48ae44d719c072f5733be7dd4aa10d86a203f33ab2da91b5e06e842de3f17b03ab690ed3afa10386951ef2e7839e18fe22ee2f4875ffa38eb652377f66d5d952731ecd03d7f0b2dbd5c8d7cbdeb28c376cf3dd70537518f2c7ab43d7d13af8a2800c710ab6b1f058aa0daad13bb3e30c6aaf92ffe85093391a113b908cc548b804eb340314ce537ccb6e57b81b448df0f6e57c7b42c217c806a7a56ae402f90dbf323c2bc25ff8a81b2a52713caf41f78b6c5f29e0ab2fc76312673e00a0899dee9779fb46d66f625f7bcef2fe0416ea046ba06078aed6ea81dcf75244d943f6a8184043aabfd6f31ff7792fbef46068bc4d151f97897a91886f5caefd29bf24951af88b36fafbf4ee3d164c6a62240934e7c5ea9c1f4400a2c542ac1f9d4ab30bba1fe1795082a8ac581945ffc76d36d274632cbb5996deb79e56900c0fdfc39074a5d5b65e5f44f3e5d3e7f0e383ef3980f1738d974b3c0a26a2b8809a07ef9f7a3b32e17369534069840389c3d540706da0e464a8915a8852bbc45ab5a02081fa0d1823c35b5f49cab8c90992dddf088a18ad3032db7fd53a93ed94996fc2cf7b87c750e05fbf3e20c2b8e5c4e981243cab20e6121901b383cf31aeeb4e6aa5f43cc7f737c6cc05a4b7da46e58d982e4ec0570df359ddab31b8afc62b7847df6334029e227de5dc08d4d9e0a1726157b127563dfaaccba6f6d49c9c76808a181c933a7d1b96b5bbc762194bfd249349923996ba619f4150202c95d2aef02909a682133160aaa6c7b5aa26ac27885fdb746a072f68e952faec8ec99edd5c9aaa8b7af4c8415986cc8a5516c5350313f2cb52ac8dfce61ad09956910ac28ecc9d7e580a33008cbf78f204ed5a8e21a9f392b4ed0d732849c2c59667f404c781a97e414f85682f27787a3a3e6273b4c30fb1428317c75111b281491f9ee3e450fdd58eef9ee20db148ac0571a020d0dcb5acecdb3c68d3266b81f794f3de67698d954761d1d66bc40f5e540be491f7b81a38f325188b71e0dd4034449f8f9d91836252d5256170244b02ead3f3541c6f2d5cde76c4b5eb838d8273b9dbd9ae319494dceab636a2c7f5f967114bdd6e0cf7784673e5ade3fac8220662b9d49b132bc28e806d2ac4ffbd1f132b9ae898f494aa06fac1084b2b83be07eeffef1d31781cb814c6065c084a731c4dbdff4618e8bfab117d43d3e1f62939533f845a992dea5789a689f1d457e7e6c0f32fcbc2b46368f42a77002f84ba9e238aa4412d6312742e3d901bd5a1db0b962e623a99f50caafca81b47e6c5cf0a464e42364437b487f9e1760c45f78569390222d21ed1ef481c87e91f17d7eb64860ca7106f56f0dfcd4ea6bc148ff0858157c81ed7d72d79ac096231f316ca22afc185b279b2275017e873ebbbab960a3ed67d6ea61c9b0f830700e0455fdef07e6d6217ebebb4242f57237529a34f3b597dc55bd36e3fb4c3fcd037564bc52b16fd9948130034403eabab7ae89e80fc4d47476cc962ec199b74c6076f3075ceda57132f7857c9aca51d3eee27345898e78f725175e29f72f50e72d103ff1f10b8c33e8a5e357cfa292d14f88ea9584284516418a32c678111ea46ca42f5847db86fe358d56936769a54d51dc7e42ee14a4a13031da1ce19a39626e315c230a4aa738bfde5256f00733e02a213711be5cf7c525528108a6014f6c890dddf4d1674fc90ee6f9c2afa7c1c13a89709dbd8be152d5103020bdeed4177ef7ed926587a851e4ac856187dff14388aa96e510885227548c12bf5aa67de3a859d3cf4b5a821bbce6c7caa8bae6515b229f1644f909f3d3ecc98d79060972b4ae1ab9be42e37e52fe869b5a0859a689446b49fd10fa8f552624bf45958ca1d8c5729d3c49cdce5d9f02bb4c13ffce4eb52721a49c12e73825cd53540705a08c27baaa71174c13ea4e509bf8a282cb13ac7fc67305c96314b82d77cefdfd7110fc1b0afbbfc59ec774366bae8ef3baf45886108b018a108d8ed7f703137a39f01a186eb1ce03a67447c395ae3e0a9f32f2d89de7d62a9b9a3e5a5d0817eb612e4983dab6e2554d6eb83136713079ee79ce8c4c50e0aa3c753a3d2041e24f31d432d52a8fe6263575ab41676391b7d5c4d9159e5bc86dcc0b83fd40015261b5b1f5079789756c758ba7f76b2ee8cdeeb807c23a62eb8cbf3d9a05bc5c61297852c891456eb5b38afad95bd78a4df07543fdad1301c3bf756bd0616e361aae8cb5cab10d64e92955b6f04899c0b42cbb5d837ee33119b194b8cf58c3b37c940dd294a316399b624455f6d11f9649894d03265cae5018f391c111224bd8287f96307858c277d2ef5de454bb617ba9b8b51faad41adfc0343c6b5d9307f565db6431e75fd30e2072bd0802fb72b154e7691c735f91ed3ac538cdc271cac4ff2527af62f4c999741a03418d9619ffaaf93afa08df07f30c08a6c7a18eb9479fe4d682a916c427d7deefb9dbcd9499f73fa11e4275c33f249766774fc83301ad042607210c1fd8f3011d9a5ddafd5745428bd6f916b5e4813a81d81cb0ad6c7e4546ec85fca3a1a2a49ba6276ca5641e326401d3665ec14008989b3b0a19b65e656f6d2190029aba25a411e131e93e276e37375cafc195b7007dd1c9afa3303ea7d5053152ca4dc3357e8b709a018e99ddef2071aaf81f338f46212f845a25afcc3deb1dd01ae13387469057ac7c5431def8daabb245d3725234740913f106f85b818a923810549d9e81cb6e18ef2be5341a195909047f1117bae2d5665f79c7057380c72dd0a9395eaf771e6e6a6d57ca38d41f3967df52d72ebb6f055517fd1c0a271513dab7c89ac01b0e0d2d483b5ad92f08b991d5a1e85c6e81c2c0b814213fbb26b1379142db0bbe3ae566610c3c4728dfcee3f6039e9b5bf4aae30542b660d55ac3cda849dea94a194321ddd65ccf0578d24d944bdf29c5d357be97b3500696d6fde634f7757e43eca27dbb7e242a4882cfebdb087631380f31433bafed202c3ee43947023c9c25d924ce9bfe1d5fdcd77bb5b5ca826318813ce672a81230b7c1c709add2be8a2f8cf70ea81615103b9830d1eea0a8f316f1c5e296f2ce94c38bb9173f0cc80924cca2d4b533b3a904f975693a163247512431cc6bbfe306aecc6f329fe1556da1c3f4fca903040899ed757de99cdb2fb0a96a4692dcee0aa12ce1a13abeb0bb8376c0710ec0a22ba50b2fe3aaec05061dbe05f28313af8cb08eebb7c2486ef06f6a0484259f7d4db31ac8ae72567b98de2ff5aa658633ebba1da968580006d028f20eaa9dfe8db069b452c6d9b0e0a64ac8d29ac1b2bcef682c4d0a25733b99059377f1a5c7546e591c9a3d1adc6dfcce0c1fa41abfa42b4b44a2a8dedc26109f02fc98987e3bb41942f4d8ca818414b8d676913ce14509d5d97b1d586a56289a75369104b50c14042e109859b66b49b52996bd5d0d858241cb9acb8c0454bae458db0409f539f5e1735d5ede4f8a99d2c47fe3135d08c8ea67c3b33c6f84cdb7eb35b06649af138859b47e761f27869d261e1a9c7540ef1669f866b170e36b876d15ce7861c5b8b65372c5239cf334c49777d7795a523cbddd2b8481397dd074269d31e7b72dc8e5c9936ad8d9f351d5c5b97e4b2b130e04d0fb71d7d0f5e2b74c8a62f23fcf080ae38578cb3f3ec23f2e472697a9f8a4c57d8f1a8f64710bb457f61ad62c8bebf821ce12bc1ddf9a1ad8642005d7071f950a542b7ff5d81c27a37280b05706cd0b1a3898ac6d77820549f601db4eef010eed00ad22992ade2e0c08447789a04a72b8270f6937841c0bf223ce5454bba2fb0214558fdf24af266797422b8127ce1501b775d402458cca159c16a3e7155634d5ac94511aeba07307930bd120ace590561d797dbec29d5ee4d1b868787a66d54f63624134a957039434b630b1857c77474bd7176a73fa5d4d4fbcc146f699446f7aa1d1eba61801677c2d0b3cf367363346559ac370cf04a5f308e1dacddc8544fc334c3e47a515cac262814f23bceb8a4ee51ea2f0a69c11831d3fe03a6024fc94c0377beab2390faf45f749d5adbfe5612a06946a9eb9ba5a793e75a93c6ad3e9805b1b0e3ef42f5c89cf7314ba2a5da8d671eb8eb63c2d5de806e432b0eaa47290a8b33da07413e483f058ff48b561b3da5e034f75a6f096ca0724691876cfb24c8294c099af73e3c995a8b304cf953f2f21fdcbf2bb461bb201cfbc7312b7ba9641fa22d49fb6ae2494dfab3e9939ae7715e52f9476e998cfed263a82bf1b6375d3d3e76d128585d66d748c7e84e5d7bd18bc8e5e80aa4181b3b643c7481212d7eb6c155843384159a1fb4cd80c91ce58e15c8588ec714a8f7a13f5edcef9e682b52f8138ba3a66594290ee463649c3725273b4d4cb33e56ed7c23e4a26e3f10065f20e7813a1d00b8f0598e0c397b1b85d2ab0bf59b0d728a04976938adb79f2637464dec556ec32306c3e8f060e4ec26a5e7cd404bd9da7a4d271299b15cf70a777de35f2b6805017d5ec4d94602d3dcfd7757ccebb4a8c3df90db4c6448c434edf1ef3cd9d1b6ce68300514a34d26e5a523eeb621393e9a09cb8480f13b0bf250a09e3a63dc6cc09089cb78d4b506703c97c382e85b8897373e0ba2ba9d6c10030b34d907f3e10599d60bd3ad62adcad67efe35f3643ea2b29177770993b679c4d6bb4b627ec7d12eb8458d8ff87e6ea20f8ef7def4ee540c74181bda9261f63ccfd08908f7d2bb026f99633ec73643187ccd02d8bf2cec1bcf7b39599ac14a6fbdac878ffea26106d3eb59172bb086ad9fc5bb5536ea142759eed504e4983a40342c216d5edd255a3a0acc6d12114b5d4436984b85fde0d0e38c3d402319af0a1f382aec7102ef6d89f6cb3e9fade13a82e7a5785d3b0304246113a392054b9ba99be7c7e0131c60396bdaa276e82d7b96dc8be181649e29fcf7b3523b53d895881330ace9d536cb556e2a5b7ea32aaa3b036110425ddb04bb9776c0fdbf91a4169f05c0319b8e262cc961bdf8434d44fb65a4e27494534b2a5e77ced22ad617e019f57430fe992ee2de70cbfc85d55583026fad1d9ee4ccf6e97009385d9e10d0588962c13e3c4ec05eabb5c203bf4836173f2394f6a41faa9b8b1a752573828e4df65a35250335e3b8c996d56b4c1355a5b62ba81addc542486c7a45aa67", 0x1000}, {&(0x7f0000000140)="f8406ad009c9f5d9b7f1e972ae0399c2f33615557e65b817f96bd53e634470cfda3eb119", 0x24}, {&(0x7f0000000180)="47f0da774840ea586bec69425e7e12512b640a4ea50d02210321c378152c5d93309b8fbf18d7f7a69f36f4396a17b3c9721992419c1f73c98332f9a5a56a6112ec57973e61f8bf63c95e0a8664235eddee1f8752891ba88e9b2fc91543da3ac895de7893dabd08fbe28bb968f47a1e02782eaa822d303f34373f759943fd84513e01c5f5b7cff905963a2eb2ca0864b363d0acd6eed575f4be654b19de2f6d986fbe250fa89936d35241e5eb58757a5962194922d2", 0xb5}, {&(0x7f0000000240)="0f1f32049a8f7b2a7e49edc740fbf280c4405b99d8d895ad5bc25d4c4f3022cea10734f27a49960ad0d764f8b34d76d6fb02ed2fbedd7ee110b44a52dfaf7ed322caeb08d158eefe1c55c1a11956df1272a7996a9e35f66aeea18b9bc2b8fe97dffbeb0ba46452fdaa4290bad453acc7dd5858ad8d3d854b68347f28f9", 0x7d}], 0x5, 0x0, 0x0, 0x1}, {&(0x7f0000000380)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000400)="b7f786754eee4f2c7bb1ee6c17f78eb6d00c75d1ac54a92cbf3434c39d8f33138c041948fe9bdb39707dde7567a4e2aa6ccc8554b48add1ba492afa8c71bbf19c0d9376cf97b05913c18cd4d580d35422404e8965dd3debe4f500099117955cea7a9f4e2ea050e2fbbe5a04cafd5d8137281797fa244bb20118c7017033021f293c758e6b9d9a24d1b189e57db0c753871593207ba731e26bfe322a5b4243e4e25d3d7463f7f7bd910c197c41dcf605dc42b6b0d9ddd8cc6764e1228e59512455fe1adf003898936cbe6159be52c08", 0xcf}], 0x1, &(0x7f0000001700)=[@rights={{0x28, 0x1, 0x1, [r0, r2, 0xffffffffffffffff, 0xffffffffffffffff, r5, r6]}}, @rights={{0x30, 0x1, 0x1, [r7, 0xffffffffffffffff, r10, 0xffffffffffffffff, r1, r2, 0xffffffffffffffff, r13]}}, @rights={{0x18, 0x1, 0x1, [r2, r14]}}, @rights={{0x2c, 0x1, 0x1, [r16, r19, r0, r20, r1, r23, 0xffffffffffffffff]}}], 0xa0}, {&(0x7f00000017c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001880)=[{&(0x7f0000001840)="10f236bc753165cd4ec8488a354938b921441134814d8e0dbbe9bab405c44b", 0x1f}], 0x1, &(0x7f0000001ac0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r24, r25]}}, @cred={{0x1c, 0x1, 0x2, {r27, r28, r29}}}], 0x40, 0x20040804}, {&(0x7f0000001b00)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001cc0)=[{&(0x7f0000001b80)="05d063a0f6dbd8d51b342a5abc1221c3415641e8ce3bbbe8f64e48f4573afa186fbf03c54722f7bb05adf571bc54e61e4d2520bde94aa101ad88e2f559ddafe2b0f83b383a20cb104bcdf3c7f55900256c82b1566cf943a4116036f0389b45ccc5", 0x61}, {&(0x7f0000001c00)="94f562bebc8ef8bdb606ae2f6d117d39b6ee319c4899a9eb5dbc1053893f2c9f94ca7a3048d030987c4507beff58d03a02923b03a68464adc38512a5093e5116fae9cc7af940ef7c38505aeeda55c96fc413e6bda2af8757123788c57e371c451acb5c1b542dbe2954f21d8ced8ca117ad8fe9903b7d439b6af5951654938fe40a9ce96815d7f4c0a0", 0x89}], 0x2, &(0x7f0000001ec0)=[@cred={{0x1c, 0x1, 0x2, {r30, r32, r39}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r42, r44}}}, @rights={{0x28, 0x1, 0x1, [r45, r47, r49, r50, r51, r52]}}], 0x68, 0x20004001}, {&(0x7f0000001f40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003180)=[{&(0x7f0000001fc0)="ec467c2d92b9899c7194c6e9ea0762164f6bfd96c314562af2d5851f22c0bd346f9c06837352a28c8abee52cfd85f6d95aae29e6c674119b7d13a85b35ba6ecb5287aa395d1235ee2f8e947d6b6e31052ebfff1390f3abf519e1cb619125504adc93f6a0e0bc4c7f17941846a4d3e307d9260ccf141b80cee458d6df79705ef40e0e01bc6d28f44ec5", 0x89}, {&(0x7f0000002080)="addcf61ff4b45892e672948cc3f8cddc7acc59486cb3ba7bcd9c0a3ce4f5beb50ab7bd6f8f4bd92cd60d89457b23e822c2b4e626018b970c892bc64ff44ecf92dd66a991e6369e703f2225042b82344a44c3c307180287c3520a221e6c29d9a5e323ef57e69639fae817f90022df9039f143b53fe5898ed0aa4cbf88528d8794e2da996d6de0909204b1373fe6cb137418ebd996b87cff55c02ae1a49db013d42c574ad692f4c5dd3e831e8271c983cafa610510f863b5036a658ef5869a4460f74071cb857c4ea15c4d24adcaa7e2260c8a074c3ab8d953e7dcc9d308dd15ea14e9798ab43634e5ec3fc3e2e906f572a58e9894e582b4853fe66844b866732cf1a0505dc21db7bcd5b0e9be3bdbb174864bba1ad4bc7285b8ad2e56a48dbad69582ba8d43a1994f1f9c6a1ac9d95ea126740f8408cf19a249be01890081a94f6df6af2dceb1b1ce0bd3d8392159cd2c28cdac201774d74267fbff92df20b91b24e1e7e6e6282a3c594cf8f2555cdcf5c665b49be1c0382977632fd2564594bb46db5294341be9773e53bea8e62a14a8060979409077217a1328d7cb51b168960f720593247c29227e031dedb84b1fd1e7154a9ab1b559efff120a1ac87f2836d1d89d2a460c2727702647652e5c14ad6cbaca5e1202a9e15be6e995429090cc2e6ea057b8374e9d673d06bba98efc37abd21de927bbbaa8378ecc4ea1cf32f3f89c68f2420f697af95182e55861c2a8e65f6ca3e56d5715cf0b9f184cd0591ce3b850e9dad4cf037864a2483870ee4cfbe6cc96203a427a0c6b1c81afe21f03740a7ce9aa159e2dbec98ce6e2d76023c0cbebbd3bcf6e1ff700219e4d74ab7a081feca0d46f06bdb5fc88c28bacfc33e77d295399a0a3f7d96489dce71312e7ad84d544e6bbec0f3700a9aaf53e6757702d015420cb2772a305a2b2f7b6bdf10eb09b5f762fe8619c382c034e86fbac5ad37a1e95ac407b2da1218a1692f002f4d76d3030ebb04206f9132cf958b8197a861883b4d5dcd1742fae99f3b6f0f6880527373ea295ae939325d0615505a9b8070559d3b88d0ec749e2a46cbc62298ef5a9b0ddec99f82b56113d1824992d55fead6156f813d3e08747097f9dc1b9e9582bf220330eb362f3b869c02ef765a7eb048aa1b427b7df4238aa254d5a0335757181cd551f2eb9cf4e0587a454c5910d9f616b5f9ade14260d454d550451c41128addaf28c44d0e0be5c7affe832c5c33ac15d47f5bf6ae4522d50468392b6a20a6cf533f0c294437f52b646b5395cbd08dd14005d35cd388aaa2c9f8ed44e1f5ad006d29a33457b3ec40cc4e2e6bebad1b3d34e724f5d9ccb0c2407a1208d41b96146bfe99ac8259377e7f288b768a9724ef0691527a636cb6a718e14fff5cd1b4c9f9d4d1b2532d795c4085ef7000146b8af601da8d66a5e7781c9ec141cbe9a29d5fddb0c12e5369bef8c8d493fd9905a6637db980b3570d9bc405b6b06f228f36d7d2083fa27ed7665944a2d73b3b63df4ca15699a4c89fafa51fb25d34842bdc2f0518ff5e6fee139228505d6535e983c88fd57bd861df0d5ba984d61f900e171d4d9932f960b66a610fdeab130b50e1b31075c4f6ff90b2dd31bccea16ac14952d4a6d230d2c8a9d3f927e7983392aa737adfc2eb0c52e35d5492a43d8a6b3f3b22d1bff5a1f6c828cc24fa039dd95a075f29234661a8c38b83eeb05ab5ba523da0b274be65e56b8213b899db7945301e9b7c2ff51027b8bf9da353c3ded5909dc794c284fe0c1a9d9e5842cf7223c18c610f020c8e5cf4b81fa6da89c61bde897c2b9e0036eadfd7d7646e797dc30d6167808ad34704c2de08f8120ac09c1461679e2911f626a32755ad6f21f76dcc9494f94b3a8c0e02c568ad3339bebf4df8978a8fdc01cea50fffab32dd9a1157550ff19d9d78a6a9d9b4c14fa7f033c85d58029adcec336156fe7ed4b0e5a56da84a8b91b779f8b0368c9e642dc23d54129e56a4f07d9b9392438c3b7efa14ec9bde429b05cb752d8f742c7f3eb040780c66667cc7db64cd3899bda37e23a12128d9142420da06dc186de8760c8e7b7882cb9c372f2c3948b21ea04af3f6db8ed1899750b9d13af9c3cb3f12ca7248986f2ac4c067fa4b8c1403236f3441b025967124785b3f90c6038ad33a486c7280eb3fa556c5f8cf1932e67b927794f350b5ae71f55ab0f92b49f9d0487a0f822f0bfb1402d41ab573fb597f72b93fbf92a5c3e1f185d89d3f847744fa30d6b157a176474c78b3e84e98b4e8bd57a539b55fd314f135b379eb43c131671c8027712505c11ff0f7279f62be48bed8ada6973606e8c5f1ea8807670daeee07402c7d4fb07a2e008ed051f4e963d9af91917a057937fb7d902d30b354a0c0bf9ac643e1b4dd90fae3ef0755dfd191b5284408f7d1d24edea6d8c066bd7fdd438c4abe6ec21c0d84d73477dbf708fb715d703e9908808326cfdf167a7edd41b5b5403e53786bd823828b1ee2fba2d7465d2cbc134eedbfccbadd98e0a6a760e99f70eb5878312a1a51f7c9923874e6d811b689d01452ebc86ecc4a9d21a6c64821f720f16823205b402c8b3f0283bbb1cf4fa0ca781b19230bc365119ebd33419ec05d6a3a8666ef91f33acdecca046c54a84dc8a08853cac5a8a05e3f8f62736373b3217b612528108341c2a82fbae4ef9d88e8b5809456f5ba05986ac0538f64b2080ec4300acc188dbf5d047cc0d5651cc112390ba4ba1e9195baa21cad986eef9a118ff903fd4c353d205e878e5ad0f21b43d3526b19a18db8cc171f7981e8e091610a7cbf3b12082fbee59230c2e8f9f2f8fa53c3778d977af47a6b36cdaeb182ccffbd8100c263716a06ba4c4bca91dc0ca6136193a8a00a931f7ae18796d5291289bbb58b317816329e5a25948ab0a9b46c9c51f4112e10277aae7175538a49456c4b821801b77e594d7c9acd23b0c8ba88c8dd019639f0467e155e3dfa67becb9f4883036e87d76844fde184f1b466de9eb2e1a68067f6b5a1270260eee5838d7df74e4c89eedb86d9c2070776b43961a370cbe6213bdd3b92f0a9ca670e99740cc864af1c79b55f17dd79834ef767cbf0c5b5d359581226920eada796ccbe3769758458925d2a4a935f7442c2143f6d36813ec7772788fe61c5a41e8242172104f343524130f06704d5e827288016a849c07e99b3297f3d5dc3a970ff6639b37318644247df8c5458541ac85f28b70c04fb2b113df316c61ad779d7020e8380ea471e4582bff5da64a12009dbafcd0af4c88a5c63f1eed3a27b9da1ef492f6bd07a11293898fa1730762fdee5822341d5ff7241f71821fd369f22500d5214411660fc5f9cb52cfbf9456bbb5aa67afdb94f053de0f7788e1fa5e78105dd0cdf0fb8cd339e49fa3f3a87ff142768c597d059cfbd08d48bfd3da01a28fea7a5a184d3dc1c12ac6adfcf4ea2690a07d9119f15eb6072718b441c5b2f18539c61a25267b547d694160ee0a66b024fe4855ebfbd405a0132bb59da05d2d7c68545bade6bb95f5ab8fa312e1caa83ac1b3adcb1a94a491c46d96b3768554ce9309eead8448c9727727673aa2ea91e9db07872cf17c272d3ed9a2e70f5ec79b7f93a470518e867566b23655d99224ac92d5256e35550bfd34b7c1cf9de2318ea6d00c787b3f3ac5493a0d475e33e86abe23219cf93e1aec0a38d64827733de80785f12ff66f034a5688238b772dafcf1e96eba6487f4a50f97483c66dadd028083c904a96eda46b5f73a06d8354a7241af91696b51bcee51be7174edbbfd42ae70be31e35271c164873dc969d86d3de9c7623e6a51d5724602f2d8f51d7cacd0b8d3685a121959f859e9c041fde020ccba6af055440e35bfcd49c725f31759f7d361f3560e09da38dcc9952bd10d599bffe6e92baa41da8b27f48d21d7d70192359f37a5165856b2d195f138b0fb9444510c8fa08e27e5ef39a9188257d63fdb4bf7e1f8437054dffe382d8de548ae8de76670c833e06f8edf59953b01b7b49ce04e675a26a791f0d3b280e2e2055ba901155a97f64db6c5c3d10ea81f642dfce595b53223d6398e4cf7e5b89d4f92f73774540e2a882e27bc3e9d002159dd0b857a48f172cd87550571aced96d4a8a24d9ecdcd33bb4e38a4dadc7275e729bb711b61d38c8ae5775bd5a1eb0d8ae2d4c1c2842155a468e9968464589c287a9ffe18789f66b1622772feec2e60c8d7535ba68cb76f500a5160d7f976398ee5fdc9897aa92277ac8faa0c845f15074eb2bd7b325d25cb12aec4d9f735360a0bf141a16bbcf7b65476f607c3dbd430e1197b572e4d9086cad84e25b25c67c94f30a5f35ee755d5fe8a053899ceed6a261450aab7af389d81979b58022350cd0f33c39244dc71833b18790087a1e59553cfc7ccf000947fc3d8da3ee9f9383eee8c37ebed9f249d65294c477b3d412df1de755864dcf4a6ba27187b78eb9506f79c317e797cf681de895b218c26327c12fa5ddc5d9e5232a0c2d1126b8b10afcf15b3151671b0d01fd1d97940cfa10c830bfd8adb05c53b4b8904b058191edc0b5b23e4b1fb118a49d16bcf3be723892a63feb87d00940bc1096faf65b6fb63596b2c505ffb91a606018b67b02ec0abc0959f32f4cc6600d96af12eea304c67a5bf60ef5e94cee72fa9ec8e33cfa263e3c353801bcd9269fc6779defcd158811199ece3a14066ea7f14b21e67a03c8895f99ba65892f59b85cbc3dc5e8cd64752098653f0c5a902d65e512073d330ba690f1aaccdef2e4c1e631d06325f88f727995eff621658fb32a57ecb77aae4dc733f88c79c7bc71a7caec264c9d31380f93dd65740a84d5986b85f45f95e244394def2a246bd5d5610bde2e06c8dddf7090348b5368445e423747562054d906c58c02b0dbd1cbf7795d3a2e8215023def968a1a2cd0edc0eb99880fa78f558a1d342cf87f2dc734fb2060ff8df6d310084afee47b9efce1b60d67b1c9cfc9b9405a709fa1d83b6dfdeaadc67ea2605ea6731a1011671574b882530a309f7bb2f4c6771f510b43937d0c62e50e6cff82cf3e1ebdc1f728ef4817f56560d6daa3fe46d4079ab10a0614bdfecbb94a13f12866f83065f7b1a921b3fc8582b738414fa1f84b8a11680cbb19b284865a9dd3cbbaaa08669b59572c3146ad0e206906a00a2e08d4d029d23d370cb2117df74240d2932e7bee251c59481d75c23b73d39a559d88df68945dee1220051795a2b33775871378eb840987e99be7a92421331b6d0d048c5caf419cd0db35f5b3d8c7ee880bc08ace1aa2490e21b2e25628e15bd6ec1067fc1b59625c20409d61dfc403e04c148f4e96e41d90d378c2f11d9540ae28c3bd60c227ede31e8e697adac5aa9b8cc106bde63c6b1b8242d279b2288f654cc8c06ebbc92d49ce588cc28c3c68a605c33f0323e83094c856a381a492290f29a58dca38e400df12ecc0cf8c0f3ab00bda0753cb6a662c747acda554cffa8159277d2b58be3fd1c5eb28877eb29c46b0ee35d700da065ae296c18181dc1001f2acc43fc2f91da3cf367b24a87a203fd8691dda3fd0c38958f32d154580a2da8cf8b8aa48de781685e35d8f9fe9f432badd953af9c2c2d42528434aa04844292053f16ad045efb8b9fe0ca2b394acb15c0325f1ec626bf4bd92b0a3019ffbe61585884640c26c36346e50138f3774383c611becd1b4c4e75080d580a51912f30b707f6524f7f0fbbfd941a0d08e2674397b2c02be055f343a3fe342809f52ad4c6793d2b4609aa64a0458d4b7a2", 0x1000}, {&(0x7f0000003080)="7898ae2ea662b65875e8e14da970949f84f106371e099193564c7791addc27f3a4448aaceef16790dbbb8a89cd6aaa4fadb242c1c95514f3f31c2e04fa4315926b8f929f114192dcf68aa33a7279146601f9786b7ee6693ff003c104511a2ebeb4a3ec2f0a1013092f0d55c8a6c0f547731a27e0538ec254113d41066de69b0b", 0x80}, {&(0x7f0000003100)="536a92759b079b95d0ef8bed7e45effd46b5dc7559ac83e01d6b03ef3187ef4bc2fd773666c81f76a8549fdbba30d44ec3299a78a7ce0fa7e641728f149073ad63990a8aabf6a9c3e7298d12c11cc9b049c0c6e5ed67157834dd8f9907845c036face08be369fe63d4", 0x69}], 0x4, &(0x7f0000003600)=[@rights={{0x14, 0x1, 0x1, [r2]}}, @cred={{0x1c, 0x1, 0x2, {r55, 0xffffffffffffffff, r57}}}, @cred={{0x1c, 0x1, 0x2, {r58, r60, r62}}}, @rights={{0x1c, 0x1, 0x1, [r1, r1, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, r2, r63, 0xffffffffffffffff, r66, r2, r2, r67, r0]}}, @cred={{0x1c, 0x1, 0x2, {r68, r71, r72}}}, @cred={{0x1c, 0x1, 0x2, {r76, r77, r78}}}, @rights={{0x24, 0x1, 0x1, [r1, r79, 0xffffffffffffffff, r80, r2]}}], 0x118, 0x40}, {&(0x7f0000003740)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000003880)=[{&(0x7f00000037c0)="cc9f0afa05ea0af28b64438a1208d297bf72d962c5a05bab0acf6709886e48f48d4e9c44c9e24b312273d1e3c13c0d", 0x2f}, {&(0x7f0000003800)="482d10e6d873e2a9bbb0ec8d1c288f4b08be9fdfeecf4e78819572c9caff635a3aecfa839d8f987fb7d912100d01f2b234a83eb24e52d488a526c6696bea", 0x3e}, {&(0x7f0000003840)="94ee94e52f1c6040f95558e114dc66ce925452339fc4e27b412413610e50fd1832c70a0f35087a628120a3e727fc9ce698d77e9784f536281e248d43bceec6", 0x3f}], 0x3, &(0x7f00000042c0)=[@rights={{0x34, 0x1, 0x1, [r82, r83, r1, r84, r85, r2, r86, r0, r87]}}, @cred={{0x1c, 0x1, 0x2, {r88, r89, r91}}}, @rights={{0x14, 0x1, 0x1, [r93]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x1c, 0x1, 0x1, [r94, r95, r96]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r98]}}], 0xc0}], 0x6, 0x40400d4)
r99 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r99, 0x200004)
sendfile(r2, r99, 0x0, 0x80001d00c0d0)
write$USERIO_CMD_SET_PORT_TYPE(r99, &(0x7f0000000000)={0x1, 0x8}, 0x2)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:06 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
r8 = fcntl$dupfd(r7, 0x0, r4)
r9 = getpid()
sched_setscheduler(r9, 0x5, 0x0)
sendmsg$AUDIT_SET(r8, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x34, 0x3e9, 0x200, 0x70bd28, 0x25dfdbfd, {0x2, 0x80000000, 0x0, r9, 0x80000001, 0x3, 0x1000, 0x0, 0xffffffc1}, ["", ""]}, 0x34}}, 0x20000001)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:06 executing program 1 (fault-call:16 fault-nth:18):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:06 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, [], 0x16}, 0x8}, @in={0x2, 0x4e23, @rand_addr=0x5}], 0x3c)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$PPPIOCGNPMODE(r3, 0xc008744c, &(0x7f0000000040)={0xfb})
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

[  796.816151][T24082] FAULT_INJECTION: forcing a failure.
[  796.816151][T24082] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  796.841681][T24082] CPU: 1 PID: 24082 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  796.851230][T24082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  796.861345][T24082] Call Trace:
[  796.864715][T24082]  dump_stack+0x11d/0x187
[  796.869048][T24082]  should_fail.cold+0x5/0xf
[  796.873555][T24082]  __alloc_pages_nodemask+0xcf/0x310
[  796.879047][T24082]  alloc_pages_current+0xca/0x170
[  796.884066][T24082]  push_pipe+0x18b/0x340
[  796.888318][T24082]  ? __radix_tree_lookup+0x18d/0x1c0
[  796.893731][T24082]  iov_iter_get_pages+0x49d/0x8cc
[  796.898754][T24082]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  796.904686][T24082]  bio_iov_iter_get_pages+0x106/0x5a0
[  796.911493][T24082]  iomap_dio_bio_actor+0x5e8/0x970
[  796.916672][T24082]  iomap_dio_actor+0x83/0x390
[  796.921401][T24082]  iomap_apply+0x1e6/0x660
[  796.925808][T24082]  ? iomap_dio_bio_actor+0x970/0x970
[  796.931142][T24082]  iomap_dio_rw+0x67e/0x9a0
[  796.935650][T24082]  ? iomap_dio_bio_actor+0x970/0x970
[  796.941003][T24082]  ? ext4_file_read_iter+0x2b4/0x360
[  796.946407][T24082]  ext4_file_read_iter+0x2b4/0x360
[  796.951628][T24082]  generic_file_splice_read+0x2df/0x470
[  796.957513][T24082]  ? add_to_pipe+0x1b0/0x1b0
[  796.962847][T24082]  do_splice_to+0xc7/0x100
[  796.967272][T24082]  splice_direct_to_actor+0x1b9/0x540
[  796.972640][T24082]  ? generic_pipe_buf_nosteal+0x20/0x20
[  796.978188][T24082]  do_splice_direct+0x152/0x1d0
[  796.983083][T24082]  do_sendfile+0x396/0x810
[  796.987603][T24082]  __x64_sys_sendfile64+0x121/0x140
[  796.992803][T24082]  do_syscall_64+0xc7/0x390
[  796.997302][T24082]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  797.003178][T24082] RIP: 0033:0x45c479
[  797.007170][T24082] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  797.026867][T24082] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  797.035353][T24082] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  797.043539][T24082] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  797.051517][T24082] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  797.059493][T24082] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  797.067454][T24082] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000012
04:46:07 executing program 1 (fault-call:16 fault-nth:19):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:07 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x7)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x80001d00c0d0)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCGISO7816(r3, 0x80285442, &(0x7f00000001c0))
r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x9, 0x8002)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000080)={0x7, {{0xa, 0x4e23, 0x5, @local, 0x8}}, 0x1, 0x1, [{{0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5d}}]}, 0x110)

04:46:07 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r3 = socket(0x10, 0x80002, 0x0)
ioctl(r3, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14d18f662e919ae665df250800030000000000080045007372700008004500737270000800030003000000080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@local, @in6}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in6=@loopback}}, &(0x7f0000000080)=0xe8)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x2000)
r6 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x801, 0x0)
write$sndseq(r6, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00')
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000100000000000000014100000000001700000000000000003a000000"]}}, 0x0)
sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x44000000)
clone(0x30020100, 0x0, 0x0, 0x0, 0x0)

04:46:07 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000000140)={{0x4, 0x40}, 0x1, 0x99dc, 0x1, {0x0, 0x20}, 0xb7, 0x2})
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x2, 0x400}, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  797.573629][T24101] FAULT_INJECTION: forcing a failure.
[  797.573629][T24101] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  797.657204][T24101] CPU: 1 PID: 24101 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  797.666353][T24101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  797.676803][T24101] Call Trace:
[  797.680168][T24101]  dump_stack+0x11d/0x187
[  797.685357][T24101]  should_fail.cold+0x5/0xf
[  797.690020][T24101]  __alloc_pages_nodemask+0xcf/0x310
[  797.695555][T24101]  alloc_pages_current+0xca/0x170
[  797.700874][T24101]  push_pipe+0x18b/0x340
[  797.705193][T24101]  ? __radix_tree_lookup+0x18d/0x1c0
[  797.710691][T24101]  iov_iter_get_pages+0x49d/0x8cc
[  797.715803][T24101]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  797.721738][T24101]  bio_iov_iter_get_pages+0x106/0x5a0
[  797.727271][T24101]  iomap_dio_bio_actor+0x5e8/0x970
[  797.732415][T24101]  iomap_dio_actor+0x83/0x390
[  797.737130][T24101]  iomap_apply+0x1e6/0x660
[  797.741681][T24101]  ? iomap_dio_bio_actor+0x970/0x970
[  797.747227][T24101]  iomap_dio_rw+0x67e/0x9a0
[  797.751750][T24101]  ? iomap_dio_bio_actor+0x970/0x970
[  797.757175][T24101]  ? ext4_file_read_iter+0x2b4/0x360
[  797.762698][T24101]  ext4_file_read_iter+0x2b4/0x360
[  797.767960][T24101]  generic_file_splice_read+0x2df/0x470
[  797.773655][T24101]  ? add_to_pipe+0x1b0/0x1b0
[  797.778310][T24101]  do_splice_to+0xc7/0x100
[  797.782784][T24101]  splice_direct_to_actor+0x1b9/0x540
[  797.788303][T24101]  ? generic_pipe_buf_nosteal+0x20/0x20
[  797.794136][T24101]  do_splice_direct+0x152/0x1d0
[  797.799044][T24101]  do_sendfile+0x396/0x810
[  797.803590][T24101]  __x64_sys_sendfile64+0x121/0x140
[  797.808917][T24101]  do_syscall_64+0xc7/0x390
[  797.813517][T24101]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  797.819428][T24101] RIP: 0033:0x45c479
[  797.823355][T24101] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  797.842971][T24101] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
04:46:08 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$SIOCX25SFACILITIES(r1, 0x89e3, &(0x7f0000000100)={0x71, 0x401, 0x9, 0xc, 0x1ff, 0x81})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x149042, 0x0)
syz_open_dev$sndtimer(&(0x7f0000000240)='/dev/snd/timer\x00', 0x0, 0x800)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nvram\x00', 0x2000, 0x0)
ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r4, 0x800443d3, &(0x7f0000000200)={@fixed={[], 0x11}, 0xffff, 0x401, 0x4})
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f0000000040)={0x1, 0x0, 0x625c6d96adb425ac, 0x4, {0x6, 0x800, 0x1d, 0x10000}})
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000080)=0x5, 0x4)
accept$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @local}, &(0x7f0000000180)=0x1c)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)

[  797.851446][T24101] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  797.859432][T24101] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  797.867422][T24101] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  797.875418][T24101] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  797.885059][T24101] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000013
04:46:08 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r2, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'vlan0\x00'}}}}}, 0x34}}, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  798.129188][T24121] tipc: Started in network mode
[  798.134625][T24121] tipc: Own node identity aaaaaaaaaa31, cluster identity 4711
[  798.166152][T24121] tipc: Enabled bearer <eth:vlan0>, priority 0
[  798.182627][T24125] tipc: Enabling of bearer <eth:vlan0> rejected, already enabled
[  799.159909][T22658] tipc: 32-bit node address hash set to aaaa9b00
04:46:09 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0x1, 0x4)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:09 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:09 executing program 1 (fault-call:16 fault-nth:20):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:09 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f00000000c0)={0x1})
close(r2)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:09 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
ioprio_set$uid(0x0, 0xffffffffffffffff, 0x3)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0x0, 0x0)

04:46:09 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="00000000100000000000ba120000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']}}, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video0\x00', 0x2, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  799.768904][   T27] kauditd_printk_skb: 76 callbacks suppressed
[  799.768923][   T27] audit: type=1804 audit(1583210770.034:7528): pid=24135 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/556/bus" dev="sda1" ino=17335 res=1
04:46:10 executing program 3:
r0 = socket$rxrpc(0x21, 0x2, 0xa)
syncfs(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_elf64(r1, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r2, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:10 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x43, "c7ac826b9ddf6702df09a9d504878fc616bfb4a3e1500b01a93c2da843685e31a9c3348469821d1c6a9f79205b6024ef67b956850011e248b4251d1943d164e6f73554"}, &(0x7f00000000c0)=0x4b)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x68400, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$P9_RAUTH(r5, &(0x7f0000000100)={0x14, 0x67, 0x1, {0x4, 0x3, 0x1}}, 0x14)

[  799.860321][   T27] audit: type=1804 audit(1583210770.074:7529): pid=24140 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/517/bus" dev="sda1" ino=17346 res=1
[  799.884351][T24148] FAULT_INJECTION: forcing a failure.
[  799.884351][T24148] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  799.904287][T24148] CPU: 0 PID: 24148 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  799.913057][T24148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  799.923222][T24148] Call Trace:
[  799.926548][T24148]  dump_stack+0x11d/0x187
[  799.930914][T24148]  should_fail.cold+0x5/0xf
[  799.935454][T24148]  __alloc_pages_nodemask+0xcf/0x310
[  799.940784][T24148]  alloc_pages_current+0xca/0x170
[  799.945878][T24148]  push_pipe+0x18b/0x340
[  799.950679][T24148]  ? __radix_tree_lookup+0x18d/0x1c0
[  799.956087][T24148]  iov_iter_get_pages+0x49d/0x8cc
[  799.961218][T24148]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  799.967153][T24148]  bio_iov_iter_get_pages+0x106/0x5a0
[  799.972575][T24148]  iomap_dio_bio_actor+0x5e8/0x970
[  799.977729][T24148]  iomap_dio_actor+0x83/0x390
[  799.982510][T24148]  iomap_apply+0x1e6/0x660
[  799.987599][T24148]  ? iomap_dio_bio_actor+0x970/0x970
[  799.992942][T24148]  iomap_dio_rw+0x67e/0x9a0
[  799.997546][T24148]  ? iomap_dio_bio_actor+0x970/0x970
[  800.002921][T24148]  ? ext4_file_read_iter+0x2b4/0x360
[  800.008259][T24148]  ext4_file_read_iter+0x2b4/0x360
[  800.013464][T24148]  generic_file_splice_read+0x2df/0x470
[  800.019055][T24148]  ? add_to_pipe+0x1b0/0x1b0
[  800.023655][T24148]  do_splice_to+0xc7/0x100
[  800.028098][T24148]  splice_direct_to_actor+0x1b9/0x540
[  800.033609][T24148]  ? generic_pipe_buf_nosteal+0x20/0x20
[  800.039348][T24148]  do_splice_direct+0x152/0x1d0
[  800.044230][T24148]  do_sendfile+0x396/0x810
[  800.048688][T24148]  __x64_sys_sendfile64+0x121/0x140
[  800.054178][T24148]  do_syscall_64+0xc7/0x390
[  800.058724][T24148]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  800.064642][T24148] RIP: 0033:0x45c479
[  800.068559][T24148] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  800.088171][T24148] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  800.096793][T24148] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
04:46:10 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x280f40, 0x0)
r3 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r4=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000040)=ANY=[@ANYRES32=r4, @ANYBLOB="5aff464c31972acceec5eac3be8fcb00000004"], 0x0)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000100)={r4, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x84)

[  800.104795][T24148] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  800.112780][T24148] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  800.120767][T24148] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  800.128745][T24148] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000014
[  800.159890][   T27] audit: type=1800 audit(1583210770.074:7530): pid=24140 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17346 res=0
[  800.235206][   T27] audit: type=1804 audit(1583210770.074:7531): pid=24143 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/609/bus" dev="sda1" ino=17347 res=1
04:46:10 executing program 3:
r0 = socket$inet6(0xa, 0x5, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
write$9p(r1, &(0x7f0000000000)="7949396d84c7d5bbdf3acc2f72351c0b87a9cabff2b51879d95a1da5a2c467f878c399c36beb26face17757f4998355016a8c2c4d40180f9791b1c11ab440971f09f53b049c5569f5e3bdec1550a04205b7a917171ce7f4ee2a4456a0fc4629f20166e3f5c6f1c38af007c515deae3297d133b03f5bb4da821aa0818c8a25b798b1effb8b230c20aec1378dec6bc81501db048da5f9a289fd97b", 0x9a)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf64(r2, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r3, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  800.288370][   T27] audit: type=1800 audit(1583210770.074:7532): pid=24143 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17347 res=0
[  800.314695][   T27] audit: type=1800 audit(1583210770.084:7533): pid=24135 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17335 res=0
[  800.345012][   T27] audit: type=1804 audit(1583210770.084:7534): pid=24135 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/556/bus" dev="sda1" ino=17335 res=1
[  800.389698][   T27] audit: type=1804 audit(1583210770.084:7535): pid=24140 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/517/bus" dev="sda1" ino=17346 res=1
04:46:10 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x64, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r6, 0x80045301, &(0x7f00000000c0))
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  800.420750][   T27] audit: type=1804 audit(1583210770.084:7536): pid=24143 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/609/bus" dev="sda1" ino=17347 res=1
[  800.445999][   T27] audit: type=1804 audit(1583210770.104:7537): pid=24135 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/556/bus" dev="sda1" ino=17335 res=1
04:46:10 executing program 1 (fault-call:16 fault-nth:21):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:10 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x4000, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f0000000500)={0xa0000000})
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r6 = socket(0x10, 0x80002, 0x0)
ioctl(r6, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf0101000000000000000800450073727000080045007372700008000300030000000800030000004486832701d007a600000800030088000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  800.802422][T24184] FAULT_INJECTION: forcing a failure.
[  800.802422][T24184] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  800.817971][T24184] CPU: 1 PID: 24184 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  800.826668][T24184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  800.836731][T24184] Call Trace:
[  800.840178][T24184]  dump_stack+0x11d/0x187
[  800.844555][T24184]  should_fail.cold+0x5/0xf
[  800.849284][T24184]  __alloc_pages_nodemask+0xcf/0x310
[  800.854837][T24184]  alloc_pages_current+0xca/0x170
[  800.860178][T24184]  push_pipe+0x18b/0x340
[  800.865636][T24184]  ? __radix_tree_lookup+0x18d/0x1c0
[  800.871086][T24184]  iov_iter_get_pages+0x49d/0x8cc
[  800.876168][T24184]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  800.882089][T24184]  bio_iov_iter_get_pages+0x106/0x5a0
[  800.887491][T24184]  iomap_dio_bio_actor+0x5e8/0x970
[  800.892685][T24184]  iomap_dio_actor+0x83/0x390
[  800.897390][T24184]  iomap_apply+0x1e6/0x660
[  800.901841][T24184]  ? iomap_dio_bio_actor+0x970/0x970
[  800.907169][T24184]  iomap_dio_rw+0x67e/0x9a0
[  800.912149][T24184]  ? iomap_dio_bio_actor+0x970/0x970
[  800.917452][T24184]  ? ext4_file_read_iter+0x2b4/0x360
[  800.922838][T24184]  ext4_file_read_iter+0x2b4/0x360
[  800.927992][T24184]  generic_file_splice_read+0x2df/0x470
[  800.933608][T24184]  ? add_to_pipe+0x1b0/0x1b0
[  800.938495][T24184]  do_splice_to+0xc7/0x100
[  800.943935][T24184]  splice_direct_to_actor+0x1b9/0x540
[  800.949325][T24184]  ? generic_pipe_buf_nosteal+0x20/0x20
[  800.954976][T24184]  do_splice_direct+0x152/0x1d0
[  800.959900][T24184]  do_sendfile+0x396/0x810
[  800.966608][T24184]  __x64_sys_sendfile64+0x121/0x140
[  800.971802][T24184]  do_syscall_64+0xc7/0x390
[  800.978801][T24184]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  800.985218][T24184] RIP: 0033:0x45c479
[  800.989448][T24184] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  801.011796][T24184] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  801.020491][T24184] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  801.028636][T24184] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  801.036619][T24184] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  801.044587][T24184] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
04:46:11 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
bind$l2tp(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r2, 0x0, 0x80001d00c0d0)

[  801.052641][T24184] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000015
04:46:13 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000140)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:13 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x200002, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x5, 0x0)
tkill(r2, 0x5)
close(r1)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r1, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$binfmt_elf64(r0, 0x0, 0x2e)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_QBUF(r7, 0xc058560f, &(0x7f0000000000)={0x9, 0x9, 0x4, 0x400000, 0x3, {0x77359400}, {0x3, 0x0, 0x20, 0x81, 0x6, 0x5, "d06e71ee"}, 0x2, 0x1, @offset=0xffffff87, 0x8, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r8, 0xc02064b9, &(0x7f0000000180)={&(0x7f0000000080)=[0xffffff01, 0xfffeffff, 0x1000, 0x9, 0x3ff, 0x7fffffff, 0x1f, 0x7], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x7fff, 0xe0e0e0e0})
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
r9 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcsu\x00', 0x301202, 0x0)
recvmmsg(r9, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:13 executing program 1 (fault-call:16 fault-nth:22):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:13 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x8c540, 0x2c1)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:13 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x20}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:13 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
write(r0, &(0x7f0000000040)="65cd837ebdd0cae1049bab7dbe644f137b726122da598a2689e77179ac5240f260849bd1cef934ec901c53de6dbee0900f9f26a39345128e1a1a198ccc5b826ca471b12346a30ee8eb48191c26b5926fdd963bf427e341018cc6800cb5a539a4cee46c4d36b4cb58a1299220981f1b0f6df6a27f97e213817b300402220b2886000cfc743013059e7f2d36443c1bb9b6b12820fe48682f030693adeb2b8c50c60e191569c40b37af305bdc", 0xab)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)

04:46:13 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000300)='SEG6\x00')
sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x804004}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r3, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x9, 0x6, 0x0]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4801}, 0x4000000)
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x1, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x41034000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x100, 0x20, 0x810, 0x70bd29, 0x25dfdbfd, {0x1d}, [@generic="625374c3eb4467d0350c73c22cd898f0372fdd788042bbd2041b96e957900812eb55b2dc15603b6cc81c217ac38be78b400a3ab77186a8c01d86ca0c4c574b62aedde71579ed09962859bf7e4d8ba3b4376f5c5137c625788e4ccb87c5d569e60d5bb961e3a739e0b78a7047dfab2bab78ee4a577013b8be2f5fcb26b580868ea7e000e16e30ceb31c3a957b90a7e89b228117a7e846a70d5517b18e259222b18f49b3db2aa9e4d956fc0315a410ca36c4bfe2a462009fdf4b3de5c4f04cceb0f55539fbe14dfaae33444184bb610996b13fb3e412b66cab48498f52a070fa6cbf24d2c36d7f9780b2c3"]}, 0x100}, 0x1, 0x0, 0x0, 0x81}, 0x800)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  802.932493][T24217] FAULT_INJECTION: forcing a failure.
[  802.932493][T24217] name failslab, interval 1, probability 0, space 0, times 0
[  802.945308][T24217] CPU: 1 PID: 24217 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  802.954138][T24217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  802.964202][T24217] Call Trace:
[  802.967581][T24217]  dump_stack+0x11d/0x187
[  802.971931][T24217]  should_fail.cold+0x5/0xf
[  802.976459][T24217]  ? mempool_free+0x190/0x190
[  802.981235][T24217]  __should_failslab+0x82/0xb0
[  802.986012][T24217]  should_failslab+0x5/0xf
[  802.990571][T24217]  kmem_cache_alloc+0x23/0x5e0
[  802.995368][T24217]  ? mempool_free+0x190/0x190
[  803.000192][T24217]  mempool_alloc_slab+0x21/0x30
[  803.005166][T24217]  mempool_alloc+0x8d/0x280
[  803.009836][T24217]  ? _find_next_bit.constprop.0+0x126/0x160
[  803.015907][T24217]  sg_pool_alloc+0xa6/0xc0
[  803.020556][T24217]  __sg_alloc_table+0x1da/0x260
[  803.025464][T24217]  sg_alloc_table_chained+0xa5/0x160
04:46:13 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
ioctl$VIDIOC_ENUMAUDOUT(0xffffffffffffffff, 0xc0345642, &(0x7f0000000000)={0xe52, "64f8a716ef286eabe84e4eea42ede50f7bfc362c1802905682729f08b760ccbb", 0x0, 0x1})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_ACCEPT(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0xc4, r4, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:modules_object_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr="548101b61d34c08b90186ce16ad6babb"}, @NLBL_UNLABEL_A_SECCTX={0x32, 0x7, 'system_u:object_r:systemd_logind_var_run_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40004}, 0x40)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:13 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r9, 0x84, 0x6, &(0x7f0000000240)={<r10=>0x0, @in={{0x2, 0x4e21, @rand_addr=0x7fffffff}}}, &(0x7f0000000140)=0x84)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r7, 0x84, 0x6, &(0x7f00000003c0)={r10, @in6={{0xa, 0x4e23, 0x0, @mcast2, 0x3}}}, &(0x7f0000000300)=0x84)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$netlink(0x10, 0x3, 0x0)
r16 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r16, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r15, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r17, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r17}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r17}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0xffffffff, {0x2, 0x0, 0x0, 0xfe, r17}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}, 0x1, 0x0, 0x0, 0x404}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r12}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', r12})
r18 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r18, 0x0, 0x80001d00c0d0)

[  803.030767][T24217]  ? mac_pton+0x1a0/0x1a0
[  803.035116][T24217]  scsi_init_io+0xba/0x380
[  803.039557][T24217]  sd_init_command+0x145/0x1db0
[  803.044440][T24217]  ? blk_mq_start_request+0x167/0x360
[  803.050227][T24217]  scsi_queue_rq+0xc3a/0x1770
[  803.055006][T24217]  blk_mq_dispatch_rq_list+0x9ca/0xe70
[  803.060477][T24217]  ? deadline_remove_request+0xa1/0x250
[  803.066080][T24217]  ? blk_req_needs_zone_write_lock+0x9a/0x140
[  803.072172][T24217]  ? _raw_spin_unlock+0x38/0x60
[  803.077039][T24217]  ? dd_dispatch_request+0x14b/0x4f0
[  803.082355][T24217]  blk_mq_do_dispatch_sched+0x12b/0x270
[  803.088006][T24217]  blk_mq_sched_dispatch_requests+0x2b6/0x380
[  803.094090][T24217]  ? rb_insert_color+0x108/0x340
[  803.099137][T24217]  __blk_mq_run_hw_queue+0xb1/0x150
[  803.104487][T24217]  __blk_mq_delay_run_hw_queue+0x315/0x390
[  803.110336][T24217]  blk_mq_run_hw_queue+0xfa/0x1b0
[  803.115376][T24217]  ? dd_merged_requests+0x260/0x260
[  803.120624][T24217]  blk_mq_sched_insert_requests+0x19c/0x270
[  803.126574][T24217]  blk_mq_flush_plug_list+0x2f0/0x4c0
[  803.132869][T24217]  blk_flush_plug_list+0x281/0x2b0
[  803.138031][T24217]  blk_finish_plug+0x59/0x7a
[  803.142855][T24217]  iomap_dio_rw+0x909/0x9a0
[  803.147598][T24217]  ? ext4_file_read_iter+0x2b4/0x360
[  803.152952][T24217]  ext4_file_read_iter+0x2b4/0x360
[  803.158158][T24217]  generic_file_splice_read+0x2df/0x470
[  803.163814][T24217]  ? add_to_pipe+0x1b0/0x1b0
[  803.169718][T24217]  do_splice_to+0xc7/0x100
[  803.174249][T24217]  splice_direct_to_actor+0x1b9/0x540
[  803.179804][T24217]  ? generic_pipe_buf_nosteal+0x20/0x20
[  803.185492][T24217]  do_splice_direct+0x152/0x1d0
[  803.190390][T24217]  do_sendfile+0x396/0x810
[  803.195060][T24217]  __x64_sys_sendfile64+0x121/0x140
[  803.200330][T24217]  do_syscall_64+0xc7/0x390
[  803.205089][T24217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  803.210999][T24217] RIP: 0033:0x45c479
[  803.214913][T24217] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  803.235022][T24217] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  803.243587][T24217] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  803.252264][T24217] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  803.260582][T24217] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  803.269100][T24217] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  803.277090][T24217] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000016
04:46:13 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
fcntl$notify(r4, 0x402, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:13 executing program 1 (fault-call:16 fault-nth:23):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:14 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x7, &(0x7f0000000380)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x5, 0x7, 0xfffffffe}, {0x200, 0x7f, 0x4}, {0xfffa, 0xeb, 0x80, 0x3}, {0x2, 0x4, 0x2, 0x9}, {0x3f, 0x2, 0x0, 0x6}, {0x1000, 0xc, 0x0, 0x681e0bfc}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4c0000000f14000026bd7000fcdbdf2508000300008000000800450073727000080045007372700008000300030000000b004500757665726273000008000308000300020000000ae5b261df9102e562a185189f9488dec3affe55cd8ca0ab1654f294cfa59d35cd80d393871723b112bc27e86b1eba9a84b8127ac251bc466dc5fa59100db724704a90924b2ccd16f3f5722c766814b01415df3806315a248845a3ed971a32d94884e7b579fe89e7192736e9dac6035566a7be84c3bcca1523f2bd248f1f5eba0ac4cab2045ede822a43a71444b6f9d437e4826fd8ffe354f53bcadada6a83cbbf8f1b58cbbf439800d6df26211c5244d4e71754f08c237f4bc1ebbfa5b128726bff2cbbe16b25d1e9c62fbdc327b84e6c3e8215427e55557d2353759872bcd9a3cf747b257a5fd0412c7003d9753f3d533365d4b54a792ff23b909adb6c816fd74e3d6d94478a7f8875bdd040da582f11291badee43978dfc"], 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x29, 0x4, 0x0)
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x2c2080, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="0040000010000000000000000000000000000000814164bc6fd315e0f18de4abf7d1f9d5e7f65e243eb11c9e4fc98ac909e53341acd9961eeef1efc89d4544869211e04c1907011c2fa6a220abfff4b10f5167e22a5ab23fa77c73a667ba9a2e195da2082bf96ee56d4f6052aadcd3b3cee5e8faa40738b2e3fdc2b3e19f28c3fb6d4b04e59e00095f91f861a363436ad8c9acb9a8a1d12b293bad9f5f2d55cfd2acc8c5e4f605e696fd501e776bfcf102664963dca56ce4b1016c61d952673d08645003ed8f0d7a8873444a46f7ff7bb5834b2f937a349b3a24e7e9fb85ac1bb804004e8a9ba07d74ab3384b7cd3ca1363455abe66d7ee9e529f6cf159f96844b2cf54240f393f667ed091682a44cab674f0d3a6d2195a950031e1fe8c5ad6534ec0f6486427ab6a3abb50b4c7a241dede519f941c33e1a37a34c67bcc5ca02c0001c34464acb103a2b7e77684ea99ff278ad7640364d1767310e15dff13981d3d751d3bdb43a52c0e1e69b35898f8f23ab45504a9fb2d60aa32c621f1e73037a334da65b88254a31ca93d8ff414f18b9c4dedd657ef2ca6b870a0aa817e59fe8930b0e5a6920f34d3a0a38a9efb8fce6e69b4d1cd1a796d7047023d43a36c5329d1cb1ae4e321abef3727691d92416af8d90f1e0968acb690ee1af7974bf2b719e622c8c4ad118fab3fbee91397593a051b692269e748ca29c4458ba3367f87ca3121b4b273bc3a733656caf98750aed50b7a1fa70183842b68227b92a088e1f8f", @ANYRES32=0x0, @ANYBLOB="8900000015000010"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r10 = getpid()
sched_setscheduler(r10, 0x5, 0x0)
fcntl$setown(r0, 0x8, r10)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  803.971749][T24251] FAULT_INJECTION: forcing a failure.
[  803.971749][T24251] name failslab, interval 1, probability 0, space 0, times 0
[  803.986101][T24251] CPU: 1 PID: 24251 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  803.994799][T24251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  804.004861][T24251] Call Trace:
[  804.008161][T24251]  dump_stack+0x11d/0x187
[  804.012507][T24251]  should_fail.cold+0x5/0xf
[  804.017285][T24251]  __should_failslab+0x82/0xb0
[  804.022076][T24251]  should_failslab+0x5/0xf
[  804.026512][T24251]  __kmalloc+0x54/0x640
[  804.030757][T24251]  ? iter_file_splice_write+0x120/0x830
[  804.036347][T24251]  ? current_time+0x6d/0xc0
[  804.040867][T24251]  iter_file_splice_write+0x120/0x830
[  804.046249][T24251]  ? touch_atime+0x83/0x150
[  804.050748][T24251]  ? ext4_file_read_iter+0x110/0x360
[  804.056164][T24251]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  804.061984][T24251]  direct_splice_actor+0x97/0xb0
[  804.066949][T24251]  splice_direct_to_actor+0x22f/0x540
[  804.072621][T24251]  ? generic_pipe_buf_nosteal+0x20/0x20
[  804.078172][T24251]  do_splice_direct+0x152/0x1d0
[  804.083029][T24251]  do_sendfile+0x396/0x810
[  804.087455][T24251]  __x64_sys_sendfile64+0x121/0x140
[  804.092658][T24251]  do_syscall_64+0xc7/0x390
[  804.097546][T24251]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  804.103506][T24251] RIP: 0033:0x45c479
[  804.107568][T24251] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  804.133580][T24251] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  804.142311][T24251] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  804.151156][T24251] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  804.161212][T24251] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  804.169681][T24251] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  804.177656][T24251] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000017
04:46:16 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000140)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:16 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$binfmt_elf64(r0, 0x0, 0xd7024456)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)

04:46:16 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x1ff, "4e1cb287c69abcd6f9cf0a99e4ad5ed9bc371c50d477542d53df9a238b0c3c8a", 0x1, 0x1})
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:46:16 executing program 1 (fault-call:16 fault-nth:24):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:16 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x5)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0bc5351, &(0x7f0000000440)={0x3, 0x0, 'client1\x00', 0x2, "6b229abea59c5859", "7ba1034fc140d824895fc916e52bac354d18e15bebf2b15b52515f6c76f4a994", 0x3, 0x95})
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r4, 0xc010640c, &(0x7f0000000100)={0x13})
recvmsg$can_raw(r0, &(0x7f0000000400)={&(0x7f0000000140)=@caif=@util, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000200)}, {&(0x7f0000000240)=""/92, 0x5c}], 0x2, &(0x7f0000000300)=""/211, 0xd3}, 0x22)
r5 = getpid()
sched_setscheduler(r5, 0x5, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3, 0x5, 0x0, 0x0, 0x0, 0x8000000001, 0x2078, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000200), 0x6}, 0x4000, 0x7f, 0xffffffff, 0x0, 0x0, 0x0, 0x4000}, r5, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:16 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x7, 0x45, 'cm\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ftruncate(r11, 0x5)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000080), &(0x7f0000000500)=0x4)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  805.924413][   T27] kauditd_printk_skb: 72 callbacks suppressed
[  805.924432][   T27] audit: type=1804 audit(1583210776.194:7610): pid=24269 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/521/bus" dev="sda1" ino=16578 res=1
[  805.978066][   T27] audit: type=1804 audit(1583210776.214:7611): pid=24268 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/613/bus" dev="sda1" ino=16817 res=1
[  806.008242][   T27] audit: type=1800 audit(1583210776.214:7612): pid=24268 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=16817 res=0
[  806.034554][T24273] FAULT_INJECTION: forcing a failure.
[  806.034554][T24273] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  806.046151][   T27] audit: type=1804 audit(1583210776.234:7613): pid=24268 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/613/bus" dev="sda1" ino=16817 res=1
[  806.049659][T24273] CPU: 0 PID: 24273 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  806.049668][T24273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  806.049673][T24273] Call Trace:
[  806.049703][T24273]  dump_stack+0x11d/0x187
[  806.049773][T24273]  should_fail.cold+0x5/0xf
[  806.049805][T24273]  __alloc_pages_nodemask+0xcf/0x310
[  806.088156][   T27] audit: type=1800 audit(1583210776.234:7614): pid=24269 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16578 res=0
[  806.094271][T24273]  cache_grow_begin+0x74/0x590
[  806.094294][T24273]  __kmalloc+0x561/0x640
[  806.094313][T24273]  ? iter_file_splice_write+0x120/0x830
[  806.094406][T24273]  iter_file_splice_write+0x120/0x830
[  806.094491][T24273]  ? touch_atime+0x83/0x150
[  806.101653][   T27] audit: type=1804 audit(1583210776.234:7615): pid=24269 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/521/bus" dev="sda1" ino=16578 res=1
[  806.102127][T24273]  ? ext4_file_read_iter+0x110/0x360
[  806.102164][T24273]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  806.107536][   T27] audit: type=1804 audit(1583210776.234:7616): pid=24267 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/560/bus" dev="sda1" ino=16801 res=1
[  806.134353][T24273]  direct_splice_actor+0x97/0xb0
[  806.134375][T24273]  splice_direct_to_actor+0x22f/0x540
[  806.134398][T24273]  ? generic_pipe_buf_nosteal+0x20/0x20
[  806.134498][T24273]  do_splice_direct+0x152/0x1d0
[  806.134526][T24273]  do_sendfile+0x396/0x810
[  806.142244][   T27] audit: type=1800 audit(1583210776.234:7617): pid=24267 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16801 res=0
[  806.143975][T24273]  __x64_sys_sendfile64+0x121/0x140
[  806.144007][T24273]  do_syscall_64+0xc7/0x390
[  806.150888][   T27] audit: type=1804 audit(1583210776.244:7618): pid=24267 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/560/bus" dev="sda1" ino=16801 res=1
[  806.159693][T24273]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  806.159710][T24273] RIP: 0033:0x45c479
[  806.159737][T24273] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  806.159746][T24273] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  806.159775][T24273] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  806.169892][   T27] audit: type=1804 audit(1583210776.244:7619): pid=24267 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/560/bus" dev="sda1" ino=16801 res=1
[  806.188954][T24273] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  806.188965][T24273] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  806.188975][T24273] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  806.188985][T24273] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000018
04:46:17 executing program 1 (fault-call:16 fault-nth:25):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:17 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f00000000c0)={'ip6erspan0\x00', {0x2, 0x4e23, @empty}})
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:17 executing program 2:
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(0xffffffffffffffff, 0x3)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x444a04, 0x0)
ftruncate(r1, 0x200004)
setxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000300)='security.ima\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="0402dce75633b0deb7ed4248"], 0xc, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000280)='./bus\x00', 0x141042, 0x190)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000240)={r4, 0xc0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=0x458b, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x1, 0x5}, 0x0, 0x0, &(0x7f00000000c0)={0x3, 0x9, 0x8, 0x7f}, &(0x7f0000000100)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=0x3}}, 0x10)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
sendfile(r5, r1, 0x0, 0x9)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
ioctl$SG_GET_KEEP_ORPHAN(r9, 0x2288, &(0x7f0000000380))
sendfile(r6, r7, 0x0, 0x80001d00c0d0)

04:46:17 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf250800030000000000080045007372700008004500737270000c000300037c08cd9cb9481ca7d8000000080003000000c08c5e4e0300000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f40)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468000075f16100001800020114000100000000009dd96bce6d6fee08f89babe058b872070afbc22ed62c91c2f12262cdbb20f10c9df54bc3393606324f659d7cda29b47adb6cc5905658c18b4dd235b22f0e792039cf561eac5e9d082d1c73ae5c8c6f66d4929a7a70097863", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d26547292c41f7e2cf31105187bbf97ae18943f67b9049374156b4336a703be803b63b1d123825fdccaf3d092e5f35553a8a5fb89bce76f83f020cb944e72e870ba95d9640a02a84fcfa10d1f8f990354799d6940a29f55724f7825a3784660d1b80e8275937588629140371b26c21a4d29b8c6ea9a9cc657563e4183655fa3d41e6d528e531fd4e31ffd58133089a331d87cd97549abf64b2512da3b7ce49b6c6d82107d3720df368ceaf2ada5e9f24f579fdbc7188b850fcb45b09bb7174cd8fe7568ef8e2f4ffef0b30d14ec967f27bf29ca5fa7a0ac8b3668e03000000aa4f4b57d2f5744538106834573aedd6c8fefa8f92c1c6"], 0x5}}, 0x0)
r13 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r13, 0x4, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000014000104000000000000000002000000", @ANYRES32=r12, @ANYRES32=r13], 0x3}}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r12}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000008c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f0000000a40)=ANY=[@ANYBLOB="6c0300001200000426bd7000fcdbdf25060532084e214e2109000000070000000000000007000000ffffff7f0900000007000000030000001c72905bbeb3e1b9c2f5dbf61b073d0628bcf09eefacfcb3e4cf4d6db085de4d455599e8957b5a20a22367be36545d596019b476708ec7c8cd85fe0b1453560a7bd8d2c2bd440ff01e7726917f1c28d9b21d8799c27f949affb7dcf287d4cbbfd40204ee2e5a4a35fb6ec6e395153cb12759e092b7b75cd383b5119e7fe361695f31209a6154501f2649c28647594dd577e8105472d9e0487204f6e0c8a9a402f9a0708490b7dca2a0af44f3e100000000003d4f2febb742acceb1a7798dad6624554fc246248fed5eb522bbcdafa9608ad24f369575e4d4bc2df571f99c321fa637cc0615250770bc38afc1e0e5dc95b7bc9e7ff4f211b7c999239b8aa23b30c26c5e62a3c5059315dbfaea181c07f32d7317afdde85debe24474a77989355715e9bfbd334a86edca6b564d0488258f5c92bb8aac6777773f40a20c72a1a1907d1e1cbf3e2ca318154ac66e97a96074065479bee781dc0541fad4c17dd8255eed748e87b6f7e1eda0", @ANYRES32=r12, @ANYBLOB="010000009c060000000000800500000007000100bde7d900f600010058508f7887a5c43badf98a24daba25887393fded0990e25b77ab89e302a290487b499634cf83f5f5a446361a9598122c4ef93afd117a611d77d3a9f83040c8d94399bb6eba92105b5ff90843b630ad5ddb81bbcb30b393d45c971a07e8aa7682ad6315714a6c241930c61b50ac6be048b2f3b123d3dbdf8f49f1b93a9a048ced8a2ace57e512ef2303002ad6c5f2c39826cbbaa40185a60580c451bece0f577c4c5c0e91314f632767b6e5f4a39437bf735def99e4d38a9d7fb63c53b7fa090c3a8985508f9de97cc993c8fbf371a2f96ae749befd4f682d8987bb0d8d3c712c88e3a869f4cdc77ecbce9f93c9293c58665a0000be0001001769f7cc060b9ac6d2bc11ac566165c14767730441dc1f6dc265eba04f080d2f87bbcb356d8d7937e12a86d4c1078c4ea93792f08f99a44a70f592c3218bc9bf6f7036545ad5348501e5f12d2c8b026eaf4b8a4ad8b2ecf34999be034273c2f724fe031e627c966067fec2f168b32837e8aa372a3d00c3a77fc8276c027e9332d3616f8caf3a67134e2819cce41b2b57b5acb53e275cf1f55000800e89868fc37fb528975d065a8a31d45da3781a2d7d35451a2868cf9dd2006c0000aa000100fbe75579f8816f4cca69b3f83d0aa9666b9e87b9d1b7cf8d58c1009d7b8c90a3447276f734f6cc6ba127b80aec05d97b671ccbd34e15c99c3753ce45feaa4dade92f82d3d72cb50f7ad97ca5dbd87a5d832cadbc97508047e966b3310cf734ac68905068dda42c4957f2b5e93a1522d89192dfbff441576b8528bca43e79be718270003cbb6ac65166da657bdcbe70cd1be91624a42e13d611e199ff683048ea4784d82deb98000049000100a806ae70f0ae23ded987050af365eccb824b0ea0e3718e39ccce493ef116fcf6eff8733879097c0524c267b50d88262a474639a22b5fa4e57eef36348e0b6e3aa09ae2efbc00000068000100350beda08e560bee89144f4d03d3de514b3616ddee7cc728186c173702e5d9c921407b8c86d41c9af35824d822be5ea45ab72719e6b06bb094a36f483be9f78ff2375ccbb990920a5940b8db9ae3a59215f845e5ff9462d1b464ce2326680feb286c6a72"], 0x36c}, 0x1, 0x0, 0x0, 0x20000080}, 0x4000004)
r14 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r15 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000900)='/dev/cuse\x00', 0x2, 0x0)
ftruncate(r15, 0x20000000200006)
sendfile(r7, r14, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r14, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:17 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20\x00', 0x1d5180, 0x0)
execveat(r2, &(0x7f0000000200)='./bus\x00', &(0x7f0000000480)=[&(0x7f0000000240)='lo#\x00', &(0x7f0000000280)=')0\x00', &(0x7f0000000300)='(vboxnet0bdev/trustedppp0#\x00', &(0x7f0000000340)='-\x00', &(0x7f0000000380)='](cpuset-]@md5sumppp1\x00', &(0x7f00000003c0)='xvmnet1)$]system\x00', &(0x7f0000000400)='\x00', &(0x7f0000000440)='\x00'], &(0x7f0000000780)=[&(0x7f00000004c0)='proccpuset!vboxnet1md5sum\x00', &(0x7f0000000500)='cgroup*vmnet1,\x00', &(0x7f0000000540)='-\x00', &(0x7f0000000580)='x\x14wlan1.\x00', &(0x7f00000006c0)='bdevuser(,mime_type\x00', &(0x7f0000000700)='\x00', &(0x7f0000000740)='[@vmnet1\x00'], 0x1000)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_VERSION(r4, 0xc0406400, &(0x7f0000000080)={0x2, 0x6a83, 0xffffff67, 0xd, &(0x7f0000000000)=""/13, 0x15, &(0x7f0000000040)=""/21, 0xa0, &(0x7f0000000100)=""/160})
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  806.910265][T24289] FAULT_INJECTION: forcing a failure.
[  806.910265][T24289] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  806.999951][T24289] CPU: 1 PID: 24289 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  807.008850][T24289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  807.019180][T24289] Call Trace:
[  807.022522][T24289]  dump_stack+0x11d/0x187
[  807.026867][T24289]  should_fail.cold+0x5/0xf
[  807.031426][T24289]  __alloc_pages_nodemask+0xcf/0x310
[  807.036747][T24289]  alloc_pages_current+0xca/0x170
[  807.041849][T24289]  __page_cache_alloc+0x17f/0x1a0
[  807.046878][T24289]  pagecache_get_page+0x251/0x700
[  807.051931][T24289]  grab_cache_page_write_begin+0x56/0x80
[  807.057598][T24289]  ext4_da_write_begin+0x1b4/0x860
[  807.063354][T24289]  generic_perform_write+0x13a/0x320
[  807.069051][T24289]  ext4_buffered_write_iter+0x14e/0x280
[  807.074632][T24289]  ext4_file_write_iter+0xf4/0xd30
[  807.079785][T24289]  ? common_file_perm+0x1d1/0x490
[  807.084833][T24289]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  807.090875][T24289]  do_iter_readv_writev+0x4a7/0x5d0
[  807.096179][T24289]  do_iter_write+0x137/0x3a0
[  807.100881][T24289]  ? __kmalloc+0x21c/0x640
[  807.106171][T24289]  ? iter_file_splice_write+0x120/0x830
[  807.111953][T24289]  vfs_iter_write+0x56/0x80
[  807.116637][T24289]  iter_file_splice_write+0x530/0x830
[  807.122104][T24289]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  807.128045][T24289]  direct_splice_actor+0x97/0xb0
[  807.133289][T24289]  splice_direct_to_actor+0x22f/0x540
[  807.138691][T24289]  ? generic_pipe_buf_nosteal+0x20/0x20
[  807.144457][T24289]  do_splice_direct+0x152/0x1d0
[  807.149517][T24289]  do_sendfile+0x396/0x810
[  807.154158][T24289]  __x64_sys_sendfile64+0x121/0x140
[  807.159667][T24289]  ? constant_test_bit+0xd/0x30
[  807.164633][T24289]  do_syscall_64+0xc7/0x390
[  807.169164][T24289]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  807.175183][T24289] RIP: 0033:0x45c479
[  807.179091][T24289] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  807.199314][T24289] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  807.207815][T24289] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  807.215818][T24289] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  807.223800][T24289] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  807.231813][T24289] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  807.239798][T24289] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000019
04:46:17 executing program 1 (fault-call:16 fault-nth:26):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  807.870681][T24314] FAULT_INJECTION: forcing a failure.
[  807.870681][T24314] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  807.906684][T24314] CPU: 0 PID: 24314 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  807.916151][T24314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  807.926466][T24314] Call Trace:
[  807.930886][T24314]  dump_stack+0x11d/0x187
[  807.935243][T24314]  should_fail.cold+0x5/0xf
[  807.939973][T24314]  __alloc_pages_nodemask+0xcf/0x310
[  807.946168][T24314]  alloc_pages_current+0xca/0x170
[  807.951941][T24314]  __page_cache_alloc+0x17f/0x1a0
[  807.957251][T24314]  pagecache_get_page+0x251/0x700
[  807.962297][T24314]  ? radix_tree_load_root+0xb3/0xf0
[  807.967636][T24314]  grab_cache_page_write_begin+0x56/0x80
[  807.973623][T24314]  ext4_da_write_begin+0x1b4/0x860
[  807.978773][T24314]  generic_perform_write+0x13a/0x320
[  807.984120][T24314]  ext4_buffered_write_iter+0x14e/0x280
[  807.989946][T24314]  ext4_file_write_iter+0xf4/0xd30
[  807.995267][T24314]  ? common_file_perm+0x1d1/0x490
[  808.000307][T24314]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  808.006451][T24314]  do_iter_readv_writev+0x4a7/0x5d0
[  808.011660][T24314]  do_iter_write+0x137/0x3a0
[  808.016443][T24314]  ? __kmalloc+0x21c/0x640
[  808.021765][T24314]  ? iter_file_splice_write+0x120/0x830
[  808.031807][T24314]  vfs_iter_write+0x56/0x80
[  808.036471][T24314]  iter_file_splice_write+0x530/0x830
[  808.042012][T24314]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  808.048809][T24314]  direct_splice_actor+0x97/0xb0
[  808.054065][T24314]  splice_direct_to_actor+0x22f/0x540
[  808.059862][T24314]  ? generic_pipe_buf_nosteal+0x20/0x20
[  808.065534][T24314]  do_splice_direct+0x152/0x1d0
[  808.070452][T24314]  do_sendfile+0x396/0x810
[  808.074876][T24314]  __x64_sys_sendfile64+0x121/0x140
[  808.080088][T24314]  do_syscall_64+0xc7/0x390
[  808.084618][T24314]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  808.090511][T24314] RIP: 0033:0x45c479
[  808.094475][T24314] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  808.114087][T24314] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  808.122619][T24314] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  808.130605][T24314] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  808.138664][T24314] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  808.146646][T24314] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  808.154645][T24314] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000001a
04:46:19 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000140)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:19 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0xc1)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000200)={0xfffffffc, 0x1, "822794d594257750461078c2b475c866da543d17a100fb845666bd5f2339b1b2602192d74cc7383f4e996cf390ab26da3d6629a8a62c459aa5fea409a85180cbc1f1c9f0da6f9174f05e7fb1619f254440fcf4b6716d98b6704a331d34c22568eb3e414eed8eaefd5cc48fad0dde684dff71f24c1699ce596be4abd47fac766523f0b6f6acae4082d6a4745a8f4834767c23debcece98b9546e3e20fe10fb17887cb00143e87ceb3c3ff8c28704d76a8c6706a9e8037e94cd4b029c952a299e57a4f0e95607ca809fac37f7877afe98a3854542837af08e819b7184254900d2484e4869a64160f9c66b6b7b6e8bc89fb8cc01dfc5f7a9bb5ca329f65e37f4add"})
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:19 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-vsock\x00', 0x2, 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
close(r2)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r7, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:19 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r3 = accept(r2, 0x0, &(0x7f0000000280))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00')
sendmsg$NL80211_CMD_GET_MPATH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x20, r5, 0x2468825185d9173d, 0x0, 0x0, {}, [@NL80211_ATTR_WDEV={0xc}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x3c, r5, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x40}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x20}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x4}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x3c}}, 0x20000800)

04:46:19 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d0)
getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f0000000100), &(0x7f0000000140)=0x8)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r0, r3, 0x0, 0x80001d00c0d0)
syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x5, 0x402200)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
getpeername$netrom(0xffffffffffffffff, &(0x7f0000000180)={{0x3, @default}, [@remote, @null, @rose, @default, @bcast, @remote, @default]}, &(0x7f0000000200)=0x48)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
connect$nfc_raw(r5, &(0x7f0000000240)={0x27, 0x1, 0x2, 0x4}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x8, &(0x7f0000000080)=[{0x8, 0x1b, 0x13, 0xfffffffd}, {0xfd, 0x3f, 0x4, 0x22}, {0xca2d, 0x1, 0x1, 0x1000}, {0x8001, 0x3f, 0x5, 0xffffa077}, {0x4003, 0x5, 0x1f, 0x6}, {0x7, 0xe0, 0x8, 0x6}, {0x6c, 0x1, 0x3, 0x80000001}, {0x2, 0x7, 0x3, 0x4}]})
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

04:46:19 executing program 1 (fault-call:16 fault-nth:27):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:19 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  809.053010][T24334] FAULT_INJECTION: forcing a failure.
[  809.053010][T24334] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  809.103837][T24334] CPU: 0 PID: 24334 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  809.112840][T24334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  809.124381][T24334] Call Trace:
[  809.127721][T24334]  dump_stack+0x11d/0x187
[  809.132167][T24334]  should_fail.cold+0x5/0xf
[  809.136777][T24334]  __alloc_pages_nodemask+0xcf/0x310
[  809.142212][T24334]  alloc_pages_current+0xca/0x170
[  809.147413][T24334]  __page_cache_alloc+0x17f/0x1a0
[  809.152468][T24334]  pagecache_get_page+0x251/0x700
[  809.157520][T24334]  ? radix_tree_load_root+0xb3/0xf0
[  809.162744][T24334]  grab_cache_page_write_begin+0x56/0x80
[  809.168421][T24334]  ext4_da_write_begin+0x1b4/0x860
[  809.173570][T24334]  generic_perform_write+0x13a/0x320
[  809.178953][T24334]  ext4_buffered_write_iter+0x14e/0x280
[  809.184748][T24334]  ext4_file_write_iter+0xf4/0xd30
[  809.190340][T24334]  ? common_file_perm+0x1d1/0x490
[  809.195557][T24334]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  809.201711][T24334]  do_iter_readv_writev+0x4a7/0x5d0
[  809.207296][T24334]  do_iter_write+0x137/0x3a0
[  809.211915][T24334]  ? __kmalloc+0x21c/0x640
[  809.216363][T24334]  ? iter_file_splice_write+0x120/0x830
[  809.222051][T24334]  vfs_iter_write+0x56/0x80
[  809.226582][T24334]  iter_file_splice_write+0x530/0x830
[  809.231996][T24334]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  809.237920][T24334]  direct_splice_actor+0x97/0xb0
[  809.243245][T24334]  splice_direct_to_actor+0x22f/0x540
[  809.248766][T24334]  ? generic_pipe_buf_nosteal+0x20/0x20
[  809.254464][T24334]  do_splice_direct+0x152/0x1d0
[  809.259397][T24334]  do_sendfile+0x396/0x810
[  809.263918][T24334]  __x64_sys_sendfile64+0x121/0x140
[  809.269170][T24334]  do_syscall_64+0xc7/0x390
[  809.273910][T24334]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  809.279955][T24334] RIP: 0033:0x45c479
[  809.283989][T24334] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  809.303618][T24334] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  809.312073][T24334] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  809.320362][T24334] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  809.328447][T24334] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  809.336509][T24334] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  809.344487][T24334] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000001b
04:46:19 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sync_file_range(r2, 0xb0000000000000, 0x6, 0x2)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00')
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000480)={0x18, r6, 0x703, 0x0, 0x0, {0x4}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}}, 0x0)
ftruncate(r4, 0x200004)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r7 = socket(0x10, 0x80002, 0x0)
ioctl(r7, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r9 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$revoke(0x3, r9)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000004c0)={'syz', 0x3}, 0x0, 0x0, r9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)

04:46:19 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:19 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
recvmsg$can_j1939(r1, &(0x7f0000000580)={&(0x7f00000001c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000240)=""/54, 0x36}, {&(0x7f0000000280)=""/13, 0xffffffffffffff26}, {&(0x7f00000002c0)=""/188, 0xbc}, {&(0x7f0000000380)=""/31, 0x1f}, {&(0x7f00000003c0)=""/116, 0x74}, {&(0x7f0000000440)=""/103, 0x67}], 0x6, &(0x7f0000000540)=""/43, 0x2b}, 0x81)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000700)={@in={{0x2, 0x4e23, @broadcast}}, 0x0, 0x0, 0x32, 0x0, "f864cc188e5bfa57fe71a7f77e9a82872ff05912e5dd316cc2ba1e39bad16c6dcba8d38cd62a55b564891a85148fadf529a899cf757e7734ced675eab3b8e3d0c3d4b42b4116ded00eed5dd426f4f2eb"}, 0xd8)
close(r4)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = accept4(0xffffffffffffffff, &(0x7f0000000640)=@nfc_llcp, &(0x7f00000006c0)=0x80, 0x100000)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r6, 0x84, 0x4, &(0x7f00000005c0), &(0x7f0000000600)=0xfffffffffffffd92)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/meminfo\x00', 0x0, 0x0)
getsockopt$inet6_buf(r7, 0x29, 0x6, &(0x7f0000000100)=""/101, &(0x7f0000000180)=0x65)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
ioctl$KVM_GET_TSC_KHZ(r3, 0xaea3)

04:46:19 executing program 1 (fault-call:16 fault-nth:28):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:19 executing program 0:
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xffffffff, 0x8202)
ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000500)={0x8, 0x3})
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r1, 0x0, 0x2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r5 = socket(0x10, 0x80002, 0x0)
ioctl(r5, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r5, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x8)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r1, r2, 0x0, 0x20008)

[  809.828614][T24365] FAULT_INJECTION: forcing a failure.
[  809.828614][T24365] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  809.847532][T24365] CPU: 1 PID: 24365 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  809.858962][T24365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  809.870292][T24365] Call Trace:
[  809.873610][T24365]  dump_stack+0x11d/0x187
[  809.877942][T24365]  should_fail.cold+0x5/0xf
[  809.882458][T24365]  __alloc_pages_nodemask+0xcf/0x310
[  809.888524][T24365]  alloc_pages_current+0xca/0x170
[  809.894294][T24365]  __page_cache_alloc+0x17f/0x1a0
[  809.899472][T24365]  pagecache_get_page+0x251/0x700
[  809.904721][T24365]  ? radix_tree_load_root+0xb3/0xf0
[  809.910039][T24365]  grab_cache_page_write_begin+0x56/0x80
[  809.915907][T24365]  ext4_da_write_begin+0x1b4/0x860
[  809.921062][T24365]  generic_perform_write+0x13a/0x320
[  809.926428][T24365]  ext4_buffered_write_iter+0x14e/0x280
[  809.932158][T24365]  ext4_file_write_iter+0xf4/0xd30
[  809.937278][T24365]  ? common_file_perm+0x1d1/0x490
[  809.942303][T24365]  do_iter_readv_writev+0x4a7/0x5d0
[  809.947528][T24365]  do_iter_write+0x137/0x3a0
[  809.952125][T24365]  ? __kmalloc+0x21c/0x640
[  809.956595][T24365]  ? iter_file_splice_write+0x120/0x830
[  809.962321][T24365]  vfs_iter_write+0x56/0x80
[  809.966814][T24365]  iter_file_splice_write+0x530/0x830
[  809.972190][T24365]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  809.978268][T24365]  direct_splice_actor+0x97/0xb0
[  809.983473][T24365]  splice_direct_to_actor+0x22f/0x540
[  809.988893][T24365]  ? generic_pipe_buf_nosteal+0x20/0x20
[  809.994627][T24365]  do_splice_direct+0x152/0x1d0
[  809.999588][T24365]  do_sendfile+0x396/0x810
[  810.004115][T24365]  __x64_sys_sendfile64+0x121/0x140
[  810.009386][T24365]  do_syscall_64+0xc7/0x390
[  810.014063][T24365]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  810.019968][T24365] RIP: 0033:0x45c479
[  810.023994][T24365] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  810.043807][T24365] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  810.052567][T24365] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  810.060704][T24365] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  810.068708][T24365] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  810.076743][T24365] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  810.084711][T24365] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000001c
04:46:22 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000140)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:22 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
setsockopt$sock_int(r6, 0x1, 0x3, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:22 executing program 0:
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x2)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r3 = socket(0x10, 0x80002, 0x0)
ioctl(r3, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
r5 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r6 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$revoke(0x3, r6)
r7 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000500)={'syz', 0x3}, &(0x7f0000000540)="f333388b837f4e5d145a41b27dc8f4e59205dd9ca18ce96208c68787231edd2ee0e4589932d7e923a76f956c8c7745a2ca0549c165b5cdc4ffb71bfd7ef001905939a7feb47877bf13a617d9a50cc66b2dee90d54aeab15d16e755e07097eba8febfb927c015c09aab09508b9dbe6f9229d9ce54f1f21dd4cabdf75536f0f2e17942cdef2de79eb04ce797930194d07d0bf0cf069a27e68c8071da279eb58e10c61b12482703312e7d71897ad161066c3f754e74674a988e5a33083fcc8a0a7687b7b775a72d9afb171cabdc7352cb453f5ed4a04eeb1b5d4cba38fe3990619e67df3e84bb8635250fc6f5d80ca1700f5bf8eff28e8528dee454ff", 0xfb, r6)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000640)={r7, 0xea, 0x57}, &(0x7f0000000680)={'enc=', 'raw', ' hash=', {'crct10dif-generic\x00'}}, &(0x7f0000000700)="8f62ad86da2640cdf482f02b3c9e380c41dcf52baa769362bfa2746e5f927519fd575786fbb50b3e1440b69e63d1a44ef7d427f64fc325ebc1094933e47742502ee302839bca37e50c78fc53caf110d080523c7701e8399f4ec1763e9725196fd8ed2689d39eea95f1f10bcd792ad1ab93fcb328ae58c47aaaef36cad3b2623a7ad7a9f6066b3422a4789de8d4d4af650549d7e301b580c9daca9f87aa9e45ade0213afce863e54832c020a55f070cd48d430cfecd5f0368d1d7a61abdf5ef5656df5a467edcff1efc5d36da6e28ef33281964e8fdaaff976079d5b5ec6e812194286e419a22abd84cac", &(0x7f0000000800)=""/87)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(0xffffffffffffffff, r0, 0x0, 0x20008)

04:46:22 executing program 1 (fault-call:16 fault-nth:29):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:22 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x8)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = request_key(&(0x7f0000000040)='rxrpc_s\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)='em0\x00', 0xfffffffffffffffb)
r5 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$revoke(0x3, r5)
keyctl$instantiate(0xc, r4, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'posix_acl_accesscpuset)'}, 0x2f, r5)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

[  812.067007][   T27] kauditd_printk_skb: 70 callbacks suppressed
[  812.067022][   T27] audit: type=1800 audit(1583210782.334:7690): pid=24382 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17298 res=0
[  812.116619][   T27] audit: type=1804 audit(1583210782.354:7691): pid=24381 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/526/bus" dev="sda1" ino=17329 res=1
[  812.158173][   T27] audit: type=1800 audit(1583210782.354:7692): pid=24381 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17329 res=0
[  812.180548][T24390] FAULT_INJECTION: forcing a failure.
[  812.180548][T24390] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  812.195861][T24390] CPU: 0 PID: 24390 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  812.205143][T24390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  812.215295][T24390] Call Trace:
[  812.218631][T24390]  dump_stack+0x11d/0x187
[  812.223166][T24390]  should_fail.cold+0x5/0xf
[  812.227708][T24390]  __alloc_pages_nodemask+0xcf/0x310
[  812.233032][T24390]  alloc_pages_current+0xca/0x170
[  812.238267][T24390]  __page_cache_alloc+0x17f/0x1a0
[  812.243329][T24390]  pagecache_get_page+0x251/0x700
[  812.248500][T24390]  ? radix_tree_load_root+0xb3/0xf0
[  812.253871][T24390]  grab_cache_page_write_begin+0x56/0x80
[  812.259670][T24390]  ext4_da_write_begin+0x1b4/0x860
[  812.264817][T24390]  generic_perform_write+0x13a/0x320
[  812.270293][T24390]  ext4_buffered_write_iter+0x14e/0x280
[  812.275874][T24390]  ext4_file_write_iter+0xf4/0xd30
[  812.283969][T24390]  ? common_file_perm+0x1d1/0x490
[  812.289159][T24390]  do_iter_readv_writev+0x4a7/0x5d0
[  812.294393][T24390]  do_iter_write+0x137/0x3a0
[  812.299008][T24390]  ? __kmalloc+0x21c/0x640
[  812.303440][T24390]  ? iter_file_splice_write+0x120/0x830
[  812.309161][T24390]  vfs_iter_write+0x56/0x80
[  812.313703][T24390]  iter_file_splice_write+0x530/0x830
[  812.319155][T24390]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  812.324983][T24390]  direct_splice_actor+0x97/0xb0
[  812.329949][T24390]  splice_direct_to_actor+0x22f/0x540
[  812.335605][T24390]  ? generic_pipe_buf_nosteal+0x20/0x20
[  812.341173][T24390]  do_splice_direct+0x152/0x1d0
[  812.346239][T24390]  do_sendfile+0x396/0x810
[  812.350695][T24390]  __x64_sys_sendfile64+0x121/0x140
[  812.355916][T24390]  do_syscall_64+0xc7/0x390
[  812.360618][T24390]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  812.366513][T24390] RIP: 0033:0x45c479
[  812.370428][T24390] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  812.390044][T24390] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  812.398475][T24390] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
04:46:22 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:46:22 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
fcntl$setstatus(r1, 0x4, 0x400)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x9c541, 0x0)
lseek(r0, 0x0, 0x2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x24}]})
r5 = socket(0x10, 0x80002, 0x0)
ioctl(r5, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r5, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf2508000300000000000800450073727000080045007372700008000300039ff9fe1a0003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="0000000010000000000000000000110000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x80)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000500)=0xd, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r2, 0x0, 0x20008)

[  812.406454][T24390] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  812.414439][T24390] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  812.422424][T24390] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  812.430413][T24390] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000001d
[  812.471660][   T27] audit: type=1804 audit(1583210782.364:7693): pid=24381 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/526/bus" dev="sda1" ino=17329 res=1
[  812.554709][   T27] audit: type=1804 audit(1583210782.374:7694): pid=24382 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/565/bus" dev="sda1" ino=17298 res=1
[  812.598139][   T27] audit: type=1804 audit(1583210782.384:7695): pid=24382 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/565/bus" dev="sda1" ino=17298 res=1
[  812.640407][   T27] audit: type=1804 audit(1583210782.384:7696): pid=24382 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/565/bus" dev="sda1" ino=17298 res=1
[  812.667246][   T27] audit: type=1800 audit(1583210782.474:7697): pid=24382 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17298 res=0
04:46:23 executing program 1 (fault-call:16 fault-nth:30):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:23 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000080)='./bus\x00', 0x4000, 0xb3)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:23 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x40000002, 0x0)

[  812.977208][   T27] audit: type=1804 audit(1583210783.244:7698): pid=24412 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/527/bus" dev="sda1" ino=17217 res=1
[  813.022171][   T27] audit: type=1800 audit(1583210783.244:7699): pid=24412 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17217 res=0
[  813.052999][T24414] FAULT_INJECTION: forcing a failure.
[  813.052999][T24414] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  813.069904][T24414] CPU: 0 PID: 24414 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  813.078607][T24414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  813.088671][T24414] Call Trace:
[  813.091984][T24414]  dump_stack+0x11d/0x187
[  813.096417][T24414]  should_fail.cold+0x5/0xf
[  813.100949][T24414]  __alloc_pages_nodemask+0xcf/0x310
[  813.106432][T24414]  alloc_pages_current+0xca/0x170
[  813.111599][T24414]  __page_cache_alloc+0x17f/0x1a0
[  813.116754][T24414]  pagecache_get_page+0x251/0x700
[  813.121805][T24414]  ? radix_tree_load_root+0xb3/0xf0
[  813.127276][T24414]  grab_cache_page_write_begin+0x56/0x80
[  813.133164][T24414]  ext4_da_write_begin+0x1b4/0x860
[  813.138384][T24414]  generic_perform_write+0x13a/0x320
[  813.143715][T24414]  ext4_buffered_write_iter+0x14e/0x280
[  813.149308][T24414]  ext4_file_write_iter+0xf4/0xd30
[  813.154558][T24414]  ? common_file_perm+0x1d1/0x490
[  813.159710][T24414]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  813.165762][T24414]  do_iter_readv_writev+0x4a7/0x5d0
[  813.171191][T24414]  do_iter_write+0x137/0x3a0
[  813.175833][T24414]  ? __kmalloc+0x21c/0x640
[  813.180301][T24414]  ? iter_file_splice_write+0x120/0x830
[  813.185969][T24414]  vfs_iter_write+0x56/0x80
[  813.190589][T24414]  iter_file_splice_write+0x530/0x830
[  813.196531][T24414]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  813.202871][T24414]  direct_splice_actor+0x97/0xb0
[  813.207970][T24414]  splice_direct_to_actor+0x22f/0x540
[  813.214768][T24414]  ? generic_pipe_buf_nosteal+0x20/0x20
[  813.220403][T24414]  do_splice_direct+0x152/0x1d0
[  813.225283][T24414]  do_sendfile+0x396/0x810
[  813.229933][T24414]  __x64_sys_sendfile64+0x121/0x140
[  813.235238][T24414]  do_syscall_64+0xc7/0x390
[  813.239771][T24414]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  813.246072][T24414] RIP: 0033:0x45c479
[  813.249985][T24414] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  813.269750][T24414] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  813.278301][T24414] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  813.286433][T24414] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  813.294413][T24414] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  813.302401][T24414] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  813.310470][T24414] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000001e
04:46:23 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r7, 0x80845663, &(0x7f0000000500))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0xff)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:23 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, 0x0, 0x100000000)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000100)='./bus/file0\x00', 0x141042, 0x52ca5156537886ee)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f0000000080)={0x1ff, 0x7, 0x1000, {0x4a1, 0x5}, 0x3, 0x100})
close(r2)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(0xffffffffffffffff, 0x100)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$BLKBSZGET(r6, 0x80081270, &(0x7f0000000040))
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r7, 0x0, 0x80001d00c0d0)

04:46:25 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000140)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:25 executing program 1 (fault-call:16 fault-nth:31):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:25 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)="d8008a1700aad744317f29fd5857cb597d0b75b17c0fa67801236131e5e64980185ac87a41db95b977db1d7cb4535d27", 0x30, 0xfffffffffffffffd)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000100)={r1, 0x2d, 0xb5}, &(0x7f0000000140)={'enc=', 'oaep', ' hash=', {'blake2s-224\x00'}}, &(0x7f00000001c0)="8e8f0b3fa17af88f4e5ab33851c866e8ad46c92f45175752b2deb78c16fe319c954e8d6aa3235cc86954401ae8", &(0x7f0000000200)="11ec18f444914e01c2eed5d8458bb85d8cee907c170d0f1a5f74f222836daf87f8a1f658b9ca823f24b9682e3251a5144331b910c33f7ce22337cc004ae1bf7fc95f68e8a7e98a23af4c2ad51f774b7f83b55b2822985254825db75d936e1c21939e6255c8df1f5bc7d55cb874f6b58512f1d75513f898b08a17e5cc98301d087c038f6a4e6613f11e26fea60bce732aecedd5b5c5aa2a47dd9181a95aa3dcced8d344e49f5751bce17f4bf6a6b4194d3660c2e78b")
close(r0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r0, r2, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x4, 0x4800)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
ioctl$KDSKBMETA(r5, 0x4b63, &(0x7f0000000300)=0x3)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
sendfile(r4, r6, 0x0, 0x996c)

04:46:25 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x9, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r8, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf250800030000000000080045007372700008004500ee31c3bcd8d73093d74cb66f4a8b1f887372700008000300030000000800030e1274c90000000000080003000000000008000300"], 0x1}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r9 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="00000000100000e594ad9de400"/25, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
ioctl$TUNGETDEVNETNS(r11, 0x54e3, 0x0)
r12 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r13 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r13)
r14 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r14, 0x200004)
sendfile(r13, r14, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r14, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r12, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:25 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0)
recvfrom$l2tp6(r2, &(0x7f0000000040)=""/40, 0x28, 0x1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:25 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000240)={<r6=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000280)={r6})
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f00000000c0)={0x7}, 0x4)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
r10 = dup(r8)
ioctl$LOOP_CLR_FD(r10, 0x4c01)
sendfile(r0, r1, 0x0, 0x20008)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000200)={r2})
r11 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r11, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r12=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000004c0)=ANY=[@ANYRES32=r12, @ANYBLOB="adbfce6200aa2d0457d2a7d50d0d13e7499de382bd948a13807db07219900000000000000000756c7a601e1cf211d6893a2d6eca016a7d694519bb761e57f846f066d20a03000093593907003f81b54ba037f8872035cc5973fa8416e9070000002e91792f79cb4c9cd9becaa89c07502b5d6975e0621539da5817c78c6b186b07f3aebb7688ec6f705468657fc979829f5f697a37f05005feb16f63a69a452ff6f860c9f5aa5c085c99677d9b02c0febc4ab707df9c8a21cbcac9d9301b0ccbeffff1dfed86034a2e42f902f73347c10f3faccda4811d497676ef6009076ccaf76712e33d3f6bae9791c6ccea39511bbaf06cf850e99f6d86d203f9b787eda81f0056a59c20fbf29f4e1f8c210e6158ee1cf0bb645ffb74f70982983d8d067ce17d674287e68664a9b2487ac1752346e943217e3d4858157c6ea987456401e07be6fc58ce653dfe93a1a3ee86f3d8d63b7965df71910aa6e119e1b42fb70f32af331c8597e9c80d15c284dce00f221e8199eb40055a53be1a3507df9422d856fee8f1cf7c21a5148fa553840a0b95ebf87d1310f66b04ea256a31893cafc60c77d258067466462e4ba69f0a8dc85fdcaa537f948b3a7fc9b2d4eaa996"], 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000140)={r12, 0x1, 0x10, 0x5, 0x6}, &(0x7f0000000180)=0x18)

04:46:25 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
dup(r3)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$binfmt_elf64(r5, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  815.287837][T24455] FAULT_INJECTION: forcing a failure.
[  815.287837][T24455] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  815.364330][T24455] CPU: 1 PID: 24455 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  815.373106][T24455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  815.383253][T24455] Call Trace:
[  815.386580][T24455]  dump_stack+0x11d/0x187
[  815.390931][T24455]  should_fail.cold+0x5/0xf
[  815.395563][T24455]  __alloc_pages_nodemask+0xcf/0x310
[  815.400910][T24455]  alloc_pages_current+0xca/0x170
[  815.406097][T24455]  __page_cache_alloc+0x17f/0x1a0
[  815.411139][T24455]  pagecache_get_page+0x251/0x700
[  815.416185][T24455]  ? radix_tree_load_root+0xb3/0xf0
[  815.421412][T24455]  grab_cache_page_write_begin+0x56/0x80
[  815.427065][T24455]  ext4_da_write_begin+0x1b4/0x860
[  815.432386][T24455]  generic_perform_write+0x13a/0x320
[  815.437729][T24455]  ext4_buffered_write_iter+0x14e/0x280
[  815.443422][T24455]  ext4_file_write_iter+0xf4/0xd30
[  815.448670][T24455]  ? common_file_perm+0x1d1/0x490
[  815.453904][T24455]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  815.459972][T24455]  do_iter_readv_writev+0x4a7/0x5d0
[  815.465667][T24455]  do_iter_write+0x137/0x3a0
[  815.470402][T24455]  ? __kmalloc+0x21c/0x640
[  815.474850][T24455]  ? iter_file_splice_write+0x120/0x830
[  815.480512][T24455]  vfs_iter_write+0x56/0x80
[  815.485017][T24455]  iter_file_splice_write+0x530/0x830
[  815.490544][T24455]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  815.496513][T24455]  direct_splice_actor+0x97/0xb0
[  815.501564][T24455]  splice_direct_to_actor+0x22f/0x540
[  815.506987][T24455]  ? generic_pipe_buf_nosteal+0x20/0x20
[  815.512599][T24455]  do_splice_direct+0x152/0x1d0
[  815.517714][T24455]  do_sendfile+0x396/0x810
[  815.523830][T24455]  __x64_sys_sendfile64+0x121/0x140
[  815.529965][T24455]  do_syscall_64+0xc7/0x390
[  815.534708][T24455]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  815.540627][T24455] RIP: 0033:0x45c479
[  815.544595][T24455] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  815.564748][T24455] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  815.574648][T24455] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  815.582903][T24455] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  815.591184][T24455] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  815.599270][T24455] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  815.607810][T24455] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000001f
04:46:26 executing program 1 (fault-call:16 fault-nth:32):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:26 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)=@deltaction={0x1a0, 0x31, 0x10, 0x70bd25, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}, @TCA_ACT_TAB={0x4}, @TCA_ACT_TAB={0x2c, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3f}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x343b}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @TCA_ACT_TAB={0x50, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffa}}, {0x14, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}]}, @TCA_ACT_TAB={0x5c, 0x1, [{0x10, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0x14, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xa9f}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @TCA_ACT_TAB={0x18, 0x1, [{0x14, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @TCA_ACT_TAB={0x84, 0x1, [{0x14, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0x10, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x48001}, 0x400c081)

04:46:26 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x100)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  816.119621][T24473] FAULT_INJECTION: forcing a failure.
[  816.119621][T24473] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  816.147656][T24473] CPU: 1 PID: 24473 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  816.156514][T24473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  816.166597][T24473] Call Trace:
[  816.170048][T24473]  dump_stack+0x11d/0x187
[  816.174400][T24473]  should_fail.cold+0x5/0xf
[  816.178932][T24473]  __alloc_pages_nodemask+0xcf/0x310
[  816.184239][T24473]  alloc_pages_current+0xca/0x170
[  816.189284][T24473]  __page_cache_alloc+0x17f/0x1a0
[  816.194321][T24473]  pagecache_get_page+0x251/0x700
[  816.199362][T24473]  ? radix_tree_load_root+0xb3/0xf0
[  816.204736][T24473]  grab_cache_page_write_begin+0x56/0x80
[  816.210520][T24473]  ext4_da_write_begin+0x1b4/0x860
[  816.215712][T24473]  generic_perform_write+0x13a/0x320
[  816.221129][T24473]  ext4_buffered_write_iter+0x14e/0x280
[  816.226720][T24473]  ext4_file_write_iter+0xf4/0xd30
[  816.231940][T24473]  ? common_file_perm+0x1d1/0x490
[  816.236988][T24473]  do_iter_readv_writev+0x4a7/0x5d0
[  816.242216][T24473]  do_iter_write+0x137/0x3a0
[  816.246836][T24473]  ? __kmalloc+0x21c/0x640
[  816.251400][T24473]  ? iter_file_splice_write+0x120/0x830
[  816.257083][T24473]  vfs_iter_write+0x56/0x80
[  816.261703][T24473]  iter_file_splice_write+0x530/0x830
[  816.267224][T24473]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  816.273052][T24473]  direct_splice_actor+0x97/0xb0
[  816.278134][T24473]  splice_direct_to_actor+0x22f/0x540
[  816.283631][T24473]  ? generic_pipe_buf_nosteal+0x20/0x20
[  816.292668][T24473]  do_splice_direct+0x152/0x1d0
[  816.297644][T24473]  do_sendfile+0x396/0x810
[  816.303064][T24473]  __x64_sys_sendfile64+0x121/0x140
[  816.308647][T24473]  do_syscall_64+0xc7/0x390
[  816.313555][T24473]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  816.321733][T24473] RIP: 0033:0x45c479
[  816.326388][T24473] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  816.348423][T24473] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  816.357019][T24473] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
04:46:26 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf250800030000000000080045007372700008004500737270000800030003000000080003000000000008000300000000000800030001000000cdc2f46c2edd135ceaa6a2b83bfda7b54ba6c78992269f2e46598b89537c80c9b0f63bb297337fddba9eac4a7a8d7bfa6aca38761258eda09798aa6a0fdf8951d284fafb909ffe6272795edaa944f0f91077c389d0b3d2434f9b5d74bd7fde333fb284650772a0e1e0986c002387ef75853ca20a3220ac5c76c57727cf89a28c0fb1b6626b602f2c40325cd7a60063d705ec6ed13a4e7f8ba8779180f3f161d85c0a734e2294088b871353d442a48217da1df76d94fa05220d07fb37418301debb598418bc4aaa90c7e89cf0250827a7543351d9ea0806d311324aaee10ed19f8b3fcf8a4954fe214b4b26dd6576e6222a0953b55b41df5b6ecd3cd0f6a838a0463b33900ba91ff716833eac86b92e58407fd5ab170d8359452fa70096ce9a5e09fe88f0e7e86b83546ed582a93f78fc31cba246e398da5758e9db02e1fd5e699237e648125b109d27b9ade2a82debef40674abd3d48967abb9e5892d188b2ffb5679d685d5923f47770df4c7c66cb2dbc694bb7a4e0c34eceac458979d128f1fca605c591b006b8795e131c72bc7155fdd28d51744706f7419cc3a42e9d8826454e4adee4ccd9094a69117abd2162e18e1a95fdc292495e0ae9356b3307e9d6ca942979ee31bd21d2e93f1ad339429e90cb02152ac2b1886cc33cbae4996f8a8b2d7c8cc307bc9badd09f8ceed298a9b140055e15f3747e36a3c6c5d8348f2037a838d6fa3dcff1ecf8801104f7fc18eb4a6b2da7863d766e1ce82f67436f384024a69071bfa7df6e9f3142c61e19dfbf9d8b2ed17d74d2a591ec05ddadb20dd3785fa96fab9ecff77cc4df483229d39294e7834a05179291f9a34764f3943d4245317e31ffcf0c8b3fba1ae827091a302a0712cb592069da07e3d8329e348e8644bfa5d4572a1692933eb030a1908f0a4ce30d18035c6fb86f4bec2c1d8bf6e22713bdb5a56012f7f9218d2d802a4ec7c94744b96fa6c8e901bb77dd5bff4a8191d8aaf16faaf309ebbe74"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x200000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000500), 0x0, 0x3}}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:26 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f00000000c0)=0xfffffffe, 0x4)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  816.365004][T24473] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  816.373355][T24473] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  816.381444][T24473] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  816.389521][T24473] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000020
04:46:28 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000140)=""/73, 0x49}], 0x2, 0x0, 0x0, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:28 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e22, 0x1, @remote, 0x7f}, 0x1c)
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.evm\x00', &(0x7f0000000080)=@ng={0x4, 0x9, "f4ff9098c602c6bb401f1177a5b0b63be522dd8e"}, 0x16, 0x2)
recvmmsg(r1, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000000140)=""/222, 0xde}, {&(0x7f0000000240)=""/73, 0x49}], 0x4, &(0x7f0000000340)=""/16, 0x10}, 0x1}, {{0x0, 0x0, &(0x7f0000002840)=[{&(0x7f0000000380)=""/223, 0xa0}, {&(0x7f0000000480)=""/50, 0x32}, {&(0x7f00000016c0)=""/4096, 0x1000}, {&(0x7f00000004c0)=""/230, 0xe6}, {&(0x7f00000026c0)=""/74, 0x4a}, {&(0x7f0000002740)=""/204, 0xcc}], 0x6, &(0x7f00000028c0)=""/150, 0x96}, 0xff}, {{&(0x7f0000002980), 0x80, &(0x7f0000002a80)=[{&(0x7f0000002a00)=""/116, 0x74}], 0x1, &(0x7f0000002c40)=""/65, 0x41}, 0x5}], 0x4, 0x0, 0x0)

04:46:28 executing program 1 (fault-call:16 fault-nth:33):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:28 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={<r5=>0x0}, &(0x7f0000000140)=0xc)
fcntl$lock(r2, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x5, 0x2, r5})
sendfile(r0, r1, 0x0, 0x20008)

04:46:28 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d0)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000200)='trusted.overlay.origin\x00', &(0x7f0000000240)='y\x00', 0x2, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
setsockopt$inet_tcp_int(r6, 0x6, 0x7, &(0x7f0000000140)=0x401, 0x4)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000002c0)=@assoc_value={<r7=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000500)=ANY=[@ANYRES32=r7, @ANYBLOB="e4335d563e60e47c3ae11c0004d536ceecc0341da054099f877a51902f1d5ec680b1fb438477b86c2420680bf674c06119a749be2b1b42d5065349b35ab17cf209873b567ae985ac0c37c46da04277f970d799e86bbc09ab099eb4f3f933c715d9c89972ca1834d98200000000efa46d9d1b368e2cd2b1e2f88eab74d68a0fb2283c672d67c271a7aaf65f42dfcc781d00000000000000000000000035f67e1d6ac9aa5f7751a2242e3c45dccb4dbdac4cc37de620df5018a269cd2b4456e10b33e57cd9da8e260e1dbbd02821185860017f784c03bfec83fa02fafe121d001a9e2d92b12d211dbd24bb20ce6210f8efe2722694ca7ed0d28a53a159c17fdd72aa253ec877de06f11db41cd26730a132973bab513f0dcb365c0ec0f3ac0efbfdd7545aa80fb7cdf5ec7977f6a2dac72d0ca3e49cc9ce72bd2d17ae7a85cf9ea6ac5e"], 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000040)={r7, @in={{0x2, 0x4e22, @multicast2}}, 0x9, 0x3}, &(0x7f0000000100)=0x90)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r0, r8, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)

04:46:28 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x200100, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  818.256955][   T27] kauditd_printk_skb: 64 callbacks suppressed
[  818.256976][   T27] audit: type=1804 audit(1583210788.524:7764): pid=24507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/619/bus" dev="sda1" ino=17413 res=1
[  818.294521][   T27] audit: type=1800 audit(1583210788.524:7765): pid=24507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17413 res=0
[  818.320980][   T27] audit: type=1804 audit(1583210788.524:7766): pid=24508 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/530/bus" dev="sda1" ino=17414 res=1
[  818.337669][T24514] FAULT_INJECTION: forcing a failure.
[  818.337669][T24514] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  818.355365][   T27] audit: type=1800 audit(1583210788.524:7767): pid=24508 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17414 res=0
[  818.364670][T24514] CPU: 1 PID: 24514 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  818.383254][   T27] audit: type=1804 audit(1583210788.534:7768): pid=24509 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/571/bus" dev="sda1" ino=17415 res=1
[  818.390339][T24514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  818.390345][T24514] Call Trace:
[  818.390413][T24514]  dump_stack+0x11d/0x187
[  818.390457][T24514]  should_fail.cold+0x5/0xf
[  818.419085][   T27] audit: type=1800 audit(1583210788.534:7770): pid=24509 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17415 res=0
[  818.426165][T24514]  __alloc_pages_nodemask+0xcf/0x310
[  818.426195][T24514]  alloc_pages_current+0xca/0x170
[  818.430176][   T27] audit: type=1804 audit(1583210788.534:7771): pid=24508 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/530/bus" dev="sda1" ino=17414 res=1
[  818.433926][T24514]  __page_cache_alloc+0x17f/0x1a0
[  818.433948][T24514]  pagecache_get_page+0x251/0x700
[  818.433967][T24514]  ? radix_tree_load_root+0xb3/0xf0
[  818.438725][   T27] audit: type=1804 audit(1583210788.534:7769): pid=24507 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/619/bus" dev="sda1" ino=17413 res=1
[  818.458969][T24514]  grab_cache_page_write_begin+0x56/0x80
[  818.458989][T24514]  ext4_da_write_begin+0x1b4/0x860
[  818.459021][T24514]  generic_perform_write+0x13a/0x320
[  818.459131][T24514]  ext4_buffered_write_iter+0x14e/0x280
[  818.469819][   T27] audit: type=1804 audit(1583210788.554:7772): pid=24509 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/571/bus" dev="sda1" ino=17415 res=1
[  818.493748][T24514]  ext4_file_write_iter+0xf4/0xd30
[  818.493777][T24514]  ? common_file_perm+0x1d1/0x490
[  818.493811][T24514]  do_iter_readv_writev+0x4a7/0x5d0
[  818.498973][   T27] audit: type=1804 audit(1583210788.554:7773): pid=24509 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/571/bus" dev="sda1" ino=17415 res=1
[  818.504002][T24514]  do_iter_write+0x137/0x3a0
[  818.504023][T24514]  ? __kmalloc+0x21c/0x640
[  818.504041][T24514]  ? iter_file_splice_write+0x120/0x830
[  818.504062][T24514]  vfs_iter_write+0x56/0x80
[  818.504142][T24514]  iter_file_splice_write+0x530/0x830
[  818.504180][T24514]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  818.651445][T24514]  direct_splice_actor+0x97/0xb0
[  818.656374][T24514]  splice_direct_to_actor+0x22f/0x540
[  818.661750][T24514]  ? generic_pipe_buf_nosteal+0x20/0x20
[  818.667481][T24514]  do_splice_direct+0x152/0x1d0
[  818.672812][T24514]  do_sendfile+0x396/0x810
[  818.677228][T24514]  __x64_sys_sendfile64+0x121/0x140
[  818.682532][T24514]  do_syscall_64+0xc7/0x390
[  818.687073][T24514]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  818.693352][T24514] RIP: 0033:0x45c479
[  818.697239][T24514] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  818.717361][T24514] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  818.728407][T24514] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  818.736584][T24514] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  818.744888][T24514] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  818.753050][T24514] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  818.761811][T24514] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000021
04:46:29 executing program 1 (fault-call:16 fault-nth:34):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:29 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_S_AUDIO(r7, 0x40345622, &(0x7f0000000080)={0x1, "6f2a8d419f3a9fe9c45c20c8f9e240cc7d75ed267f91f678b7189e0b5c774d0b", 0x3, 0x1})
r8 = open(&(0x7f0000000180)='./bus\x00', 0x400002, 0x78)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:29 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f00000000c0)={0x1, 0x0, 0x3ff, 0x2, 0x3})
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:29 executing program 3:
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x60401, 0x2)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, 0xffffffffffffffff, &(0x7f0000000040)={0x20000008})
recvmmsg(0xffffffffffffffff, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

04:46:29 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0)

[  819.275417][T24536] FAULT_INJECTION: forcing a failure.
[  819.275417][T24536] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  819.357696][T24536] CPU: 1 PID: 24536 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  819.366587][T24536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  819.376641][T24536] Call Trace:
[  819.380048][T24536]  dump_stack+0x11d/0x187
[  819.384403][T24536]  should_fail.cold+0x5/0xf
[  819.388962][T24536]  __alloc_pages_nodemask+0xcf/0x310
[  819.394284][T24536]  alloc_pages_current+0xca/0x170
[  819.399336][T24536]  __page_cache_alloc+0x17f/0x1a0
[  819.404499][T24536]  pagecache_get_page+0x251/0x700
[  819.409543][T24536]  ? radix_tree_load_root+0xb3/0xf0
[  819.414778][T24536]  grab_cache_page_write_begin+0x56/0x80
[  819.420989][T24536]  ext4_da_write_begin+0x1b4/0x860
[  819.426265][T24536]  generic_perform_write+0x13a/0x320
[  819.431840][T24536]  ext4_buffered_write_iter+0x14e/0x280
[  819.437531][T24536]  ext4_file_write_iter+0xf4/0xd30
[  819.442668][T24536]  ? common_file_perm+0x1d1/0x490
[  819.447897][T24536]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  819.453977][T24536]  do_iter_readv_writev+0x4a7/0x5d0
[  819.459280][T24536]  do_iter_write+0x137/0x3a0
[  819.463915][T24536]  ? __kmalloc+0x21c/0x640
[  819.468345][T24536]  ? iter_file_splice_write+0x120/0x830
[  819.473914][T24536]  vfs_iter_write+0x56/0x80
[  819.478444][T24536]  iter_file_splice_write+0x530/0x830
[  819.483871][T24536]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  819.489694][T24536]  direct_splice_actor+0x97/0xb0
[  819.494811][T24536]  splice_direct_to_actor+0x22f/0x540
[  819.500207][T24536]  ? generic_pipe_buf_nosteal+0x20/0x20
04:46:29 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x230142, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  819.505901][T24536]  do_splice_direct+0x152/0x1d0
[  819.510801][T24536]  do_sendfile+0x396/0x810
[  819.515263][T24536]  __x64_sys_sendfile64+0x121/0x140
[  819.520484][T24536]  ? constant_test_bit+0xd/0x30
[  819.525365][T24536]  do_syscall_64+0xc7/0x390
[  819.530145][T24536]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  819.536057][T24536] RIP: 0033:0x45c479
[  819.540077][T24536] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  819.559853][T24536] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  819.568690][T24536] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  819.577063][T24536] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  819.585158][T24536] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  819.593149][T24536] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  819.601121][T24536] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000022
04:46:31 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(0x0, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:31 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_PCM_IOCTL_STATUS32(r3, 0x806c4120, &(0x7f0000000600))
recvmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/249}, {&(0x7f0000000300)=""/231}, {&(0x7f0000000200)=""/191}, {&(0x7f0000000400)=""/255}], 0x0, &(0x7f0000000500)=""/51}, 0x7f}], 0x400000000000034, 0x0, 0x0)
r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x40000, 0x0)
ioctl$KDGKBTYPE(r4, 0x4b33, &(0x7f0000000040))

04:46:31 executing program 1 (fault-call:16 fault-nth:35):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:31 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x5, &(0x7f0000000080)=[{0x1, 0x7f, 0x5, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4, 0xffffffff}, {0xda1, 0xfa, 0x7f, 0x738}, {0x1, 0x0, 0x6, 0x7}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000ffcdbdf250800709c2cc96303000000000008004500737270000800450073727000080003000300000008000300000000000800030002000000"], 0x1}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00e467b54491a80724e5ca000000100000000000000000000000000000f94372", @ANYRES32=0x0, @ANYBLOB="0000003ad71ce6f141888b9cfef88a0bece255bbb927cdffab505f0dfc6ccf6a52ff96ec550d3410253e1124a24c1c709d5b12729fd72e0e16"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r9 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ubi_ctrl\x00', 0x10300, 0x0)
setsockopt$nfc_llcp_NFC_LLCP_RW(r9, 0x118, 0x0, &(0x7f0000000540)=0x400, 0x4)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:31 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f00000002c0)={@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}, 0x3, 0x1, 0x4, 0x3}}, {&(0x7f0000000200)=""/170, 0xaa}, &(0x7f00000000c0), 0x8}, 0xa0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:31 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x541042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
sendmsg$SMC_PNETID_ADD(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x0, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x30}}, 0x800)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r4, r7, 0x0, 0x80001d00c0d0)
io_uring_register$IORING_UNREGISTER_FILES(r7, 0x3, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

[  821.359095][T24576] FAULT_INJECTION: forcing a failure.
[  821.359095][T24576] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  821.383047][T24576] CPU: 1 PID: 24576 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  821.392393][T24576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  821.402622][T24576] Call Trace:
[  821.406175][T24576]  dump_stack+0x11d/0x187
[  821.410687][T24576]  should_fail.cold+0x5/0xf
[  821.415435][T24576]  __alloc_pages_nodemask+0xcf/0x310
[  821.420736][T24576]  alloc_pages_current+0xca/0x170
[  821.426187][T24576]  __page_cache_alloc+0x17f/0x1a0
[  821.431528][T24576]  pagecache_get_page+0x251/0x700
[  821.436716][T24576]  ? radix_tree_load_root+0xb3/0xf0
[  821.442593][T24576]  grab_cache_page_write_begin+0x56/0x80
[  821.448388][T24576]  ext4_da_write_begin+0x1b4/0x860
[  821.453843][T24576]  generic_perform_write+0x13a/0x320
[  821.459207][T24576]  ext4_buffered_write_iter+0x14e/0x280
[  821.466182][T24576]  ext4_file_write_iter+0xf4/0xd30
[  821.471322][T24576]  ? common_file_perm+0x1d1/0x490
[  821.476489][T24576]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  821.482514][T24576]  do_iter_readv_writev+0x4a7/0x5d0
[  821.487730][T24576]  do_iter_write+0x137/0x3a0
[  821.492339][T24576]  ? __kmalloc+0x21c/0x640
[  821.496866][T24576]  ? iter_file_splice_write+0x120/0x830
[  821.502409][T24576]  vfs_iter_write+0x56/0x80
[  821.506916][T24576]  iter_file_splice_write+0x530/0x830
[  821.512312][T24576]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  821.518115][T24576]  direct_splice_actor+0x97/0xb0
[  821.523073][T24576]  splice_direct_to_actor+0x22f/0x540
[  821.528478][T24576]  ? generic_pipe_buf_nosteal+0x20/0x20
[  821.534201][T24576]  do_splice_direct+0x152/0x1d0
[  821.539068][T24576]  do_sendfile+0x396/0x810
[  821.543628][T24576]  __x64_sys_sendfile64+0x121/0x140
[  821.548893][T24576]  do_syscall_64+0xc7/0x390
[  821.553713][T24576]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  821.559640][T24576] RIP: 0033:0x45c479
[  821.563644][T24576] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  821.584770][T24576] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  821.593183][T24576] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  821.601376][T24576] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  821.609481][T24576] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  821.617560][T24576] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  821.625868][T24576] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000023
04:46:32 executing program 1 (fault-call:16 fault-nth:36):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:32 executing program 0:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x4000, 0x0)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x40184152, &(0x7f0000000880)={0x0, &(0x7f0000000840)=[&(0x7f0000000500)="0c008dc997bcdd80ba43cef1900a5710d146ebf9bbdf21b6bf713a2396b41275f24983a66a878a6bee6b5be2b529373a98b98e08d3a448bb4f57fd40226f69f6e4cbcaf0d85707cb3607b79bf7c213cbea59170f9bc748af9206cc3a533c3db59eef6b928e4508914da34d99eed16057aedc69f8a12aa85a6fd817479e4604ff12b90a9a7a9ff12de055e2b6842e9bf8a7", &(0x7f00000005c0)="dcabdf771dd3b9c1216795f5c3533f284fb3f2e468169f67917e5d60c33e6877c513d07c87950262407fdf29f712ea80406525900af19f3e931e212cf5668e", &(0x7f0000000600)="1fa6b697ab5589ece9113999db2f234da1fed1a90915568b627dd4e9b5329f74c625bfda0a9de81ab787b42d907d1259be5149a2", &(0x7f0000000640)="7ae3c0cc58925fb98dc4b4282dd51fd8f723b1ae7d3fa80c12856d3c51d4828bf3b625791c8668c85b697672e7afcdfe6f4343b7f90bec0ff562263e3a1da626514a0dbc32260ab951d9eb32ec4c4843fee7f9952dfae69dd34adf53e0089b68ee5552c954a8fd292bca9e70e889e20089bec52e74dd634b445fe3444f2ce18290e0cd085bf27635321c457ac576a5ba8b9e37247056cade3293f853e9fc68bd37cbe57792866468e81d5565848f83a1689b435104c7f414c40b5b887478571efaa6ad29a2634a8e3dd1f5fa5df0362ae92c553c1aa59f0538803c1653f3bdc829c418204f687a3dc2050fe9593af0", &(0x7f0000000740)="b779f0b4203814964b87279fdcc3e27829a0c24cb73d3df6330e2a73486f6a9a0ef03bc245324590e5c9916502d4cb9e4625d10b1204361994f4cbb7bb29c71606b254838a90fc0f1fcca24410c57f4c66a1c9b1a7c917c5bf3ede755050a3e3570d4afbbec797d1932f00dedd539a0fb83f8126b6c5bf8909518d039f4f7a64479c4cfb1384b496b809cbca3e0c37c3577ebc7db0079300ae3b418f4f51eb86c499d34b", &(0x7f0000000800)="fd524d31606d68ce5689913b7ff29127e225fe1f2450a5faed6ad4e32514a970796af9b21e7d5402bf491fbbfc681fbd1f7b33a0bb169e22f9b967333d"], 0xeec})
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r1, 0x0, 0x2)
socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r7 = socket(0x10, 0x80002, 0x0)
ioctl(r7, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, 0x0)
r9 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r11, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r9, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r1, r2, 0x0, 0x20008)

04:46:32 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240)='NLBL_CIPSOv4\x00')
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
r5 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$revoke(0x3, r5)
r6 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r5)
r7 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$link(0x8, r6, r7)
sendfile(r0, r1, 0x0, 0x20008)

[  822.093075][T24591] FAULT_INJECTION: forcing a failure.
[  822.093075][T24591] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  822.140017][T24591] CPU: 0 PID: 24591 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  822.148739][T24591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  822.158908][T24591] Call Trace:
[  822.162214][T24591]  dump_stack+0x11d/0x187
[  822.166559][T24591]  should_fail.cold+0x5/0xf
[  822.171170][T24591]  __alloc_pages_nodemask+0xcf/0x310
[  822.176512][T24591]  alloc_pages_current+0xca/0x170
[  822.181635][T24591]  __page_cache_alloc+0x17f/0x1a0
[  822.190531][T24591]  pagecache_get_page+0x251/0x700
[  822.195598][T24591]  ? radix_tree_load_root+0xb3/0xf0
[  822.200838][T24591]  grab_cache_page_write_begin+0x56/0x80
[  822.206852][T24591]  ext4_da_write_begin+0x1b4/0x860
[  822.212245][T24591]  generic_perform_write+0x13a/0x320
[  822.217570][T24591]  ext4_buffered_write_iter+0x14e/0x280
[  822.223297][T24591]  ext4_file_write_iter+0xf4/0xd30
[  822.228574][T24591]  ? common_file_perm+0x1d1/0x490
[  822.233736][T24591]  do_iter_readv_writev+0x4a7/0x5d0
[  822.240168][T24591]  do_iter_write+0x137/0x3a0
[  822.245157][T24591]  ? __kmalloc+0x21c/0x640
[  822.249726][T24591]  ? iter_file_splice_write+0x120/0x830
[  822.255419][T24591]  vfs_iter_write+0x56/0x80
[  822.260684][T24591]  iter_file_splice_write+0x530/0x830
[  822.266101][T24591]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  822.271996][T24591]  direct_splice_actor+0x97/0xb0
[  822.276965][T24591]  splice_direct_to_actor+0x22f/0x540
[  822.282489][T24591]  ? generic_pipe_buf_nosteal+0x20/0x20
[  822.288154][T24591]  do_splice_direct+0x152/0x1d0
[  822.293039][T24591]  do_sendfile+0x396/0x810
[  822.297488][T24591]  __x64_sys_sendfile64+0x121/0x140
[  822.302697][T24591]  do_syscall_64+0xc7/0x390
[  822.307252][T24591]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  822.313164][T24591] RIP: 0033:0x45c479
[  822.317194][T24591] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:46:32 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = dup3(r3, r1, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000400)={0xe0, 0x1ff, 0x7, "f0a44708ef1c8813d69c457215b4cb3b00cb47bacbc2860492db334fb089ea4516297aa305a34de93249528d8fb6b1fb89495c94bf8b2dc7f78cd719b73bea2412eb4075b6c947131151c159ea174f7caa5daa5b96783de2e2a04d146619eca1bc98c0ba47610bd0c0850c2aba481b319e41ae452c6abbbc1bcece1189fbe652d5b7678f58405b59a3c85fd3abebaa2e587c456227c9638bc88119e770d8f6dcae3adb7613152be369111e627a20b88c4412275ec1774c4b696ad344f1b10b5204fc9deb0a2086d25432d973da40482a91491a85b25018f8ea0b4264ab655885"})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)
r5 = msgget$private(0x0, 0x0)
msgsnd(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1, 0x0)
msgctl$IPC_SET(r5, 0x1, &(0x7f0000f00f88)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})
msgrcv(r5, &(0x7f0000000300)={0x0, ""/210}, 0xda, 0x0, 0x0)
msgctl$IPC_STAT(r5, 0x2, &(0x7f0000000280)=""/220)
msgsnd(r5, &(0x7f0000000240), 0x8, 0x0)
msgctl$IPC_RMID(r5, 0x0)
msgctl$MSG_INFO(r5, 0xc, &(0x7f0000000100)=""/212)

[  822.336962][T24591] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  822.345826][T24591] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  822.353807][T24591] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  822.362316][T24591] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  822.370365][T24591] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  822.378423][T24591] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000024
04:46:32 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = getpgid(0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f00000001c0)={{0x8, 0x0, 0x7fff, 0x0, 'syz1\x00', 0x3f}, 0x1, 0x3, 0x2, r3, 0xa, 0x824, 'syz1\x00', &(0x7f0000000180)=['syz0\x00', '*\x00', 'syz0\x00', 'syz0\x00', '\\@\x00', '\x00', '}/)#vboxnet1userem0^lo\x00', 'syz0\x00', 'syz0\x00', 'syz0\x00'], 0x3b, [], [0x3, 0x0, 0x5, 0xe6]})
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TLS_RX(r5, 0x6, 0x2, &(0x7f0000000300)=@gcm_256={{0x303}, "98b013a78e10f44b", "69d5dedaa8acc11dcf46b3d0d53196198cce084d3e50c75559bc158cafe7328b", "823518ee", "8bb4a8f2399b62a1"}, 0x38)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
sendfile(r7, 0xffffffffffffffff, 0x0, 0x80001d00c0d2)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r6, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="54000000032401020000000000000000030000060900010073797a3000000000050003002f0000001c000480080002407e0b65b10800024000000005080002400000000405000300010000000500030088000000"], 0x54}, 0x1, 0x0, 0x0, 0x8004}, 0xc004)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
setsockopt$IP_VS_SO_SET_ADDDEST(r10, 0x0, 0x487, &(0x7f0000000340)={{0x2c, @loopback, 0x4e24, 0x4, 'none\x00', 0xa27263ad3b3b3408, 0x7fffffff, 0x15}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e20, 0x0, 0x6, 0x10001, 0x2}}, 0x44)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
recvmsg(r12, &(0x7f0000000700)={&(0x7f00000003c0)=@x25={0x9, @remote}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000440)=""/240, 0xf0}, {&(0x7f0000000540)=""/254, 0xfe}, {&(0x7f0000000640)=""/11, 0xb}], 0x3, &(0x7f00000006c0)=""/25, 0x19}, 0x60)
sendfile(r2, r8, 0x0, 0x80001d00c0d0)

04:46:32 executing program 1 (fault-call:16 fault-nth:37):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  822.878088][T24620] FAULT_INJECTION: forcing a failure.
[  822.878088][T24620] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  822.971132][T24620] CPU: 0 PID: 24620 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  822.979941][T24620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  822.990219][T24620] Call Trace:
[  822.993589][T24620]  dump_stack+0x11d/0x187
[  822.997994][T24620]  should_fail.cold+0x5/0xf
[  823.002742][T24620]  __alloc_pages_nodemask+0xcf/0x310
[  823.008122][T24620]  alloc_pages_current+0xca/0x170
[  823.013347][T24620]  __page_cache_alloc+0x17f/0x1a0
[  823.018395][T24620]  pagecache_get_page+0x251/0x700
[  823.023559][T24620]  ? radix_tree_load_root+0xb3/0xf0
[  823.028787][T24620]  grab_cache_page_write_begin+0x56/0x80
[  823.034440][T24620]  ext4_da_write_begin+0x1b4/0x860
[  823.039677][T24620]  generic_perform_write+0x13a/0x320
[  823.045044][T24620]  ext4_buffered_write_iter+0x14e/0x280
[  823.050634][T24620]  ext4_file_write_iter+0xf4/0xd30
[  823.055795][T24620]  ? common_file_perm+0x1d1/0x490
[  823.060927][T24620]  do_iter_readv_writev+0x4a7/0x5d0
[  823.066156][T24620]  do_iter_write+0x137/0x3a0
[  823.070838][T24620]  ? __kmalloc+0x21c/0x640
[  823.075280][T24620]  ? iter_file_splice_write+0x120/0x830
[  823.080843][T24620]  vfs_iter_write+0x56/0x80
[  823.085415][T24620]  iter_file_splice_write+0x530/0x830
[  823.090835][T24620]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  823.096655][T24620]  direct_splice_actor+0x97/0xb0
[  823.101642][T24620]  splice_direct_to_actor+0x22f/0x540
[  823.107037][T24620]  ? generic_pipe_buf_nosteal+0x20/0x20
[  823.112634][T24620]  do_splice_direct+0x152/0x1d0
[  823.117621][T24620]  do_sendfile+0x396/0x810
[  823.122069][T24620]  __x64_sys_sendfile64+0x121/0x140
[  823.127299][T24620]  do_syscall_64+0xc7/0x390
[  823.131819][T24620]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  823.137732][T24620] RIP: 0033:0x45c479
[  823.141700][T24620] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  823.161292][T24620] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  823.169704][T24620] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  823.177674][T24620] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  823.185661][T24620] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  823.193666][T24620] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  823.201850][T24620] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000025
04:46:34 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(0x0, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:34 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
openat$cgroup(r0, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0)
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000200)={{0xd000, 0x4000, 0x10, 0xd9, 0x20, 0x8, 0xf1, 0xe2, 0x2, 0x4, 0x7f, 0x40}, {0x6000, 0x9006, 0x9, 0xc, 0x5, 0x1, 0xd7, 0x9, 0xff, 0x81, 0x40, 0x9}, {0xd000, 0x6000, 0x0, 0x8, 0xc9, 0x3, 0x20, 0x6, 0x0, 0xac, 0x5, 0x1}, {0x1, 0x0, 0xa, 0x8, 0x1, 0x2, 0x3, 0x9, 0x4, 0x9, 0x32, 0x3}, {0x1000, 0x4000, 0xa, 0x7, 0x5, 0x1, 0x40, 0x4, 0xf9, 0x8, 0x4, 0x1}, {0x3000, 0x2000, 0xc, 0x0, 0x7, 0x8, 0x8, 0x1, 0x2c, 0x1, 0x4, 0x8}, {0x10000, 0x0, 0x8, 0x7f, 0x1, 0x3f, 0x20, 0x7f, 0x9, 0xd4, 0xff, 0x5}, {0x2000, 0x10000, 0xb, 0x20, 0xff, 0x7f, 0xf1, 0xe0, 0xfb, 0x4, 0x0, 0xfa}, {0x10000}, {0x10000, 0x10000}, 0x10, 0x0, 0x10000, 0x120645, 0xa, 0xc01, 0x4000, [0x4b4, 0x2, 0xd5f, 0x7]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$binfmt_script(r5, &(0x7f0000000140)={'#! ', './bus', [{0x20, 'syz0\x00'}, {0x20, 'syz0\x00'}, {}], 0xa, "a4b84c5c9ed51e35ef1c48dc9d97e7a2b726e7765593f496de9a07b5d2ce3aa319753d9d6fc85f9a08c70d"}, 0x41)

04:46:34 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="540000000f14000026bd7000fcdbdf250800030000000000080001000000040008000900000000000000450069625f6d756c74696361737400000000080003000400e85c497ffbb9314800000800030002000000"], 0x54}, 0x1, 0x0, 0x0, 0x40040c0}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000080)={0x7, 0x8001, 0x3, 0x8, <r6=>0x0}, &(0x7f0000000500)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000540)={r6, 0x2, 0xcb, "652b9ca935f528e046a9cc7751177347d0f47c98414b52adc8e20f53fdf24590db2af806cefa57583c2df00aa47ee64940b8c21661e9db0da5052dcb18ee862b4875ffcf4f8405336ed2c2b5317ee0fe668499ac6467536395baf6b8f4bde07a3f995ada98c68ac23e93eb78315b1126ca079e831344b724afee4a7da9bf4ac83010372b040e773c542874c92727669b0e5402e3516bafca6d7efe54b87572cb063c311fc2202ae9d1242ff5ea553fc099025b984c2043e535c4d66fb78b7427c0ad5e966ad9e3759baa73"}, 0xd3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x100000004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:34 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, &(0x7f0000000380)={'nat\x00', 0xf, "9e4395874698c26193c5315920753f"}, &(0x7f00000003c0)=0x33)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000200)={<r5=>0x0, 0x5, 0x4, 0x3}, &(0x7f0000000340)=0x10)
getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000280)={r5, 0x3, 0x1, 0x400}, &(0x7f0000000300)=0x10)
open(&(0x7f0000000180)='./bus\x00', 0xa4800, 0x90)
close(r2)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)
r7 = signalfd4(r6, &(0x7f0000000080)={[0x3ff]}, 0x8, 0x800)
fsetxattr(r7, &(0x7f0000000100)=@random={'security.', 'selfGPLvmnet0\x00'}, &(0x7f0000000140)='cgroupvboxnet1-\x00', 0x10, 0x0)
write$binfmt_elf64(r0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f00000001c0)=0x9)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
acct(&(0x7f0000000240)='./bus\x00')
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x15, "4fe7e940364a56ef0595557e453741d6198cb001ea"}, &(0x7f0000000040)=0x39)
ptrace(0x4207, 0x0)

04:46:34 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000040))
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:46:34 executing program 1 (fault-call:16 fault-nth:38):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  824.376558][   T27] kauditd_printk_skb: 67 callbacks suppressed
[  824.376577][   T27] audit: type=1804 audit(1583210794.644:7842): pid=24634 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/623/bus" dev="sda1" ino=17073 res=1
[  824.435482][   T27] audit: type=1804 audit(1583210794.644:7841): pid=24633 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/535/bus" dev="sda1" ino=17089 res=1
[  824.452822][T24639] FAULT_INJECTION: forcing a failure.
[  824.452822][T24639] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  824.461425][   T27] audit: type=1800 audit(1583210794.644:7843): pid=24633 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17089 res=0
[  824.492557][T24639] CPU: 1 PID: 24639 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  824.502940][T24639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  824.503081][   T27] audit: type=1804 audit(1583210794.644:7844): pid=24635 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/575/bus" dev="sda1" ino=17105 res=1
[  824.514228][T24639] Call Trace:
[  824.514259][T24639]  dump_stack+0x11d/0x187
[  824.514364][T24639]  should_fail.cold+0x5/0xf
[  824.539324][   T27] audit: type=1800 audit(1583210794.644:7845): pid=24635 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17105 res=0
[  824.542463][T24639]  __alloc_pages_nodemask+0xcf/0x310
[  824.542500][T24639]  alloc_pages_current+0xca/0x170
[  824.552266][   T27] audit: type=1804 audit(1583210794.644:7846): pid=24633 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/535/bus" dev="sda1" ino=17089 res=1
[  824.571729][T24639]  __page_cache_alloc+0x17f/0x1a0
[  824.571751][T24639]  pagecache_get_page+0x251/0x700
[  824.571770][T24639]  ? radix_tree_load_root+0xb3/0xf0
[  824.571792][T24639]  grab_cache_page_write_begin+0x56/0x80
[  824.571811][T24639]  ext4_da_write_begin+0x1b4/0x860
[  824.571910][T24639]  generic_perform_write+0x13a/0x320
[  824.582159][   T27] audit: type=1804 audit(1583210794.664:7847): pid=24635 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/575/bus" dev="sda1" ino=17105 res=1
[  824.583720][T24639]  ext4_buffered_write_iter+0x14e/0x280
[  824.583776][T24639]  ext4_file_write_iter+0xf4/0xd30
[  824.608369][   T27] audit: type=1804 audit(1583210794.664:7848): pid=24635 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/575/bus" dev="sda1" ino=17105 res=1
[  824.613318][T24639]  ? common_file_perm+0x1d1/0x490
[  824.613375][T24639]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  824.613407][T24639]  do_iter_readv_writev+0x4a7/0x5d0
[  824.618549][   T27] audit: type=1804 audit(1583210794.664:7849): pid=24635 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/575/bus" dev="sda1" ino=17105 res=1
[  824.624047][T24639]  do_iter_write+0x137/0x3a0
[  824.624068][T24639]  ? __kmalloc+0x21c/0x640
[  824.624087][T24639]  ? iter_file_splice_write+0x120/0x830
[  824.624108][T24639]  vfs_iter_write+0x56/0x80
[  824.624135][T24639]  iter_file_splice_write+0x530/0x830
[  824.631643][   T27] audit: type=1800 audit(1583210794.684:7850): pid=24634 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17073 res=0
[  824.634936][T24639]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  824.793716][T24639]  direct_splice_actor+0x97/0xb0
[  824.798755][T24639]  splice_direct_to_actor+0x22f/0x540
[  824.804116][T24639]  ? generic_pipe_buf_nosteal+0x20/0x20
[  824.809663][T24639]  do_splice_direct+0x152/0x1d0
[  824.814724][T24639]  do_sendfile+0x396/0x810
[  824.819141][T24639]  __x64_sys_sendfile64+0x121/0x140
[  824.824339][T24639]  do_syscall_64+0xc7/0x390
[  824.828857][T24639]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  824.834797][T24639] RIP: 0033:0x45c479
[  824.838687][T24639] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  824.858468][T24639] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  824.866878][T24639] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  824.874845][T24639] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
04:46:35 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x3, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl$BLKSECDISCARD(0xffffffffffffffff, 0x127d, &(0x7f0000000080)=0x3)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf250800030000000000080045007372700008004500737270000800030003000000080003000000000008000300000002000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[]}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  824.882956][T24639] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  824.890953][T24639] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  824.899515][T24639] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000026
04:46:35 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x40)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
r5 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r6=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r6, @ANYBLOB="0000fdb3"], 0x0)
r7 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r8=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r8, @ANYBLOB="00000004"], 0x0)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000340)={<r9=>r6, 0x1, 0xa00, 0x6, 0x1ff, 0x6, 0xfffb, 0x6, {r8, @in={{0x2, 0x4e21, @multicast2}}, 0x1, 0x8, 0x421, 0x7, 0x7}}, &(0x7f0000000140)=0xb0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000180)=@assoc_value={r9, 0x5}, 0x8)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r2, r10, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r11, 0x4, 0x42000)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000000c0)='trusted.overlay.upper\x00', &(0x7f0000000200)={0x0, 0xfb, 0x101, 0x4, 0xea, "3c61c9a9a819f2b3ea1a8fcba34ad7bb", "7df96d9ce66038c73cda6ba84ff0ce473dd0ded15144acfa9e444f3b3df4f9743c77d3dded112babb7407e97f8879b6a798a5a7738711554f4020fe6df6b21bc7b9f8067973ad7ee0044c1de7fd46c28aac7dcd50e6640be2e9296b8e1b6842bb50eeb767487f67a25e9582352357dbaa49efbc8d50f851838f961596390a95cd46d05c9f395db3457ff6fa41e713e02584bbd8abb68b6c61859e223a06b80bebbeb61089e2211b85d26e844f346b48758e345e00c9a47697b153c123c8cb71e0921ba3d0b950cdeb46868ef7eec8bf5cc37c3e45887caa49b81e46b439778c6ee5c3adbba1b7acec8ef001e"}, 0x101, 0x4)
sendfile(r0, r1, 0x0, 0x20008)

04:46:35 executing program 1 (fault-call:16 fault-nth:39):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  825.269210][T24661] Process accounting resumed
04:46:35 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
accept4$x25(0xffffffffffffffff, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
open_by_handle_at(r4, &(0x7f0000000180)=ANY=[@ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00'], 0x280001)
fcntl$setstatus(r2, 0x4, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0xa})
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r11, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x1, @loopback}], 0x1c)
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r9, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ftruncate(r9, 0x1d)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r12 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r12)
r13 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r12, r13, 0x0, 0x80001d00c0d0)

04:46:35 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/187, 0xbb}}], 0x1, 0x3, 0x0)

[  825.428572][T24644] Process accounting resumed
[  825.489345][T24670] FAULT_INJECTION: forcing a failure.
[  825.489345][T24670] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  825.540019][T24670] CPU: 0 PID: 24670 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  825.549651][T24670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  825.559825][T24670] Call Trace:
[  825.563274][T24670]  dump_stack+0x11d/0x187
[  825.567720][T24670]  should_fail.cold+0x5/0xf
[  825.572608][T24670]  __alloc_pages_nodemask+0xcf/0x310
[  825.578847][T24670]  alloc_pages_current+0xca/0x170
[  825.585529][T24670]  __page_cache_alloc+0x17f/0x1a0
[  825.590811][T24670]  pagecache_get_page+0x251/0x700
[  825.595995][T24670]  ? radix_tree_load_root+0xb3/0xf0
[  825.601385][T24670]  grab_cache_page_write_begin+0x56/0x80
[  825.607160][T24670]  ext4_da_write_begin+0x1b4/0x860
[  825.612387][T24670]  generic_perform_write+0x13a/0x320
[  825.618328][T24670]  ext4_buffered_write_iter+0x14e/0x280
[  825.624816][T24670]  ext4_file_write_iter+0xf4/0xd30
[  825.630572][T24670]  ? common_file_perm+0x1d1/0x490
04:46:35 executing program 3:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x4000, 0x0)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x40184152, &(0x7f0000000880)={0x0, &(0x7f0000000840)=[&(0x7f0000000500)="0c008dc997bcdd80ba43cef1900a5710d146ebf9bbdf21b6bf713a2396b41275f24983a66a878a6bee6b5be2b529373a98b98e08d3a448bb4f57fd40226f69f6e4cbcaf0d85707cb3607b79bf7c213cbea59170f9bc748af9206cc3a533c3db59eef6b928e4508914da34d99eed16057aedc69f8a12aa85a6fd817479e4604ff12b90a9a7a9ff12de055e2b6842e9bf8a7", &(0x7f00000005c0)="dcabdf771dd3b9c1216795f5c3533f284fb3f2e468169f67917e5d60c33e6877c513d07c87950262407fdf29f712ea80406525900af19f3e931e212cf5668e", &(0x7f0000000600)="1fa6b697ab5589ece9113999db2f234da1fed1a90915568b627dd4e9b5329f74c625bfda0a9de81ab787b42d907d1259be5149a2", &(0x7f0000000640)="7ae3c0cc58925fb98dc4b4282dd51fd8f723b1ae7d3fa80c12856d3c51d4828bf3b625791c8668c85b697672e7afcdfe6f4343b7f90bec0ff562263e3a1da626514a0dbc32260ab951d9eb32ec4c4843fee7f9952dfae69dd34adf53e0089b68ee5552c954a8fd292bca9e70e889e20089bec52e74dd634b445fe3444f2ce18290e0cd085bf27635321c457ac576a5ba8b9e37247056cade3293f853e9fc68bd37cbe57792866468e81d5565848f83a1689b435104c7f414c40b5b887478571efaa6ad29a2634a8e3dd1f5fa5df0362ae92c553c1aa59f0538803c1653f3bdc829c418204f687a3dc2050fe9593af0", &(0x7f0000000740)="b779f0b4203814964b87279fdcc3e27829a0c24cb73d3df6330e2a73486f6a9a0ef03bc245324590e5c9916502d4cb9e4625d10b1204361994f4cbb7bb29c71606b254838a90fc0f1fcca24410c57f4c66a1c9b1a7c917c5bf3ede755050a3e3570d4afbbec797d1932f00dedd539a0fb83f8126b6c5bf8909518d039f4f7a64479c4cfb1384b496b809cbca3e0c37c3577ebc7db0079300ae3b418f4f51eb86c499d34b", &(0x7f0000000800)="fd524d31606d68ce5689913b7ff29127e225fe1f2450a5faed6ad4e32514a970796af9b21e7d5402bf491fbbfc681fbd1f7b33a0bb169e22f9b967333d"], 0xeec})
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r1, 0x0, 0x2)
socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r7 = socket(0x10, 0x80002, 0x0)
ioctl(r7, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, 0x0)
r9 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r11, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r9, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r1, r2, 0x0, 0x20008)

[  825.635620][T24670]  do_iter_readv_writev+0x4a7/0x5d0
[  825.641096][T24670]  do_iter_write+0x137/0x3a0
[  825.646017][T24670]  ? __kmalloc+0x21c/0x640
[  825.650621][T24670]  ? iter_file_splice_write+0x120/0x830
[  825.656520][T24670]  vfs_iter_write+0x56/0x80
[  825.661539][T24670]  iter_file_splice_write+0x530/0x830
[  825.667043][T24670]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  825.672877][T24670]  direct_splice_actor+0x97/0xb0
[  825.677910][T24670]  splice_direct_to_actor+0x22f/0x540
[  825.683321][T24670]  ? generic_pipe_buf_nosteal+0x20/0x20
[  825.689169][T24670]  do_splice_direct+0x152/0x1d0
[  825.694374][T24670]  do_sendfile+0x396/0x810
[  825.698834][T24670]  __x64_sys_sendfile64+0x121/0x140
[  825.704141][T24670]  do_syscall_64+0xc7/0x390
[  825.709517][T24670]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  825.715600][T24670] RIP: 0033:0x45c479
[  825.719559][T24670] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  825.739293][T24670] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  825.747839][T24670] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  825.755826][T24670] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  825.763900][T24670] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  825.776061][T24670] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  825.784212][T24670] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000027
04:46:37 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(0x0, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:37 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x3, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0x9}, {0x0, 0x1, 0x7, 0x8}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000500)=ANY=[@ANYBLOB="000000800000000002004e230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eeff000000000000000000000000000000000000000000000000000000000000000000010000000300000002004e21ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e220000004000"/528], 0x210)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="0200000000000000", @ANYRES64=0x0, @ANYPTR], 0x5}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:37 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f0000000140)=@add_del={0x2, &(0x7f00000000c0)='rose0\x00'})
close(r2)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:37 executing program 1 (fault-call:16 fault-nth:40):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:37 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000240)={<r6=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000280)={r6})
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f00000000c0)={0x7}, 0x4)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
r10 = dup(r8)
ioctl$LOOP_CLR_FD(r10, 0x4c01)
sendfile(r0, r1, 0x0, 0x20008)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000200)={r2})
r11 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r11, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r12=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000004c0)=ANY=[@ANYRES32=r12, @ANYBLOB="adbfce6200aa2d0457d2a7d50d0d13e7499de382bd948a13807db07219900000000000000000756c7a601e1cf211d6893a2d6eca016a7d694519bb761e57f846f066d20a03000093593907003f81b54ba037f8872035cc5973fa8416e9070000002e91792f79cb4c9cd9becaa89c07502b5d6975e0621539da5817c78c6b186b07f3aebb7688ec6f705468657fc979829f5f697a37f05005feb16f63a69a452ff6f860c9f5aa5c085c99677d9b02c0febc4ab707df9c8a21cbcac9d9301b0ccbeffff1dfed86034a2e42f902f73347c10f3faccda4811d497676ef6009076ccaf76712e33d3f6bae9791c6ccea39511bbaf06cf850e99f6d86d203f9b787eda81f0056a59c20fbf29f4e1f8c210e6158ee1cf0bb645ffb74f70982983d8d067ce17d674287e68664a9b2487ac1752346e943217e3d4858157c6ea987456401e07be6fc58ce653dfe93a1a3ee86f3d8d63b7965df71910aa6e119e1b42fb70f32af331c8597e9c80d15c284dce00f221e8199eb40055a53be1a3507df9422d856fee8f1cf7c21a5148fa553840a0b95ebf87d1310f66b04ea256a31893cafc60c77d258067466462e4ba69f0a8dc85fdcaa537f948b3a7fc9b2d4eaa996"], 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000140)={r12, 0x1, 0x10, 0x5, 0x6}, &(0x7f0000000180)=0x18)

04:46:37 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x3)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x80000, 0x0)
r5 = syz_open_dev$mice(&(0x7f00000005c0)='/dev/input/mice\x00', 0x0, 0x800)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={<r6=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r6, @ANYBLOB="00000004"], 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f0000000600)={r6, 0x9}, &(0x7f0000000640)=0x8)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x1410c2, 0xa)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGPGRP(r8, 0x8904, &(0x7f0000000080)=<r9=>0x0)
fcntl$setown(r4, 0x8, r9)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_ACCEPT(r11, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c004409", @ANYRES16=0x0, @ANYBLOB="000331bd7000fedbdf250100000005000100010000001400020087f4da7d885a7ed134c2ed850d1eedcf08000500e00000022700070073797374656d5f753a6f626a656374256c6a1aa35f72756e5f743a7330000008000400e0000002080004007f00000100"/117], 0x3}, 0x1, 0x0, 0x0, 0x80}, 0x44030)

[  827.596735][T24711] FAULT_INJECTION: forcing a failure.
[  827.596735][T24711] name failslab, interval 1, probability 0, space 0, times 0
[  827.624698][T24711] CPU: 1 PID: 24711 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  827.633770][T24711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  827.643845][T24711] Call Trace:
[  827.647153][T24711]  dump_stack+0x11d/0x187
[  827.651503][T24711]  should_fail.cold+0x5/0xf
[  827.656013][T24711]  __should_failslab+0x82/0xb0
[  827.660875][T24711]  should_failslab+0x5/0xf
[  827.666606][T24711]  kmem_cache_alloc_trace+0x26/0x5f0
[  827.671927][T24711]  ? __schedule+0x30e/0x690
[  827.676534][T24711]  iomap_dio_rw+0x11f/0x9a0
[  827.681197][T24711]  ? rwsem_down_read_slowpath+0x45a/0xa10
[  827.687024][T24711]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  827.693332][T24711]  ? ext4_inode_journal_mode+0x8d/0x260
[  827.698988][T24711]  ? ext4_file_read_iter+0x2b4/0x360
[  827.704386][T24711]  ext4_file_read_iter+0x2b4/0x360
[  827.709584][T24711]  generic_file_splice_read+0x2df/0x470
[  827.715157][T24711]  ? add_to_pipe+0x1b0/0x1b0
[  827.719775][T24711]  do_splice_to+0xc7/0x100
[  827.724209][T24711]  splice_direct_to_actor+0x1b9/0x540
[  827.729733][T24711]  ? generic_pipe_buf_nosteal+0x20/0x20
[  827.735330][T24711]  do_splice_direct+0x152/0x1d0
[  827.740265][T24711]  do_sendfile+0x396/0x810
[  827.744745][T24711]  __x64_sys_sendfile64+0x121/0x140
[  827.749976][T24711]  do_syscall_64+0xc7/0x390
[  827.754562][T24711]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  827.760477][T24711] RIP: 0033:0x45c479
[  827.764390][T24711] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  827.784356][T24711] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  827.792874][T24711] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  827.801053][T24711] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  827.809497][T24711] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  827.819122][T24711] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  827.827334][T24711] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000028
04:46:38 executing program 1 (fault-call:16 fault-nth:41):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:38 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="00edff0000000000"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
r11 = fcntl$dupfd(r9, 0x406, 0xffffffffffffffff)
sendmsg$TCPDIAG_GETSOCK(r11, &(0x7f0000000940)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000900)={&(0x7f0000000500)={0x3cc, 0x12, 0x300, 0x70bd26, 0x25dfdbff, {0x2c, 0x7, 0x6, 0x6, {0x4e21, 0x4e22, [0x3, 0x37, 0x2b7389fd, 0x8], [0x0, 0x4, 0x0, 0x88c], 0x0, [0x1, 0x6]}, 0x9, 0x5}, [@INET_DIAG_REQ_BYTECODE={0xcc, 0x1, "57a481323c5bfea0b629d72c255354326a621fc3cc4f96cf2d5e4b5b28999c4108dede3b92f05affa99cae8a9e76213db08426b147473dfc9c95b84971cf6298d75562a229ae4456abcb8eae88e50d86174514a6b97c20badc8b3fb3c29d7a2a05b65bd28628bb4b30d6ae675850e98afbda26e760057a0c7eebb44f10fd261e7843b28823d0f28d9b6675c40624f8923ab3e7c17fa4365a273fe3c58f1da72cff5e9c8b8553182908471e092db31a432c41ce2f0d8f89cca52bd6b6fc5f87056db77919394e71f0"}, @INET_DIAG_REQ_BYTECODE={0x2c, 0x1, "d856f7b705a9021c71db09360713bbd3986aafbbd919fc8c3f94ba612b90b1b8fc13d31d007ccef6"}, @INET_DIAG_REQ_BYTECODE={0xe4, 0x1, "fe4fbe7d11da4cbb00ba94202bbabcd4dc9ed961f330a56b3d9bda9ab1d89641fe947e4189c44703610d27ee80d4c5e419bdfbfb1dbe5c7fb84465fec35e683f265e15abfbbe20f6b41f58989fc985e98964cfbb887d316933375836ab0c41fb891a23a1ee8d8d45385f250fd32aca9b9e70af58d3ee71f42a72e3e7c762b862c2f698661dd7d892f5c444966b3da9dfd9ff5fa005c5a98c893d5a236583b7b806c41e383472c946f88aa04667be87b7e2a5fade64499d203e1038a9d70fce0f3db383ae9fcb5599503120e1fc7cd8ccc59aff88b1dae416fd78c07e1d101a39"}, @INET_DIAG_REQ_BYTECODE={0x85, 0x1, "8ea5cb7b0f87d3681138ab1874811aa74fc112864e06c87897e565698038bee782fbb07df985b7c11716b235c44db1a33b223e031d0180ca30e36518188e359d8eecb2bcf7aae85db15182c69db4d359bbea2fe673fd9f3687f4836d58e405bd1361f35edf0813c41212fa293e50f03247b4d5bdc02afcace23cce122c265f09b0"}, @INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0x51, 0x1, "8d040d505a94cf2f536e1f85f2353bb1b737b22a03e484728c8375ed57d8e43348eb438820d933c0e12b24871baf3c9736f66868d33bcd9305eef3323f9e134b357e481883c318457cd1a6724a"}, @INET_DIAG_REQ_BYTECODE={0xc4, 0x1, "1c2448f95b69808677275f263d7e88c6b2b69ecb3e9fcdb0cce9c9ecb977cb636307e6ef065be593d4205d581e4c5b4f420e4a02d537c6b72ea056534474dfb632d4152bb0574de781c49980acac798c168f8b39499eb08d771476393a32052abc7470b0f352bcc5b3830b3e6e10453a479109249800e1ef716d251a314c70ad73b7776e7a2e5ecbc638ac7f802c01053ae25801277cfebaa41061b9a74f2b3ced476e69ddece4b980bfdaa77420560474ee09a0cc89e6f6c437fbcd20d6524b"}]}, 0x3cc}, 0x1, 0x0, 0x0, 0x5fffd9be0b82839b}, 0x440d0)
sendfile(r0, r1, 0x0, 0x20008)

04:46:38 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x10280, 0x1eb)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendmsg$AUDIT_TRIM(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x42008000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3f6, 0x1, 0x70bd2b, 0x25dfdbfd, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x40890}, 0x1)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  828.491004][T24733] FAULT_INJECTION: forcing a failure.
[  828.491004][T24733] name failslab, interval 1, probability 0, space 0, times 0
[  828.544384][T24733] CPU: 1 PID: 24733 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  828.553103][T24733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  828.563168][T24733] Call Trace:
[  828.566510][T24733]  dump_stack+0x11d/0x187
[  828.571173][T24733]  should_fail.cold+0x5/0xf
[  828.575713][T24733]  __should_failslab+0x82/0xb0
[  828.580497][T24733]  should_failslab+0x5/0xf
[  828.584942][T24733]  kmem_cache_alloc+0x23/0x5e0
04:46:38 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$SIOCGIFHWADDR(r3, 0x8927, &(0x7f0000000040))
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

[  828.589732][T24733]  ? _raw_spin_unlock_irq+0x55/0x80
[  828.595080][T24733]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  828.601227][T24733]  ext4_init_io_end+0x4d/0x120
[  828.606033][T24733]  ext4_writepages+0x55b/0x1d40
[  828.610916][T24733]  ? __radix_tree_lookup+0x18d/0x1c0
[  828.616282][T24733]  ? ext4_mark_inode_dirty+0x420/0x420
[  828.621764][T24733]  ? do_writepages+0x6b/0x170
[  828.626455][T24733]  do_writepages+0x6b/0x170
[  828.631082][T24733]  ? _raw_spin_unlock+0x38/0x60
[  828.636065][T24733]  ? wbc_attach_and_unlock_inode+0xdd/0x3b0
[  828.642009][T24733]  __filemap_fdatawrite_range+0x1bb/0x220
[  828.647892][T24733]  filemap_write_and_wait_range+0xad/0x140
[  828.653727][T24733]  iomap_dio_rw+0x3a2/0x9a0
[  828.658492][T24733]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  828.664686][T24733]  ? ext4_file_read_iter+0x2b4/0x360
[  828.670113][T24733]  ext4_file_read_iter+0x2b4/0x360
[  828.675250][T24733]  generic_file_splice_read+0x2df/0x470
[  828.680826][T24733]  ? add_to_pipe+0x1b0/0x1b0
[  828.685442][T24733]  do_splice_to+0xc7/0x100
[  828.689877][T24733]  splice_direct_to_actor+0x1b9/0x540
[  828.695310][T24733]  ? generic_pipe_buf_nosteal+0x20/0x20
[  828.700946][T24733]  do_splice_direct+0x152/0x1d0
[  828.706023][T24733]  do_sendfile+0x396/0x810
[  828.710464][T24733]  __x64_sys_sendfile64+0x121/0x140
[  828.715783][T24733]  do_syscall_64+0xc7/0x390
[  828.720572][T24733]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  828.726643][T24733] RIP: 0033:0x45c479
[  828.730844][T24733] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  828.750439][T24733] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  828.758851][T24733] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  828.767104][T24733] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  828.775108][T24733] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  828.783269][T24733] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  828.791438][T24733] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000029
04:46:39 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f0000000140)=@add_del={0x2, &(0x7f00000000c0)='rose0\x00'})
close(r2)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:39 executing program 4:
shmget(0x0, 0x3000, 0x40, &(0x7f0000ffc000/0x3000)=nil)
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  829.547263][   T27] kauditd_printk_skb: 75 callbacks suppressed
[  829.547279][   T27] audit: type=1800 audit(1583210799.814:7926): pid=24754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=16563 res=0
[  829.599542][   T27] audit: type=1804 audit(1583210799.814:7927): pid=24753 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/627/bus" dev="sda1" ino=16563 res=1
[  829.624348][   T27] audit: type=1804 audit(1583210799.834:7928): pid=24754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/627/bus" dev="sda1" ino=16563 res=1
04:46:40 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:40 executing program 1 (fault-call:16 fault-nth:42):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:40 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000040)={0x1, 0x1, {0xfffffffc, 0x28, 0x4, 0x1f, 0x8, 0xa0, 0x2, 0x71, 0xfffffffffffffffe}})
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

04:46:40 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ftruncate(0xffffffffffffffff, 0x200004)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r3 = socket(0x10, 0x80002, 0x0)
ioctl(r3, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r5 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r7, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:40 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sync_file_range(r2, 0xb0000000000000, 0x6, 0x2)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00')
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000480)={0x18, r6, 0x703, 0x0, 0x0, {0x4}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}}, 0x0)
ftruncate(r4, 0x200004)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r7 = socket(0x10, 0x80002, 0x0)
ioctl(r7, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r9 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$revoke(0x3, r9)
add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000004c0)={'syz', 0x3}, 0x0, 0x0, r9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)

04:46:40 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x200, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_FREE_BUFS(r5, 0x4010641a, &(0x7f00000002c0)={0x2, &(0x7f0000000280)=[0x8, 0xffffffff]})
ioctl(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x102882, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r6, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x28, 0x1401, 0x5393d74919541667, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000000)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/schedstat\x00', 0x0, 0x0)
write$FUSE_LSEEK(r8, &(0x7f0000000340)={0x18, 0x0, 0x3, {0x7}}, 0x18)

[  830.576846][   T27] audit: type=1804 audit(1583210800.844:7929): pid=24772 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/628/bus" dev="sda1" ino=17435 res=1
[  830.638034][   T27] audit: type=1800 audit(1583210800.844:7930): pid=24772 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17435 res=0
[  830.641134][T24776] FAULT_INJECTION: forcing a failure.
[  830.641134][T24776] name failslab, interval 1, probability 0, space 0, times 0
[  830.663576][   T27] audit: type=1804 audit(1583210800.844:7931): pid=24773 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/539/bus" dev="sda1" ino=17437 res=1
[  830.712508][   T27] audit: type=1800 audit(1583210800.844:7932): pid=24773 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17437 res=0
[  830.738034][T24776] CPU: 0 PID: 24776 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  830.747903][T24776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  830.759984][T24776] Call Trace:
[  830.763631][T24776]  dump_stack+0x11d/0x187
[  830.770598][T24776]  should_fail.cold+0x5/0xf
[  830.775268][T24776]  __should_failslab+0x82/0xb0
[  830.780144][T24776]  should_failslab+0x5/0xf
[  830.784586][T24776]  kmem_cache_alloc+0x23/0x5e0
[  830.789644][T24776]  ext4_init_io_end+0x4d/0x120
[  830.794516][T24776]  ext4_writepages+0x9b2/0x1d40
[  830.799497][T24776]  ? __radix_tree_lookup+0x18d/0x1c0
[  830.804962][T24776]  ? ext4_mark_inode_dirty+0x420/0x420
[  830.810599][T24776]  ? do_writepages+0x6b/0x170
[  830.815341][T24776]  do_writepages+0x6b/0x170
[  830.820093][T24776]  ? _raw_spin_unlock+0x38/0x60
[  830.825154][T24776]  ? wbc_attach_and_unlock_inode+0xdd/0x3b0
[  830.831243][T24776]  __filemap_fdatawrite_range+0x1bb/0x220
[  830.836996][T24776]  filemap_write_and_wait_range+0xad/0x140
[  830.842920][T24776]  iomap_dio_rw+0x3a2/0x9a0
[  830.847504][T24776]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  830.853630][T24776]  ? ext4_file_read_iter+0x2b4/0x360
[  830.859501][T24776]  ext4_file_read_iter+0x2b4/0x360
[  830.864722][T24776]  generic_file_splice_read+0x2df/0x470
[  830.870338][T24776]  ? add_to_pipe+0x1b0/0x1b0
[  830.875076][T24776]  do_splice_to+0xc7/0x100
[  830.879611][T24776]  splice_direct_to_actor+0x1b9/0x540
[  830.885202][T24776]  ? generic_pipe_buf_nosteal+0x20/0x20
[  830.890784][T24776]  do_splice_direct+0x152/0x1d0
[  830.895886][T24776]  do_sendfile+0x396/0x810
[  830.900447][T24776]  __x64_sys_sendfile64+0x121/0x140
[  830.905691][T24776]  do_syscall_64+0xc7/0x390
[  830.911371][T24776]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  830.917378][T24776] RIP: 0033:0x45c479
[  830.921364][T24776] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:46:41 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x64, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r6, 0x80045301, &(0x7f00000000c0))
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:41 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf250800030000000000080045007372700008000000080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000500)='/dev/btrfs-control\x00', 0x2000, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  830.940978][T24776] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  830.949404][T24776] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  830.957497][T24776] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  830.965617][T24776] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  830.973624][T24776] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  830.981605][T24776] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000002a
[  831.114750][   T27] audit: type=1804 audit(1583210800.844:7933): pid=24772 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/628/bus" dev="sda1" ino=17435 res=1
[  831.144758][   T27] audit: type=1804 audit(1583210800.844:7934): pid=24773 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/539/bus" dev="sda1" ino=17437 res=1
[  831.181307][   T27] audit: type=1804 audit(1583210800.844:7935): pid=24772 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/628/bus" dev="sda1" ino=17435 res=1
04:46:41 executing program 1 (fault-call:16 fault-nth:43):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:41 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
pipe(&(0x7f0000000400)={<r4=>0xffffffffffffffff})
ioctl$sock_ax25_SIOCDELRT(r4, 0x890c, &(0x7f0000000440)={@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xfffffffffffffff8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  831.459352][T24798] FAULT_INJECTION: forcing a failure.
[  831.459352][T24798] name failslab, interval 1, probability 0, space 0, times 0
04:46:41 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$P9_RWRITE(r5, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x5}, 0xb)

[  831.536923][T24798] CPU: 0 PID: 24798 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  831.547248][T24798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  831.557683][T24798] Call Trace:
[  831.561057][T24798]  dump_stack+0x11d/0x187
[  831.565519][T24798]  should_fail.cold+0x5/0xf
[  831.570225][T24798]  __should_failslab+0x82/0xb0
[  831.575457][T24798]  should_failslab+0x5/0xf
[  831.579926][T24798]  kmem_cache_alloc+0x23/0x5e0
[  831.585175][T24798]  ? _raw_spin_unlock_irq+0x55/0x80
[  831.590415][T24798]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  831.596363][T24798]  ext4_init_io_end+0x4d/0x120
[  831.601221][T24798]  ext4_writepages+0x55b/0x1d40
[  831.606269][T24798]  ? __radix_tree_lookup+0x18d/0x1c0
[  831.611609][T24798]  ? ext4_mark_inode_dirty+0x420/0x420
[  831.617104][T24798]  ? do_writepages+0x6b/0x170
[  831.621821][T24798]  do_writepages+0x6b/0x170
[  831.626690][T24798]  ? _raw_spin_unlock+0x38/0x60
[  831.631672][T24798]  ? wbc_attach_and_unlock_inode+0xdd/0x3b0
[  831.640066][T24798]  __filemap_fdatawrite_range+0x1bb/0x220
[  831.645826][T24798]  filemap_write_and_wait_range+0xad/0x140
[  831.651658][T24798]  iomap_dio_rw+0x3a2/0x9a0
[  831.656340][T24798]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  831.662366][T24798]  ? ext4_file_read_iter+0x2b4/0x360
[  831.667709][T24798]  ext4_file_read_iter+0x2b4/0x360
[  831.672838][T24798]  generic_file_splice_read+0x2df/0x470
[  831.678472][T24798]  ? add_to_pipe+0x1b0/0x1b0
[  831.683509][T24798]  do_splice_to+0xc7/0x100
[  831.688159][T24798]  splice_direct_to_actor+0x1b9/0x540
[  831.693678][T24798]  ? generic_pipe_buf_nosteal+0x20/0x20
[  831.699786][T24798]  do_splice_direct+0x152/0x1d0
[  831.704678][T24798]  do_sendfile+0x396/0x810
[  831.709191][T24798]  __x64_sys_sendfile64+0x121/0x140
[  831.714421][T24798]  do_syscall_64+0xc7/0x390
[  831.719263][T24798]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  831.725352][T24798] RIP: 0033:0x45c479
[  831.729300][T24798] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  831.749193][T24798] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  831.757934][T24798] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  831.766063][T24798] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  831.774505][T24798] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
04:46:41 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x64, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r6, 0x80045301, &(0x7f00000000c0))
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  831.783202][T24798] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  831.791195][T24798] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000002b
04:46:43 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:43 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
creat(&(0x7f0000000200)='./bus\x00', 0x1)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
read$dsp(r5, &(0x7f00000000c0)=""/9, 0x9)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400, 0x20}, 0x0, 0x0, 0x0, 0xc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r8, 0x84, 0xa, &(0x7f0000000140)={0x6, 0x900, 0x8000, 0x5, 0x8000, 0x5, 0x9, 0x8}, &(0x7f0000000180)=0x20)

04:46:43 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r8, &(0x7f0000000080)={0xe, 0x17, 0x1, {0x5, './bus'}}, 0xe)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:43 executing program 1 (fault-call:16 fault-nth:44):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:43 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
r8 = fcntl$dupfd(r7, 0x0, r4)
r9 = getpid()
sched_setscheduler(r9, 0x5, 0x0)
sendmsg$AUDIT_SET(r8, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x34, 0x3e9, 0x200, 0x70bd28, 0x25dfdbfd, {0x2, 0x80000000, 0x0, r9, 0x80000001, 0x3, 0x1000, 0x0, 0xffffffc1}, ["", ""]}, 0x34}}, 0x20000001)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:43 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:46:44 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000000)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f0000000480)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, 0x1}, 0x90)
close(r2)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)

[  833.744816][T24833] FAULT_INJECTION: forcing a failure.
[  833.744816][T24833] name failslab, interval 1, probability 0, space 0, times 0
[  833.778000][T24833] CPU: 1 PID: 24833 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  833.786886][T24833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  833.797211][T24833] Call Trace:
[  833.800536][T24833]  dump_stack+0x11d/0x187
[  833.804893][T24833]  should_fail.cold+0x5/0xf
[  833.809551][T24833]  __should_failslab+0x82/0xb0
[  833.814515][T24833]  should_failslab+0x5/0xf
[  833.819055][T24833]  kmem_cache_alloc+0x23/0x5e0
[  833.823932][T24833]  ? mempool_alloc+0x9f/0x280
[  833.828627][T24833]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  833.835109][T24833]  bvec_alloc+0xa1/0x1e0
[  833.839529][T24833]  bio_alloc_bioset+0x2ad/0x3d0
[  833.844387][T24833]  iomap_dio_bio_actor+0x464/0x970
[  833.849504][T24833]  iomap_dio_actor+0x83/0x390
[  833.854230][T24833]  iomap_apply+0x1e6/0x660
[  833.858905][T24833]  ? iomap_dio_bio_actor+0x970/0x970
[  833.864395][T24833]  iomap_dio_rw+0x67e/0x9a0
[  833.869779][T24833]  ? iomap_dio_bio_actor+0x970/0x970
[  833.875142][T24833]  ? ext4_file_read_iter+0x2b4/0x360
[  833.880765][T24833]  ext4_file_read_iter+0x2b4/0x360
[  833.885980][T24833]  generic_file_splice_read+0x2df/0x470
[  833.891710][T24833]  ? add_to_pipe+0x1b0/0x1b0
[  833.896309][T24833]  do_splice_to+0xc7/0x100
[  833.900975][T24833]  splice_direct_to_actor+0x1b9/0x540
[  833.906490][T24833]  ? generic_pipe_buf_nosteal+0x20/0x20
[  833.912168][T24833]  do_splice_direct+0x152/0x1d0
[  833.917141][T24833]  do_sendfile+0x396/0x810
[  833.921606][T24833]  __x64_sys_sendfile64+0x121/0x140
[  833.927111][T24833]  do_syscall_64+0xc7/0x390
[  833.931637][T24833]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  833.937773][T24833] RIP: 0033:0x45c479
[  833.941860][T24833] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  833.962086][T24833] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  833.970749][T24833] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  833.978974][T24833] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  833.987088][T24833] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  833.995052][T24833] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  834.003243][T24833] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000002c
04:46:44 executing program 1 (fault-call:16 fault-nth:45):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:44 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x7, &(0x7f0000000540)="0de8696071000000000018b1b7d6bf13796bf30b2ebeb1786320b4dc918c33ab5f94197eb1731df34104b2cb3f00b264053bae6e9aba450b413a2cbb2228c0e5b8081ae6cb1204def545e2542caedd39d514eb71daeb1a4c8fe0596535f7378642a273f1f442966019f19b488dd2fb0f12e3c2c824ab42f5ccea7e")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="6b59d8835b47480000000f14000026d17000fc00000800450073727000080045007372700000000000080003000200"/56], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$BLKFRASET(r6, 0x1264, &(0x7f0000000080)=0x4)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
close(0xffffffffffffffff)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(0xffffffffffffffff, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:44 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x587000, 0x0)

04:46:44 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x1e0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$IMSETDEVNAME(0xffffffffffffffff, 0x80184947, &(0x7f00000001c0)={0x2, 'syz1\x00'})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0xfffffffe, @loopback, 0x1003}], 0x1c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r2, 0x400c6615, &(0x7f0000000040))
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x3, <r4=>r1, 0xf80f3f1a4725904d})
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, [], 0xe}, 0x7}, 0x1c)
sendfile(r3, r5, 0x0, 0x80001d00c0d0)

[  834.443559][T24853] FAULT_INJECTION: forcing a failure.
[  834.443559][T24853] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  834.497640][T24853] CPU: 0 PID: 24853 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  834.507235][T24853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  834.517407][T24853] Call Trace:
[  834.520738][T24853]  dump_stack+0x11d/0x187
[  834.525117][T24853]  should_fail.cold+0x5/0xf
[  834.529663][T24853]  __alloc_pages_nodemask+0xcf/0x310
[  834.535228][T24853]  alloc_pages_current+0xca/0x170
[  834.540278][T24853]  push_pipe+0x18b/0x340
[  834.544615][T24853]  ? __radix_tree_lookup+0x18d/0x1c0
[  834.550010][T24853]  iov_iter_get_pages+0x49d/0x8cc
[  834.555141][T24853]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  834.561144][T24853]  bio_iov_iter_get_pages+0x106/0x5a0
[  834.566550][T24853]  iomap_dio_bio_actor+0x5e8/0x970
[  834.571696][T24853]  iomap_dio_actor+0x83/0x390
[  834.576403][T24853]  iomap_apply+0x1e6/0x660
[  834.580836][T24853]  ? iomap_dio_bio_actor+0x970/0x970
[  834.586150][T24853]  iomap_dio_rw+0x67e/0x9a0
[  834.590699][T24853]  ? iomap_dio_bio_actor+0x970/0x970
[  834.596020][T24853]  ? ext4_file_read_iter+0x2b4/0x360
[  834.601332][T24853]  ext4_file_read_iter+0x2b4/0x360
[  834.607420][T24853]  generic_file_splice_read+0x2df/0x470
[  834.613000][T24853]  ? add_to_pipe+0x1b0/0x1b0
[  834.617621][T24853]  do_splice_to+0xc7/0x100
[  834.622166][T24853]  splice_direct_to_actor+0x1b9/0x540
[  834.627553][T24853]  ? generic_pipe_buf_nosteal+0x20/0x20
[  834.633292][T24853]  do_splice_direct+0x152/0x1d0
[  834.638334][T24853]  do_sendfile+0x396/0x810
[  834.643234][T24853]  __x64_sys_sendfile64+0x121/0x140
[  834.648976][T24853]  do_syscall_64+0xc7/0x390
[  834.653508][T24853]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  834.659418][T24853] RIP: 0033:0x45c479
[  834.663337][T24853] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  834.683564][T24853] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  834.692240][T24853] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  834.700334][T24853] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  834.708333][T24853] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  834.717318][T24853] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  834.725322][T24853] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000002d
[  834.741265][   T27] kauditd_printk_skb: 80 callbacks suppressed
04:46:45 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x800, 0x5)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x7, @fixed={[], 0x11}, 0x8000, 0x1}, 0xe)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

[  834.741289][   T27] audit: type=1804 audit(1583210805.014:8016): pid=24856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/582/bus" dev="sda1" ino=16897 res=1
[  834.837020][   T27] audit: type=1800 audit(1583210805.014:8017): pid=24856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16897 res=0
[  834.910082][   T27] audit: type=1804 audit(1583210805.014:8018): pid=24856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/582/bus" dev="sda1" ino=16897 res=1
[  834.993746][   T27] audit: type=1804 audit(1583210805.014:8019): pid=24856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/582/bus" dev="sda1" ino=16897 res=1
[  835.024888][   T27] audit: type=1804 audit(1583210805.084:8020): pid=24865 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/631/bus" dev="sda1" ino=16930 res=1
[  835.050662][   T27] audit: type=1800 audit(1583210805.084:8021): pid=24861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=16930 res=0
[  835.072556][   T27] audit: type=1804 audit(1583210805.094:8022): pid=24866 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/582/bus" dev="sda1" ino=16897 res=1
[  835.119167][   T27] audit: type=1804 audit(1583210805.104:8023): pid=24866 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/582/bus" dev="sda1" ino=16897 res=1
[  835.185508][   T27] audit: type=1804 audit(1583210805.454:8024): pid=24866 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/582/bus" dev="sda1" ino=16897 res=1
[  835.211431][   T27] audit: type=1800 audit(1583210805.484:8025): pid=24866 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16897 res=0
04:46:46 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:46 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
r8 = fcntl$dupfd(r7, 0x0, r4)
r9 = getpid()
sched_setscheduler(r9, 0x5, 0x0)
sendmsg$AUDIT_SET(r8, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x34, 0x3e9, 0x200, 0x70bd28, 0x25dfdbfd, {0x2, 0x80000000, 0x0, r9, 0x80000001, 0x3, 0x1000, 0x0, 0xffffffc1}, ["", ""]}, 0x34}}, 0x20000001)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:46 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
lstat(&(0x7f0000000300)='./bus\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = geteuid()
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f00000007c0)=[@in6={0xa, 0x4e23, 0x0, @loopback}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e23, @multicast2}], 0x3c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
fstat(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
fstat(r7, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getresuid(&(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)=<r9=>0x0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
r12 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r12, 0x4, 0x0)
sendfile(r12, r11, 0x0, 0x80001d00c0d0)
getsockopt$inet_IP_XFRM_POLICY(r11, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@mcast2, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000680)=0xe8)
syz_mount_image$hfs(&(0x7f00000000c0)='hfs\x00', &(0x7f0000000140)='./bus\x00', 0x40, 0x1, &(0x7f0000000180)=[{&(0x7f0000000200)="8cf2b1275e964585a2ec24f6cd990fd2e87c24f2904010a8ca8095ac8d5052cb765620c7ac32c2464f54a7dbfe6a53b9b771f80bda744a1c079e97a1bc9da5a88dfa3fb01c41cc3ecb2981760fa9af211638366afc7b29499532f77af287a6fb8c0dd95b018f4da0cbba928c3ef559e7e758ddb3911392cb4b385021104f271f94b66bc7cf7b623b4d44dcfe0eb42e54dd2e4065947ffbb1ed5aee50bd3271c289d0dfef5885ea8a1cec545d7e7b367af5ca9ccbc13051a151f5fb9247ffc01e03414e", 0xc3, 0x4}], 0x110406, &(0x7f00000006c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r3, @ANYBLOB=',uid=', @ANYRESHEX=r4, @ANYBLOB="2c63726561746f723d04d627152c71756965742c63726561746f723d47bbc9d32c6f626a5f757365723d73656c696e75782c7569643c", @ANYRESDEC=r6, @ANYBLOB=',euid=', @ANYRESDEC=r8, @ANYBLOB=',fowner<', @ANYRESDEC=r9, @ANYBLOB=',smackfshat=eth0}GPLbdevvboxnet0,fowner=', @ANYRESDEC=r13, @ANYBLOB=',(ash,\x00'])
r14 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r14, 0x200004)
sendfile(r2, r14, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r15 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r15, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:46 executing program 1 (fault-call:16 fault-nth:46):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:46 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000280)='./bus/file0\x00', 0x0, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000340)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000600)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x20000880}, 0x20044000)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r9 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000500)={0x3, 0x0, [{0x2, 0x8000, 0x7fffffff, 0x5415, 0xffff}, {0xb, 0x4, 0xffffffff, 0x1000, 0x7}, {0x1, 0x7, 0x5, 0x0, 0x9}]})
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r11, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r9, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:46 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000040)=""/254)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

[  836.818027][T24898] FAULT_INJECTION: forcing a failure.
[  836.818027][T24898] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  836.831598][T24898] CPU: 1 PID: 24898 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  836.840301][T24898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  836.850378][T24898] Call Trace:
[  836.853702][T24898]  dump_stack+0x11d/0x187
[  836.858309][T24898]  should_fail.cold+0x5/0xf
[  836.865372][T24898]  __alloc_pages_nodemask+0xcf/0x310
[  836.870760][T24898]  alloc_pages_current+0xca/0x170
[  836.875799][T24898]  push_pipe+0x18b/0x340
[  836.880104][T24898]  ? __radix_tree_lookup+0x18d/0x1c0
[  836.885405][T24898]  iov_iter_get_pages+0x49d/0x8cc
[  836.890454][T24898]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  836.896393][T24898]  bio_iov_iter_get_pages+0x106/0x5a0
[  836.901985][T24898]  iomap_dio_bio_actor+0x5e8/0x970
[  836.907201][T24898]  iomap_dio_actor+0x83/0x390
[  836.911938][T24898]  iomap_apply+0x1e6/0x660
[  836.916544][T24898]  ? iomap_dio_bio_actor+0x970/0x970
[  836.922035][T24898]  iomap_dio_rw+0x67e/0x9a0
[  836.926715][T24898]  ? iomap_dio_bio_actor+0x970/0x970
[  836.932128][T24898]  ? ext4_file_read_iter+0x2b4/0x360
[  836.937400][T24898]  ext4_file_read_iter+0x2b4/0x360
[  836.942509][T24898]  generic_file_splice_read+0x2df/0x470
[  836.948157][T24898]  ? add_to_pipe+0x1b0/0x1b0
[  836.952764][T24898]  do_splice_to+0xc7/0x100
[  836.957309][T24898]  splice_direct_to_actor+0x1b9/0x540
[  836.962927][T24898]  ? generic_pipe_buf_nosteal+0x20/0x20
[  836.968609][T24898]  do_splice_direct+0x152/0x1d0
[  836.973463][T24898]  do_sendfile+0x396/0x810
[  836.977944][T24898]  __x64_sys_sendfile64+0x121/0x140
[  836.983218][T24898]  do_syscall_64+0xc7/0x390
[  836.987719][T24898]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  836.993610][T24898] RIP: 0033:0x45c479
[  836.997643][T24898] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  837.017410][T24898] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  837.025821][T24898] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  837.035144][T24898] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  837.043913][T24898] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  837.051876][T24898] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  837.059854][T24898] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000002e
04:46:47 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$CAPI_INSTALLED(0xffffffffffffffff, 0x80024322)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000005, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = pidfd_getfd(r6, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_TRY_FMT(r7, 0xc0d05640, &(0x7f0000000280)={0x2, @win={{0x9, 0x0, 0x9, 0xffff}, 0x5, 0x8, &(0x7f0000000180)={{0x800000, 0x0, 0x80000001, 0x498}, &(0x7f0000000140)={{0x9, 0x200, 0x5, 0x101}, &(0x7f00000000c0)={{0x5d, 0x6, 0x7, 0x20}}}}, 0x6, &(0x7f0000000200)="2dfa30a3899f88926373e5d4d2977eb1f03b7397bf8dc52f6c573321b56895709dc7be47f1703a8eefc9d1e53e3bd482e7c63855987828bcceaf7fbfc739f96c56145ac5985a863253b3014b1969de13f3c54da8fc4c4382", 0x2}})
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:47 executing program 1 (fault-call:16 fault-nth:47):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:47 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x98428d57a99b5f44)
io_setup(0xd, &(0x7f0000000100)=<r4=>0x0)
io_submit(r4, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r3, &(0x7f0000000000), 0x377140be6b5ef4c7}])
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = dup3(r6, r7, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000280)={0x0, 0x0, 0x92, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000100)="645371d5f08399c0f37ea67422affdbe5a70f58c77346fd235c5acc438beaa53d17a355733c4708c7329c4d3887df02cf45e840c9801bdac74a98d19f92b8eeafa78929a3c03e009cdd8e2b0d72acee2901a6f4312d387a61a2cfb3f33b3684abd5d195b0374ce26b5e64f8d7ef4b1cd70e5173ef678cf029bf60186f5842d5ea3a15edc86fc6c7c46ee8bd83ccf152a1b63", 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r9, &(0x7f00000005c0)=[{&(0x7f0000000040)="9f8194be5ace602f096d07ff00cd66299667b70536342623b372d82fefa01f9a2d83297f99b4e597f4e9fad324868e83f474d0c35449712f00c51c638e6aea4a8dee825286b31a260e9b442bb0b4179b3147", 0xff7c}], 0x1)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r5, r10, 0x0, 0x80001d00c0d0)
io_cancel(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x1cbc, r10, &(0x7f0000000040)="d48fd202a438de5f2c47ea3a98a4175d2532bd52e9ce9ef9bb72eb45f70bf47b58b29008ce00f6e862f99e897c0bf40484b142bc791528dd3ebf4a5c4468d09c3ea5bb1baea36ce2d25170d90a4ab832f1be081dd3709574c3d3c37d276cfabf5ec26d50bfe271c3a97b04873708f6cdee1389c671869ddad7991e62d8f1b13397d1ba778d1e037a989930e87613cf2252fc7c6e6de7ede67affdd113437d0", 0x9f, 0x3ff}, &(0x7f0000000140))
close(r2)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r11, 0x0, 0x80001d00c0d0)

[  837.718305][T24919] FAULT_INJECTION: forcing a failure.
[  837.718305][T24919] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  837.739769][T24919] CPU: 0 PID: 24919 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  837.748591][T24919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  837.758848][T24919] Call Trace:
[  837.762176][T24919]  dump_stack+0x11d/0x187
[  837.766538][T24919]  should_fail.cold+0x5/0xf
[  837.771199][T24919]  __alloc_pages_nodemask+0xcf/0x310
[  837.776513][T24919]  alloc_pages_current+0xca/0x170
[  837.781567][T24919]  push_pipe+0x18b/0x340
[  837.785870][T24919]  ? __radix_tree_lookup+0x18d/0x1c0
[  837.791196][T24919]  iov_iter_get_pages+0x49d/0x8cc
[  837.796256][T24919]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  837.802171][T24919]  bio_iov_iter_get_pages+0x106/0x5a0
[  837.808273][T24919]  iomap_dio_bio_actor+0x5e8/0x970
[  837.813417][T24919]  iomap_dio_actor+0x83/0x390
[  837.818121][T24919]  iomap_apply+0x1e6/0x660
[  837.822632][T24919]  ? iomap_dio_bio_actor+0x970/0x970
[  837.828039][T24919]  iomap_dio_rw+0x67e/0x9a0
[  837.832554][T24919]  ? iomap_dio_bio_actor+0x970/0x970
[  837.837906][T24919]  ? ext4_file_read_iter+0x2b4/0x360
[  837.844173][T24919]  ext4_file_read_iter+0x2b4/0x360
[  837.849478][T24919]  generic_file_splice_read+0x2df/0x470
[  837.855199][T24919]  ? add_to_pipe+0x1b0/0x1b0
[  837.860011][T24919]  do_splice_to+0xc7/0x100
[  837.864450][T24919]  splice_direct_to_actor+0x1b9/0x540
[  837.869849][T24919]  ? generic_pipe_buf_nosteal+0x20/0x20
[  837.875544][T24919]  do_splice_direct+0x152/0x1d0
[  837.880684][T24919]  do_sendfile+0x396/0x810
[  837.885178][T24919]  __x64_sys_sendfile64+0x121/0x140
[  837.890402][T24919]  do_syscall_64+0xc7/0x390
[  837.895046][T24919]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  837.901027][T24919] RIP: 0033:0x45c479
[  837.905194][T24919] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  837.925367][T24919] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  837.933973][T24919] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  837.941951][T24919] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  837.950186][T24919] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  837.958171][T24919] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
04:46:48 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
bind$bt_sco(r6, &(0x7f0000000080)={0x1f, @none}, 0x8)

04:46:48 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
r8 = fcntl$dupfd(r7, 0x0, r4)
r9 = getpid()
sched_setscheduler(r9, 0x5, 0x0)
sendmsg$AUDIT_SET(r8, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x34, 0x3e9, 0x200, 0x70bd28, 0x25dfdbfd, {0x2, 0x80000000, 0x0, r9, 0x80000001, 0x3, 0x1000, 0x0, 0xffffffc1}, ["", ""]}, 0x34}}, 0x20000001)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  837.966382][T24919] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000002f
04:46:48 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
ftruncate(r3, 0xd2)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$KDGKBSENT(r6, 0x4b48, &(0x7f0000000200)={0x5, "9ee385576ddd8e5cd68e1f7d376a1e05ead15a9d5e7b88a61b0313a2df6bd816deb325127359e3f544f12d6e4a59b77c0f374e650da8162d3c9b44e904125f887a951abd3a37e49646e9ec50772e867032fc0390bfcec9a7946f6524c0dcb88a69fa14d6aa8af042051938f0e05fd9d410685bcfa0629e802a9090caddfe58ec78b2461654e95cb6298c6d4363cea17bc832c183ce5331f92c6ba696e0bc48cf8f915a72c1794cc40c3dbeade69273e8685a4d516604932af15140f19a0def1711c59ea07d84268f7adbfa6998c2b96523c2b7cbf4dfe23a85b0d24c37d3eda1e01b4313e532cf1dfec0e019df6756929e8f8e27bac45657b47da9577655cf257ee6cf1185d4be8d8f0338bf5e47a54c323fad0640bd1d21e8696d2c391173e6cc0902d6efb1b52a58b4bb809d5120c6c87f497ac10b2d8df62de957b6619887eab5e49090aa94e0f68b4fb1680bd5805803b3daaee6aaaeef40481a182a55201e515ef9a39097b3da909ed638f7c2a3659ed86ee249a382ff4472bc1410970127e0af8d5153b46014e337930c7e648732f9e0d1f71cc1bbd1461394811922a8d18fbe2f6c63eb95a39888877e3091dfb599e74d363b2ac92ca6b58d565461f6cd599a9bfd6316f511cc23eba42c8a29d33eaacc60c6d3150b657413202af1787ba5884e073ec3e24e9062f154840ce1a5430d443c96a2367cc1dc963eb37079"})

04:46:50 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xffffffffffffffff, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:50 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000080)={@loopback}, &(0x7f00000000c0)=0x14)
close(r0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
sendfile(r0, r2, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000040)=0x3)

04:46:50 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf2508000300000000000800450073727000080045005e727000080003000300fe227bc2df5e98fe00000800040000000000080003000000000008000300020000403e613c6bdc9d3a4add7efceb2a0400000000000000a52646f74d32eaf502f19a866c1e63c39c7ea000040000000000009c98be39d8954cdb5c0013d200fde573272487f7ce8e0acdfdabff62000000000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = accept4(r6, &(0x7f0000000380)=@can, &(0x7f0000000080)=0x80, 0x80000)
getpeername$inet(r7, &(0x7f00000005c0)={0x2, 0x0, @local}, &(0x7f0000000600)=0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
sendmsg$nl_route(r9, &(0x7f0000000680)={0x0, 0xfffffffffffffec0, &(0x7f0000000280)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x8001}, 0x20008800)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:50 executing program 1 (fault-call:16 fault-nth:48):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:50 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$CAPI_INSTALLED(0xffffffffffffffff, 0x80024322)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000005, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = pidfd_getfd(r6, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_TRY_FMT(r7, 0xc0d05640, &(0x7f0000000280)={0x2, @win={{0x9, 0x0, 0x9, 0xffff}, 0x5, 0x8, &(0x7f0000000180)={{0x800000, 0x0, 0x80000001, 0x498}, &(0x7f0000000140)={{0x9, 0x200, 0x5, 0x101}, &(0x7f00000000c0)={{0x5d, 0x6, 0x7, 0x20}}}}, 0x6, &(0x7f0000000200)="2dfa30a3899f88926373e5d4d2977eb1f03b7397bf8dc52f6c573321b56895709dc7be47f1703a8eefc9d1e53e3bd482e7c63855987828bcceaf7fbfc739f96c56145ac5985a863253b3014b1969de13f3c54da8fc4c4382", 0x2}})
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:50 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x4, 0x2)
getsockname$l2tp6(r3, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000280)=0x20)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x84, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = getpid()
sched_setscheduler(r5, 0x5, 0x0)
ptrace$getsig(0x4202, r5, 0x5, &(0x7f0000000140))
sendfile(r1, r4, &(0x7f00000000c0)=0x401, 0x6)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  839.849655][   T27] kauditd_printk_skb: 65 callbacks suppressed
[  839.849704][   T27] audit: type=1804 audit(1583210810.114:8091): pid=24949 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/635/bus" dev="sda1" ino=17451 res=1
[  839.892276][   T27] audit: type=1804 audit(1583210810.124:8092): pid=24948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/545/bus" dev="sda1" ino=17449 res=1
[  839.930903][T24957] FAULT_INJECTION: forcing a failure.
[  839.930903][T24957] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  839.935878][   T27] audit: type=1800 audit(1583210810.124:8093): pid=24948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17449 res=0
[  840.003312][T24957] CPU: 0 PID: 24957 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  840.009717][   T27] audit: type=1804 audit(1583210810.124:8094): pid=24948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/545/bus" dev="sda1" ino=17449 res=1
[  840.012058][T24957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  840.012064][T24957] Call Trace:
[  840.012095][T24957]  dump_stack+0x11d/0x187
[  840.012161][T24957]  should_fail.cold+0x5/0xf
[  840.012187][T24957]  __alloc_pages_nodemask+0xcf/0x310
[  840.012263][T24957]  alloc_pages_current+0xca/0x170
[  840.070516][T24957]  push_pipe+0x18b/0x340
[  840.074788][T24957]  ? __radix_tree_lookup+0x18d/0x1c0
[  840.080100][T24957]  iov_iter_get_pages+0x49d/0x8cc
[  840.085291][T24957]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  840.089377][   T27] audit: type=1804 audit(1583210810.124:8095): pid=24950 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/585/bus" dev="sda1" ino=17450 res=1
[  840.091206][T24957]  bio_iov_iter_get_pages+0x106/0x5a0
[  840.091237][T24957]  iomap_dio_bio_actor+0x5e8/0x970
[  840.091263][T24957]  iomap_dio_actor+0x83/0x390
[  840.091313][T24957]  iomap_apply+0x1e6/0x660
[  840.135885][T24957]  ? iomap_dio_bio_actor+0x970/0x970
[  840.141552][T24957]  iomap_dio_rw+0x67e/0x9a0
[  840.141567][   T27] audit: type=1800 audit(1583210810.124:8096): pid=24950 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17450 res=0
[  840.141601][   T27] audit: type=1804 audit(1583210810.124:8097): pid=24950 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/585/bus" dev="sda1" ino=17450 res=1
[  840.146081][T24957]  ? iomap_dio_bio_actor+0x970/0x970
[  840.146152][T24957]  ? ext4_file_read_iter+0x2b4/0x360
04:46:50 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f0000000040)=@srh={0x6c, 0x4, 0x4, 0x2, 0x7, 0x20, 0x7fff, [@dev={0xfe, 0x80, [], 0xb}, @rand_addr="eb2892a620235ceb5125a0dff2810552"]}, 0x28)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

[  840.146169][T24957]  ext4_file_read_iter+0x2b4/0x360
[  840.146191][T24957]  generic_file_splice_read+0x2df/0x470
[  840.146259][T24957]  ? add_to_pipe+0x1b0/0x1b0
[  840.146278][T24957]  do_splice_to+0xc7/0x100
[  840.146302][T24957]  splice_direct_to_actor+0x1b9/0x540
[  840.146407][T24957]  ? generic_pipe_buf_nosteal+0x20/0x20
[  840.178069][   T27] audit: type=1804 audit(1583210810.134:8098): pid=24951 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/612/bus" dev="sda1" ino=17452 res=1
[  840.191895][T24957]  do_splice_direct+0x152/0x1d0
[  840.191980][T24957]  do_sendfile+0x396/0x810
[  840.192023][T24957]  __x64_sys_sendfile64+0x121/0x140
[  840.204829][   T27] audit: type=1800 audit(1583210810.134:8099): pid=24951 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17452 res=0
[  840.208312][T24957]  do_syscall_64+0xc7/0x390
[  840.208340][T24957]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  840.208354][T24957] RIP: 0033:0x45c479
[  840.208377][T24957] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  840.208386][T24957] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  840.208465][T24957] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  840.208475][T24957] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  840.208486][T24957] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  840.208498][T24957] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  840.208510][T24957] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000030
[  840.380934][   T27] audit: type=1804 audit(1583210810.144:8100): pid=24950 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/585/bus" dev="sda1" ino=17450 res=1
04:46:50 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
prctl$PR_SET_ENDIAN(0x14, 0x2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x40, 0x8f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:51 executing program 1 (fault-call:16 fault-nth:49):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:51 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$CAPI_INSTALLED(0xffffffffffffffff, 0x80024322)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000005, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = pidfd_getfd(r6, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_TRY_FMT(r7, 0xc0d05640, &(0x7f0000000280)={0x2, @win={{0x9, 0x0, 0x9, 0xffff}, 0x5, 0x8, &(0x7f0000000180)={{0x800000, 0x0, 0x80000001, 0x498}, &(0x7f0000000140)={{0x9, 0x200, 0x5, 0x101}, &(0x7f00000000c0)={{0x5d, 0x6, 0x7, 0x20}}}}, 0x6, &(0x7f0000000200)="2dfa30a3899f88926373e5d4d2977eb1f03b7397bf8dc52f6c573321b56895709dc7be47f1703a8eefc9d1e53e3bd482e7c63855987828bcceaf7fbfc739f96c56145ac5985a863253b3014b1969de13f3c54da8fc4c4382", 0x2}})
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:51 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000240)={0xa20000, 0x6, 0x7f, <r3=>0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x980915, 0x80000001, [], @string=&(0x7f0000000180)=0x1}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00')
sendmsg$NL80211_CMD_START_SCHED_SCAN(r3, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x24, r4, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x1f}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8804}, 0x4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fsetxattr(r1, &(0x7f00000000c0)=@known='security.apparmor\x00', &(0x7f0000000140)='\x00', 0x1, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:51 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="5b0000000f1401002abd7000fcdbdf250b004500736d635f696200000800450073727000080045007372700008000300033af7cfca548016e260c4d87f0afdef98000000080003000000000008000300000000000800030002000000b8131df3a8bd494ca36573cf05e146ff254e14bff6ab4d31b48d60d208014777d55acf36175c594e7e6960900aaae5c1"], 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x80c0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x0, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="0000000010000003000000000400ffffff0000006c8dbebbb1d705fd1f2e4cec083694526b4c62d5621618563c8b4696457054cd8328ace0edeac3a0e67aa9dbedea0a0109ed963e988d77f49a0fb579f7de1c410ec8a33861c7cb1ea9b25392980494ab394e1eda4019acb27773b75a38c7b93a4f8aa54e2de3743910dbdc062e4d47d4bd417bb743e6c7a9993494f63024a4cd06d49f8714a6917dcfd36f7647ab1848de", @ANYRES32=0x0, @ANYBLOB="00000000002400458bdeeb4582668f6e88ac124600"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
socket$inet6(0xa, 0x400000000001, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
ioctl$SIOCAX25CTLCON(r8, 0x89e8, &(0x7f00000005c0)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x5, 0x0, 0x7, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]})
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
getsockopt$bt_BT_CHANNEL_POLICY(r11, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  840.963161][T24980] FAULT_INJECTION: forcing a failure.
[  840.963161][T24980] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  841.032691][T24980] CPU: 1 PID: 24980 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  841.041416][T24980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  841.051565][T24980] Call Trace:
[  841.054882][T24980]  dump_stack+0x11d/0x187
[  841.059241][T24980]  should_fail.cold+0x5/0xf
[  841.063817][T24980]  __alloc_pages_nodemask+0xcf/0x310
[  841.069139][T24980]  alloc_pages_current+0xca/0x170
[  841.074190][T24980]  push_pipe+0x18b/0x340
[  841.078470][T24980]  ? __radix_tree_lookup+0x18d/0x1c0
[  841.084057][T24980]  iov_iter_get_pages+0x49d/0x8cc
[  841.089213][T24980]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  841.095170][T24980]  bio_iov_iter_get_pages+0x106/0x5a0
[  841.100676][T24980]  iomap_dio_bio_actor+0x5e8/0x970
[  841.105814][T24980]  iomap_dio_actor+0x83/0x390
[  841.111058][T24980]  iomap_apply+0x1e6/0x660
[  841.115615][T24980]  ? iomap_dio_bio_actor+0x970/0x970
[  841.121212][T24980]  iomap_dio_rw+0x67e/0x9a0
[  841.125733][T24980]  ? iomap_dio_bio_actor+0x970/0x970
[  841.131251][T24980]  ? ext4_file_read_iter+0x2b4/0x360
[  841.136597][T24980]  ext4_file_read_iter+0x2b4/0x360
[  841.141972][T24980]  generic_file_splice_read+0x2df/0x470
[  841.148066][T24980]  ? add_to_pipe+0x1b0/0x1b0
[  841.152694][T24980]  do_splice_to+0xc7/0x100
[  841.157279][T24980]  splice_direct_to_actor+0x1b9/0x540
[  841.162773][T24980]  ? generic_pipe_buf_nosteal+0x20/0x20
[  841.168586][T24980]  do_splice_direct+0x152/0x1d0
[  841.173698][T24980]  do_sendfile+0x396/0x810
[  841.178373][T24980]  __x64_sys_sendfile64+0x121/0x140
[  841.183896][T24980]  do_syscall_64+0xc7/0x390
[  841.188575][T24980]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  841.194484][T24980] RIP: 0033:0x45c479
[  841.198499][T24980] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  841.219031][T24980] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  841.227627][T24980] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  841.235638][T24980] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  841.244245][T24980] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  841.252226][T24980] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  841.260214][T24980] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000031
04:46:53 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xffffffffffffffff, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:53 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x0)
ftruncate(r2, 0x80000ff)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)

04:46:53 executing program 1 (fault-call:16 fault-nth:50):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:53 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
r5 = fcntl$dupfd(r2, 0x406, r4)
getsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f00000000c0)=0x5, &(0x7f0000000140)=0x4)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
ioctl$FS_IOC_GETFSMAP(r8, 0xc0c0583b, &(0x7f0000000200)={0x0, 0x0, 0x1, 0x0, [], [{0x3, 0x80000000, 0x101, 0x8, 0x1f00000000, 0x4}, {0x0, 0x9, 0x2, 0x2, 0x100000000, 0x5}], [[]]})
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r6, r9, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getpeername(r12, &(0x7f0000000300)=@pppol2tp={0x18, 0x1, {0x0, <r13=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f0000000180)=0x80)
r14 = openat$null(0xffffffffffffff9c, &(0x7f0000000380)='/dev/null\x00', 0x1, 0x0)
dup3(r13, r14, 0x80000)
fcntl$setstatus(r10, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:53 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x82)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141002, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x26, 0x80002, 0x88)
ioctl(r1, 0x0, &(0x7f0000000500)="080db5055e0bcfe86960715e2854c0467436cbcec30af28a123f4e56191f418884b3194a54120af47af9c05cc507832f2414aeb3026499db8009a588ed2f19a7c4d6fe9570f4dcf769e4373b7fdb0f6e354b320b7180f0326ab685a662847a7b9f4052fe088f85ba3ed7097c8728041b4f43c35b870bb4a1e1cdab07470e0062b63b92418c27b90034a307ccc0cf89f1980a2477c0c102c15653")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4800ff00a3ebb19eca2fb207859ba931560f14000026bd7000fcdb9f2508000300000000000800450070000800030003000000080003000000000008000300000000002f0800030002d27dcda91946089c000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$KVM_GET_CLOCK(r7, 0x8030ae7c, &(0x7f0000000080))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:53 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$CAPI_INSTALLED(0xffffffffffffffff, 0x80024322)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x400000000005, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = pidfd_getfd(r6, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_TRY_FMT(r7, 0xc0d05640, &(0x7f0000000280)={0x2, @win={{0x9, 0x0, 0x9, 0xffff}, 0x5, 0x8, &(0x7f0000000180)={{0x800000, 0x0, 0x80000001, 0x498}, &(0x7f0000000140)={{0x9, 0x200, 0x5, 0x101}, &(0x7f00000000c0)={{0x5d, 0x6, 0x7, 0x20}}}}, 0x6, &(0x7f0000000200)="2dfa30a3899f88926373e5d4d2977eb1f03b7397bf8dc52f6c573321b56895709dc7be47f1703a8eefc9d1e53e3bd482e7c63855987828bcceaf7fbfc739f96c56145ac5985a863253b3014b1969de13f3c54da8fc4c4382", 0x2}})
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:53 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000040)={0x1, 0x2ceb, 0x82})
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

[  843.058516][T25019] FAULT_INJECTION: forcing a failure.
[  843.058516][T25019] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  843.122152][T25019] CPU: 1 PID: 25019 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  843.130869][T25019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  843.140936][T25019] Call Trace:
[  843.144244][T25019]  dump_stack+0x11d/0x187
[  843.148637][T25019]  should_fail.cold+0x5/0xf
[  843.154567][T25019]  __alloc_pages_nodemask+0xcf/0x310
[  843.159885][T25019]  alloc_pages_current+0xca/0x170
[  843.164930][T25019]  push_pipe+0x18b/0x340
[  843.169325][T25019]  ? __radix_tree_lookup+0x18d/0x1c0
[  843.174785][T25019]  iov_iter_get_pages+0x49d/0x8cc
[  843.180302][T25019]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  843.186589][T25019]  bio_iov_iter_get_pages+0x106/0x5a0
[  843.192284][T25019]  iomap_dio_bio_actor+0x5e8/0x970
[  843.197520][T25019]  iomap_dio_actor+0x83/0x390
[  843.202292][T25019]  iomap_apply+0x1e6/0x660
[  843.206735][T25019]  ? iomap_dio_bio_actor+0x970/0x970
[  843.212101][T25019]  iomap_dio_rw+0x67e/0x9a0
[  843.216608][T25019]  ? iomap_dio_bio_actor+0x970/0x970
[  843.222077][T25019]  ? ext4_file_read_iter+0x2b4/0x360
[  843.227353][T25019]  ext4_file_read_iter+0x2b4/0x360
[  843.232469][T25019]  generic_file_splice_read+0x2df/0x470
[  843.238184][T25019]  ? add_to_pipe+0x1b0/0x1b0
[  843.243004][T25019]  do_splice_to+0xc7/0x100
[  843.247464][T25019]  splice_direct_to_actor+0x1b9/0x540
[  843.252836][T25019]  ? generic_pipe_buf_nosteal+0x20/0x20
[  843.258491][T25019]  do_splice_direct+0x152/0x1d0
[  843.263398][T25019]  do_sendfile+0x396/0x810
[  843.267846][T25019]  __x64_sys_sendfile64+0x121/0x140
[  843.273210][T25019]  do_syscall_64+0xc7/0x390
[  843.277730][T25019]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  843.283753][T25019] RIP: 0033:0x45c479
[  843.287821][T25019] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  843.307518][T25019] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  843.316037][T25019] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  843.324182][T25019] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  843.332377][T25019] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  843.340344][T25019] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  843.348581][T25019] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000032
04:46:54 executing program 1 (fault-call:16 fault-nth:51):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:54 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000240)={0xa20000, 0x6, 0x7f, <r3=>0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x980915, 0x80000001, [], @string=&(0x7f0000000180)=0x1}})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00')
sendmsg$NL80211_CMD_START_SCHED_SCAN(r3, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x24, r4, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x1f}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8804}, 0x4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fsetxattr(r1, &(0x7f00000000c0)=@known='security.apparmor\x00', &(0x7f0000000140)='\x00', 0x1, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:54 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
sendmsg$L2TP_CMD_SESSION_CREATE(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x2, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x48004}, 0x20040004)
close(r2)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$UI_SET_MSCBIT(r1, 0x40045568, 0x3d)
openat$cgroup_ro(r7, &(0x7f0000000040)='cpuset.memory_pressure\x00', 0x0, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
writev(r9, &(0x7f0000002480)=[{&(0x7f0000000180)="f654dadcbe786d9b92811ee6e733513a6e6177015705e6e69cd79e61806ca4ec31d51ab3d5bd109d8733fd1f2feeade623b65c5885465ca912bc79995850678cb2841137d00fa4020a3e50134bbc1a45edc7a6c8144514d4bd424f17d65bce2981b3b94f9f80de81376ef66104269507e52b8e6f162ac492cf3773acf6bb12c32263c803674d92b9c87a51e7d0e84c57c9382de1088ed60dc323c54687d46508db3167f5f7985b062a5bcf21c4f23e6a3ff8c83984897a8380f83ecf0c673ee11b74ff4ee6ef4bb5bed0404e68e0da13254b51b69b3f3bb616d75a6219ce0c4a1d33f2b5c93a094863768938be940375b48698e331a19c820385", 0xfa}, {&(0x7f0000000280)="84a3caf15169baf2ce419b152a3ce339a40838a14b089f09e87874e2ca", 0x1d}, {&(0x7f00000002c0)="44671d238f2fa4f6113e6b753df19259f5c5c5a00f88e8502f771a704a2f8adaaf5a676842e2857f9bc8a459b2bad30462ed113b227e280e12b953f942e749c76d860f6ea29059a5b0a979f3333786364edbcd632265d730485cf698bfc82fd31cf199ff0dc49a903a1e853c61091d7183c33e478df028059f93a9d5d2abb2674b0ea894438fa1793590c3e0fcd1daf755c0bfa024c3ab79cb9d80633fb0b6291f80bc4e936ff3316375a43d7a02eeaa8687b3c4898a3bf678f644db9edfac4bc11e3fbc867cf8b7d5794062f2b5a99d63eaab8fc9246feafa946691426a0eee7b344689e56abfef733f91dacbec80c75e80b8a077c9a6556f211d7d69274cdaba114ebaddf20cdbdf513ebe303e57b878efb6e5aad88183bdc45a2a2741c5cf2d728c30b16f5dd6907cf3e6161c85b91e5874ce2f6715e0ff1f8bf82644e348fc5de46515ff3da07cae4cd51729cf7c19a8f571e6a4e85e8b9646509294b7f3da3b0ca37ed63b9540e5e32a95dff81d810214505b654ae1ede33141b5fa616dd90f75c359c5c138a9a29ee825e5f66f8290fc6f3a0ca4e68e0a4d062f14a836c57e41735a74632c574cd5ee5aa1b5ddbe2765e7dd02851df5f644dbb027f8a9bd49a9178d8df2898932bebf2c86b0959818e878e96884868ee33d6327393d7e036cc5ddf6be1b074501bfc160632e012ce5733f511eef486af6c089199bf8e705409b2ca0c6b095a125e0edbdb78f2cb4cd36990b948d4c1695671619925826c5c30cead760a1bb8c0627d0b4600059d2a22612c894a0ff731380795e5d3a0a5ce949c538ea5ae3219b34b6340a7d885135fe2f6eb5082618f1901793e4ba13e436cc84a18b9af99df60c834124eeacb89fdb1c2b67276a0c5b552d5a1fbaa778e86b5732e1e5e5aa913de4fc89ffc45bea4b984281d4d4f2fd9be1d06eac64f692ff9f0093b2549008fd803db64af61193e164d832a4ac884ee494b68975d1cf582673ac7893bf3c7a32a5e5ce997c6dfc913607b592921d3307906adfedfba440ac2c088ae2ba1652c339350231923ec30ceaa1a238e7a5c564ff72168c4e81e83307ae454f52bd0e343a8c07457f6fb90425b7dbbd288ce6017fcd6a03504bf48abc15044c62c657f85acbc330bb117052d60e474a9b50f2976a3bc24e7b8e192b0b7d8884143e04ed4b65de24998a1489c18ede40ca053f199edd80e438999fefdb217b90e87756b0c055eb9d33039b1c765d220e58bdf72134c506f31b1e44cf8c8b893db8e600416c4ae0d9d800ecb79bbe48c1e505368a6428e0d1fb213f5060977f2150823ed2b30b9febc50ceb03e643e8f23debd6599015f5a924311e365f3a13c7e5916b787a74afa7f6d4e3a882d8f75980a36ebbe7a0463c728be3bfeafcc9ed3c34bb1b2d76614e708ca1b0e638ac7170c46458f34edd38f7108036675e04ce90337ab3bea028f44b75e7d0100a3363444801eae56185b002c918d091b2a965465a4aa52e057dff9b68336c73259a8ada4603ba1f9408413327d64d48942a4e8f9c0fb4f8cd6ac47b6102587d296cd0ee0afe8e07e65ec62ad9264129873e74e1efe52cd6556dad9906cf38fb70afc7a77dde6cc953ad1262f60f85f3d6fede9b5ee5c7d594c560c6be445798202c88b1cb6679a0c985ea36c149b1ef86182ce38039ecbe6fa6682231206fbe16a0a5394212566698c5b3d0fcd970a471dee18f34f8599ab504a261c40c3a61c6617dd340e799d29a2e571fdf403adb63bddc0312e052b8719f0b975cd67b016bd09de039d09dec9b22c644028b40b07aea010178c2e596a998d4498af2e50e9902b056de180f6a4816fac3a39c5a7d889df3a0be7aa7cfb3fa011eff5a4fd846443b827a62db100df378a4dc145f75fe0754a12c093df021c59a7ff634c0eeebcd11f455010e260e5ab84564940907c379bf8efc3f391b0f2cdd35e3dd4bf805456701c7f064f94159bdf88d908c4effbc128efe7539388c846823d348e6933b219a2e8ef64f0298e341efdfea50d520a440c6b6b9b2df7fee1e744b4b0b40cec6e231229ad7ca3f53de01c121fc9039a6881c90f2d3ab5135f8b66b184fcec780369f86552c1fa1a820c0a69399c6ea041964d38253e3b27306570c96dbf92425a2e1399c457a98429b2dd7ac3713808c201f1f0c83a88b87e8d230057183986c28edd8d152fb8c53bd0668c0511f2260e742c25792831af00dcea74b1f3274e21e960e7a624716ef6d8d01be444ba13480703e968f52715c6304458cfb98216f77190684fd8bce59bcabff2d9c1ff3b95d446e09c0af4e02a52e2d35a5143b27bd0790e7249ba0c02fa64eb46ffea26b8cc24b6d1e6a7741f4262bfa03b1e98a965891b995cd40cdb790fa21917bbd8ab1373d42ee1d6c5c5ea2f138677a41f1924bc445c0993d4618f79b8c74937f43a8d2164f702d37ecede4d0fa1d6c40014e06fbfcbb26596398efc6f00c26cca51b95854e2bc0e5026fdf05fe2cbaf273b6e5cb4d221d699da9c8a1bd8662125009231b265bb4200065cc4d466b4db325c6633175721c6e3e58e4aba1aae3617afb5ce5326c07ff2eb58113a22218819f34282a5b2a2cb17110ec0fe22782f051e530776033d3e62187ca647cbfb01c3f15ba40db822b7437a16590853c75832371f0dbeb1ba724a2a3469de43b3522a4103c5d7d7409c548c648ca87b32eb12ec77c8237b6d795a2de2e019e8cb642deee0625277d2c5eefe5d13b8b6f02b83e2cc261cfaab692db4daec5ba107c48ce7e06394b69fd7725a2c337fb402bf3007f8f8afd60cfc61a7cfcd5e6857ad8e74470c27b48b286f5e47b745d491d2852904c7c343548abc1876b37ac84474867d3a98bd550c3a327f14fc956d34d5f33396c9e7d2ca20b8712f413acfe5428f5822bbdf2f09a08ff0127ee4ad7a5f43c4256550421c45167f4c3fdfb6f7163981a81b211510eb020ee5b15ac690c1d9b0408aa7e3fdda0b8c81c83eadb4ba893331fcdbddbcb16814e5f779b90403d3d5e34c7c4840db35d0ad26b0209d5e1ab1149c22ee6a7fae1a80b07ef045d960ae7d394f0018ef9d2176d94e9ba2810d0c5d6f7e57ecdc7032fdfec46ea2eebc34f2c9db579ef88c1f42b5d37239171305732475f5b78104e864ddb61da0336a613ec0ff9fab7001d53cff8dd0f7b52b1081076ae98018ff5c1cab045e428e564a990dde0e5bff37b1b1075780e32a8bfaa2206110175166252818cc92742d1f99f11ec7af2bd2002cae38731d0153ff17ffeb15e1769e8237fad81883f7d98d1c7997b2e202786f6e3d2210cb618a742423d53112b7a27e956bab409223c177f2d9fcfddd237111ffff45a41665c80d480cf56cc9ba87a49816ada094ced9bb1b74e462872fccb7c4e9ca6e2e9446603a090a939e0f24c0b42b67316e66b4fdd08f77b2f36e6d5af63bbae290886fdcb32112fbe1db2ff0abf264fbc6caa79f6013d372ab965ee4fcd935cacf6066d007e90081fe0ee272a2785b19aaca7b5e321331d62067f1bb39524321797fca847e2716a8402c000c6661e56ac0bc1a9192d8b472d862ea36d24c2693cfb2706d36bcfb85b0d43afd94c579be57ac770d4810cf1b0c893516311183b9c466f114fffd85d55776ae2c2c501dfc85cc316bf8109fc122edd846420549306031865dc418914c3e0a61d6a7157306b29df6a378fbf718859d63cae548e6739516aa4eb29b97420a0755e036fc84a2d8fc58fb9401e4c826fa62f8c3d9516d95e75e21ddd744136c27afbcda33de67d88dd80a85af595cafe325941cf3fb2e3874904695eba09cd3de606c40b78681736252201d4dc906e9cbd6bc82742112a07153ead16cefa12f6d0e63dae442feced3343cc3545558c2d944c31fc9388ba6f8e52c62de461040a0161c4bf9c1337752d068f1a77616b12fb931833fb0811d41c926ef02570c6fa4e32d24d1108546be7eb56000884314a9505a404aa8ebf76ecf8c807c96b4c29d8e2d7b0ed7916a07d15253c0fd1580c77883592bedfef43ae741fcff8b89513bdd3452fd09a782fe87c0f6d1f6afa83d422397be6cf3e9dd29e155996d072fe6f398e30e1578e7b236443fd153367ddc07828e6f6f91b43ceb70eb8f27d63ec57caaf39be1d5657f646aab758a3615e4970dea0c5499d952f20c3e6ad07c145261cb0fc8449d5209fc931092e98db044e0606b965bacf73b6f9a3d02aa92b171707ec32014c5e18a3c6f5fb5cf76c0fc14c35da542718315337e45cde7f367f7aa08ee870a96e26be6b5bbea81397eadfb0c5806dc51bbd73f938a149367f1e1206523f82b775bb4d1393ac27502a2be99dff66a9bdff5ad8e76ae60828642071c02d2ab5443b662bcf1afb242b72cc448c77fbe304101248c4f896a693d3180d3dee54e96aebb0ecc7a2aa16263fc4b62bf708980d95a035bce7de257a773e33ad6e9016cb4a060ea620214b4699064fd34ba66c7d9efd8c72631b5a6aaad2c0833d2ac6be55de5a8d3918b405ab4170bcea03cdc5206ebcd38833cb1c84087bb3e136d030737c0067af835836619881d4703e63bd9b40c48bf2ea7d4f3851625175cf0393499402703ac21dac18d247a4448149dbabd4fbc1a36a3d93b9e70a8fef72c0d2aff6b1fc91d9f2a97d68d9bb6fce9b5431b82b28ca16c776517ef1a4bb3de884fb41e074cd1431b8d23c8ada2d9550adbf8af9fb2962a63a46fa12274c449596ab339ea41caf3b9555f96da3bcc1b270b3c9b9f2fcfe5d2936732e084b140f1a7a3e18d8df6ff812a5cfab2571e95cfa3e07425bb7c81bdc218ef689780811ed787c8c8bbcef6257c50d44d8b1181fd54236ffd7ade98d986f72e826843820821e1b13b1ae72edb277225af616fb09b5020453795c31d14a186914b6ebbb9d46f409ebcb40a89ec5a0582ab42ec8060fce451a15c14554ca34d0d10f055296f138bea40788071ee52df9c98a386cc91ed6174c11282d3f81996f9df6de039fa032a21ba578fc0d9ef10357e930b4bc5d68df1675e23fe1b3eea38489b8f3187074d1815c31f9aea37a9f84f85d21f8b7f7b13b8345f7be5dcfe943770d2fe2afc56251eff68659134908464701a06badc7fe6b8201fb2f7115d099fb8c2d6a2197723514b0a511f4131623f388b8da2ad8ed37517929a67730b8d6fe65f3a1d1b58c1bd607df1845080a2bf6ef22c611475164f672c518c77737cd7202665d5a3b6e0619d2d215ff65b4fe6022673d319466df0c485506c1cb8460494aff66f466eecbf6237358110ecf940bbf84c833e72ac6d2a965231504d305984545945016dceb3b370c8cedd183a41cb671d034efc5310723e271c9b8ed7d07b5fe2b1ffd30a5852add32ebc20a2b88faacc9c00eee76a3d9441891a66db6392000e42fda6847c6f83a75424b7078f5c71bb0b3b0385c7447af48e7f4ddf1fac760b4414cfa21754563a4d630178e88f9570a8d83c124f459341913fa549736b9c2731ba379fbfd5cf3a5acd9ef8b08ca27819cd9c29aff2a771c637305badf31713dd56cb8610465abe178b4bb930393b5a1605caf874438ae195e401a31773a84b87144e6f681a6ad5b6dc0e4db8a33b5d71023f460031830fb4b7393bc4a753181b770ad3ebf7c4067ac9176aad133a7f9a4fca84a83be3f50799f05580d14d07141b073b682c20bbce82348acb7b1641ad78715b49924c4a4fc5fbaaa2855d7f3ee4f0377df7a1095e9eb12e39303beb42d2351aa01b7fc274b54d7c1174398f2", 0x1000}, {&(0x7f00000012c0)="bab64c770ab8ead122e5022610b374f57d080c4c05aa131d7f7d475d0de9715540e47c659575e0be682a67917f8a59990c4aa385e43d46ce0d6c8c98f73c309e669cf166d30b16523ec8ea7520dbfabaefdd3c3da694505e7843fce298f66d5b1eccf8d91a9702f8fd17002a283587a73ca7fc2408b162f732a032756466c3ad9e7ecb91c1636787613318a5328070b069f77cd51e703d59e067b89ed66e82580911a92a240f61978744034f5c5aa4a7feb7e822b8986467740fc5d479af31177e5263d7845883cbfb482fdae1b992146a2848dad23420f0baae1e0ebe56458e2f866c39c40ab05e1bcd90920987542f0fbf3581d1606d4c5b2e9269b31a1cef47ce740f0d361be9e3809b0ccbdae890cc631c6f8d0e8cf069682b977726906030b515983ad72eb73a36ee1792fcaea25d63c7ee2e4d625ec51d2892b07dbbff1f3727d670a748725607185559062ba64240e109f87a79cd8b5ec8cfa5fa434280e818b280f204c953405fad96482fcacf667b41c00f74f4f2c578b46c7530a91c820aa0fa39c8f0802bf83c03e827e7a2f7b2e5a4bbb7febd1bf58bc1d6fa6badc6ea2282f85fc962aa8f393baf301d583489c58d98141b76b9b54125c81306ac6463ca9a6c53f76a08c56634d55fb85cb7017c36c572b54235cde84c26a0889510d6a3489219fb7bee64f51fe24ba69147b66785389d6ca990ff1149793493ee8b009d2d62d6181e8fd58c0dafc36773060dc489ad3b74f6f7510d4e7c4e9f138f6fd957b05738a71bcc466eff3c44fa547aba959991d9e08f0ee105e1ff2582d7735cd71a5f46f1c8dcdcc0d4ce6600d7334f21c47f0989999f0b132300e55d8eb7ebc2e24b9bb38e85d98219efc14a8c341e5d930f84469b9e6c97079d6fae4ccc10b6a1cddd1e5956f83fc60e3cf3c007efde4107d65d0cc4ef7833868e84935e85f1bb0ef6c7a8911667bb90e949ea0491b6d257d80d5f8d2730a80b4ee9500da45c9090123377e3de76ac6f4fada8886c7cfd6485989c7e2acdf882fe372748c2e09d4cd4e95bdb0069bcd6098012e5f41486ecf963338d3a63a13b54b73a72db77e7cf25b1acdf5b6cee21324bd7aeb83692c94b28e3634e3c3fc741bad6de921c0c7836bc26d232c6e090b8c75b6a410e78a112e7c62a8b9cb38d6bca668e3ec445f8aca7702117695a110fe5b85944bc4466bb7483318ff7dcc3163475e741863dad628925a66be5fcb4cd497afd45f94ed2b504de25fd00127a20765f256ff58b4b49bb35b3306945aafad2753afb5e19ff93fa47ec0675fbc52e731b96779726b35ddd75621df6a4dac9ce659c57006a889a548f773610abfe11d1619c8483bb9baa196c0c23705f72dbb56592ceb3d18482d7ab2c4f54a6568cd1b84982a545eee5b190d98112f5df24f6e90ded7e989c09f0dee79cd6632784cf6b3568ed74504fa4f36dc8ea93bf93884100ff738b0345df67ed05247ff4ce96aea24825898a3453ed4a98239bf723f9bb5314578fc2bb6c8a0f1e59666926c89effb2d427741d004bbb496de7591fb381cd147662b2a13da6826b919eed009be55586a7935d844a49103f3fba44361d413a70eec1b1a45ada32f4e7339bc75cb85355f551877ad0d02493fd3c577475f119bb0886652bd8c917b812696b2dd245d21115be5ff05cd724acda4361c505a76bb83b162f3df77d807541f789375786505f394b063b28da69fa50006c489e0680fa179240e246b7d9a42a0ece21278175486f81aea3dc2da36b1663e34a4dd8a727c4ad1b4bf2758052b5998464b8546ffea88c8e63b181f54e58664d706ed3fcec3a444d5dae311a9d70f5e2a8e496e55d90049e36bdc34564b194cfa2761f1a1f46890f22d1d1171790a6992e4b417e33b2a363ab16478a79db3070ea39ae931439c121d7508d851feba83c115a265d44fb4687644e1d02ee59b2d138d7499e8b1971de8568ae974c7f06fcfe0dfbd3577d66f86ecb2c0df9d578eb6323c7fa61cd97636e41fb5bc1478ba821da0330de0001330c9bfae18112237851e62b8a8e567c79d3748e661b899e5a953bece9f1f5e978b9639de86571f5c4d2b255cb4aae0c000a1a4ed7690dca20e3a8c375758562dcfb18f9e842e9d509a097627cd4626e15a9ebc8341967db915765e34f3e4d770af9c0549277f68f6252c955ab6f683126e2f329b805f956781ed20a5780a7d6ef66cabb548afde3d1970d7664992f148775e2e9129a0a0721a05ac0a2bf65346fc0b3aa532a0c70cb8f18582ffccb4fac548afee460dc02b43f556e1680898910c5cabd5570b3aa3cc5525a25d1d0fe8b67cb3c22266d4e8068e67a92c315a3a63272b246bbe7762af5b960102ae63f2165f8da4b67603f9fb4012279ce8942b464b9fc45c9a8a1aa5ba3a818a640b3a370b21d65721f002313363cb23221b301c41d84cea5d5cdd577d7755cd7b3a78dd2949691cf990dbc218a05aac19c3587d1db3ee2d5a5643f96d5c27f7efceb8eb4c530b2faac5503dbe669739292c15f71810f740f5cc8a096fed19c8b547db5027641cad36e7fc7b9d91ab4e5ba6e6d4fbd5c230906669e162452046f12e7b9361ea45f7f98cb04f81983bfd41bdeb863a3855529fded516e7902e7666d8080613534fc08c390d483e48857d88959b25ed57f4c3cc729732213515a51c5d6e6bef7e55bc6659553205b38b8b5d56e34492a11a0d3bb3df1f787019ad84d25c577038acad76281a575373794c2cd4aeb38ad82542697d029d8639437b290aa1905f23f1c3072e5b3048101ec13ecc817f18eb50bbf25f038fb5cd5c8cba300396a73b5d04dacd1cce272aaccd93eac1558ffa18f67488470e0e884677859ffa3c8cc37ff29604d86199905a07f7f30f729aea7b1c51d24a6ea0771f8ca0f0c95d4ffe72bfeadb75edc82e7c39274cd3718a05ea73cc93352790fa46562f2bb79879d95c630d4274a47da9ac88ad2eee3d12f06e64955a16c9c5a965721433087a32bd79ebc048e44b752c94135de777940b5c8abf29825e39dd990f7bf09b03ca6878e8546923f48462d6bd10228b43db17a4b6f59aa362d6197c0d1e7ca5ce416323dababdbdcde4bb829c0ff0dbde6792157b5d7472e11bece663460117a9e763691e330294c107e477914c13ca070e4c348afcfdbaeaa065fa7d2bd11782fe32eb0db790ea6581f75ee99dd6e4932ac1dba71b8c3d6c7864383d5b21960110d334a09efa6e73971026253f0ba0d635dc51100a8cb0aa929c1b2ace13323a0aa46141ad0c54037dd26baa3197e11d1b358ce8d01cb822e3551dfbf763902a0cbae322e40498554dc7fba660198798c54c67f6a6c9513bd1f095918c47660a3a901e100929e597d5305ce29eae3a2a208b3a0e6fb85a5244389ee5596b3937aef817f9c1a7260dfbcb88d75b22e76fff903ab988bad31566c9932dae4eae1eb5b55d9cb0825af2f47e45694ecc583bf879c8766a8982d4a574e9f8f2d808d1e1cae1e6078671bb1f546253fbebac4d874f683cdab5a9c6f23d0a1cbda97225f68c91e0e15652ecf053e175da82b46c159f4ce8497b6ff9edf2010c7e70334c13637e791d339694cfebed845a3fd0598bf908771a1c0d0c09c053a15e39bd412559de142738d7e0e2b2aaec598a94b142e6051d43fc1fe3b94b2ee864719b77b4468291b3ad39865a1e01db8fe234e5a9f6d3e9977c5b9653d61e733bf013b42598bc5a9caba1b2d5725aad898f46e8a5250b3a71db7454385c4fe9838f67876a2f0df9e94b2e381a72b4c80c964eaac1a4e29bb654dc4daee611df0686ea8fe9d8fc9db6cb3f878300761bdadd3cdb31a623c2220aa914b8add3c77d71d4d27eb5e3b436a36dde59d2190d56ea5f9ced3e45911f89e4bb98b853ee5486ef66a60027cca60eba2e39d8ea2a4f38ed5d3d9b43977b94c938f66c510fe2804105df496a0795f73944b5609e10fd4a4e9aee28decbed8014b271a64f238571d9b7cce5074b89aeed04f07161afb51840cb9d59e4cb11d2138846ed3fd6bd711d82e42df3bcbe2e6191db1824cccf5904c6398fedae2df109a1ea924b6d0d25e355c8eea762e3f5efe2a68a0b5d7eecc6499076b8c6e74d56444ee09d18b0cbb9519d0666a836c5eef23693f6817164ac72ccf707ee16a17e119d286ebc3bacb04b65b4c7d6905eba2a15aa9c71f88e2fbfcc41cf9357080701882891f26330e7676b5fc62cfc17928e5515906265a7abf56db8b4536c90f5b216e8b762688021fe95053807483597d087118fbf114bf6ef06d0b9b087791410f7cd069878ed5793128b27f429c687cda74bc5afdc3abc497f97bfc48128dbeec99f6990f9062c2055c01ed6426f4b3406e40a4b1f21bf61072521d1f12375df31fa8e1f49374e37483f4ac61174cf13ec38530a5971dd332231163d381e185f93ec14a33cf2a52829a8090ad1c485c98dc816959cdd7f6f4ec155b18ee0f1e9b30a3b59873c2dfba36e9adfffcf2e48f6f9dce6a3457d0c479223aaa446b9983d657c6af31cec50b94f98bb8b4027c82f9f03fe9e60826a42399e5f42ebe51df0241dc8620c42454878ac6c4ef8cadc73d2d62b71ba298c8c768a3808607bcadaa4ff23f1cd3f16247ba2ad9e9ac90034cba0c408a72ae3a37790fe6c148346c698e09645fbcbe0b8037e707bb700a7116dd8d165a5c88949364d5a0ed2eb406b8b134311a11d2b0f634bf677ff0725b0e29cb07b5893096e9b612e60271ad3ec6ac25ed1fe9865613ee1c7d0ab51afb81c24dd5836947bc29bd6c66aeaadc5703d38359aaa77ac7c8c38bc346162cdb031fd11ed8b8d8340f863e69af677077fdcfb9c1776953c54461cdf506be5e25b14a9f071c807cb558839acb21347752636d09a57b0d8613a4b5ed1c905e884b062223bb407d325e0a6edc6ac94e2025a6afc012471b65b48e9ac725522de9ba7fb719ca53855e2bc013f83a9953d09cd10eb86e72b1bb682f31eb10de752a26ed12670889e3ffc1d2c59b94f1cac66389387dc70c8e280a86b5e214d163e98e1530ad91465ab88228796d57882b898dfa3604c125d1d33d91f533971a15140560bed78eacda67ae3c3b6b8876db12e0e785505309d57380e96a2a9640807a1e57c29d39ac8dd9f462aef6940f4bc596cbeb4adbaafd9a706fa8ff09ce2a8551145ed047046f3f7443c50c9e500403c5d19c2e61809abd3436fdeb655d63a8deb7a180abdd6d79c6176180e02d64b17ece933e327b00f5ffa905e5b21812723ad79412a0c34f3fa92407886ffe1658c60d5056f2e69200ccdf9a1cf8b326e6fda610098dea3e0f52c9eab2b53571c8195d35508d8d323f94156d13f52c7de340399f78edc64376348b6adc307b78f9007db3c299d74fef94ba5e7e50966e4cbf53c92163cf32334ca46ba911d22243ebcff2b7cd566aaf400cee3d5ce436f3c6ba5ced2064bd9a9aa53476ba9ed7c2be5552fef4629d3cae696615553507de5f9bf4c5dac6b80fabfaf950ecde74ede3ad6026fdf56a995a2b49b6b20419bcdc745902a43732912dd54549ec3882313d024890eb59d71f35a9032c8c8ec36011ef9da4e4ebb031a7eb49e4edd70aa16e8add8e9f9463c48cb534df8a96475f33411b68c29cc2bc1ebc166b935cf469760d5bedbd483e17086cb0cace862af15be6de6f2eaabec710531d03cc5f239de4cc60d180f73d0353b397e0b97493977a63fd3c6d0d09e79818b039342aa4cf47ad4345f4fb4c561ae979876d8f04c30022", 0x1000}, {&(0x7f00000022c0)="1709", 0x2}, {&(0x7f0000002300)="96c8", 0x2}, {&(0x7f0000002340)="94f36f14db687f34e7c1e66b91fb3ebcddc2a3e8bc0a52b4966f540428d7b0b5d2c4d573ca60d11f26cacc91455430c9fdb0d1bc5a87d8615e0f7404fa0620fb6b689718bbd269efc29560dc0d224fc70202145af26d58aeedc1d399a13ede8da6b612781b27760a70222309dc63024c8891fcdad73cc6c0855c70158ba367a0a348973ff0adb95e311a1115df246e5128f93128163b2d6e58263aacc8eed65bdd2b1f8bf713bf36332cc7bc1f3abde2457ed5dea3f22c", 0xb7}, {&(0x7f0000002400)="cd784e1bd38af0c3f81540efc968f3fd0d3e83602f080255854c0baeee70041bb533780d1d2612650ea22fb76d0208919efd6251469ddea7dbc0e309433af57a2171e88583e7cbd0517993559517d68d941f8f7c6e85b43b0379", 0x5a}], 0x8)

04:46:54 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x48)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:54 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000500)={0x0, @reserved})
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  844.040504][T25042] FAULT_INJECTION: forcing a failure.
[  844.040504][T25042] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  844.112070][T25042] CPU: 1 PID: 25042 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  844.120894][T25042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  844.131043][T25042] Call Trace:
[  844.134368][T25042]  dump_stack+0x11d/0x187
[  844.138829][T25042]  should_fail.cold+0x5/0xf
[  844.143404][T25042]  __alloc_pages_nodemask+0xcf/0x310
[  844.148735][T25042]  alloc_pages_current+0xca/0x170
[  844.153790][T25042]  push_pipe+0x18b/0x340
[  844.158067][T25042]  ? __radix_tree_lookup+0x18d/0x1c0
[  844.163405][T25042]  iov_iter_get_pages+0x49d/0x8cc
[  844.168460][T25042]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  844.174369][T25042]  bio_iov_iter_get_pages+0x106/0x5a0
[  844.179931][T25042]  iomap_dio_bio_actor+0x5e8/0x970
[  844.185076][T25042]  iomap_dio_actor+0x83/0x390
[  844.189791][T25042]  iomap_apply+0x1e6/0x660
[  844.194756][T25042]  ? iomap_dio_bio_actor+0x970/0x970
[  844.200108][T25042]  iomap_dio_rw+0x67e/0x9a0
[  844.204664][T25042]  ? iomap_dio_bio_actor+0x970/0x970
[  844.210239][T25042]  ? ext4_file_read_iter+0x2b4/0x360
[  844.215548][T25042]  ext4_file_read_iter+0x2b4/0x360
[  844.220803][T25042]  generic_file_splice_read+0x2df/0x470
[  844.226461][T25042]  ? add_to_pipe+0x1b0/0x1b0
[  844.231185][T25042]  do_splice_to+0xc7/0x100
[  844.235642][T25042]  splice_direct_to_actor+0x1b9/0x540
[  844.241046][T25042]  ? generic_pipe_buf_nosteal+0x20/0x20
[  844.246739][T25042]  do_splice_direct+0x152/0x1d0
[  844.251803][T25042]  do_sendfile+0x396/0x810
[  844.256331][T25042]  __x64_sys_sendfile64+0x121/0x140
[  844.261916][T25042]  do_syscall_64+0xc7/0x390
[  844.267418][T25042]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  844.273472][T25042] RIP: 0033:0x45c479
[  844.277505][T25042] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  844.299228][T25042] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  844.307663][T25042] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  844.315779][T25042] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  844.324182][T25042] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  844.332149][T25042] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  844.340108][T25042] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000033
04:46:56 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xffffffffffffffff, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:56 executing program 1 (fault-call:16 fault-nth:52):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:56 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x62)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x4000, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000200)=0x9)
splice(r3, &(0x7f0000000140), r0, &(0x7f0000000180)=0x6, 0x1, 0xc)
close(r2)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r2, r4, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x0)
sendfile(r0, r1, 0x0, 0x20008)

04:46:56 executing program 0:
r0 = creat(&(0x7f00000003c0)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f0e000026bd7000fcdbdf25080003000000000008004500737270000800450073727000080003000308000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x4)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:56 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x7, &(0x7f0000000540)="0de8696071000000000018b1b7d6bf13796bf30b2ebeb1786320b4dc918c33ab5f94197eb1731df34104b2cb3f00b264053bae6e9aba450b413a2cbb2228c0e5b8081ae6cb1204def545e2542caedd39d514eb71daeb1a4c8fe0596535f7378642a273f1f442966019f19b488dd2fb0f12e3c2c824ab42f5ccea7e")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="6b59d8835b47480000000f14000026d17000fc00000800450073727000080045007372700000000000080003000200"/56], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$BLKFRASET(r6, 0x1264, &(0x7f0000000080)=0x4)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
close(0xffffffffffffffff)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(0xffffffffffffffff, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:56 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000040)=""/59)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

[  845.978597][   T27] kauditd_printk_skb: 95 callbacks suppressed
[  845.978623][   T27] audit: type=1804 audit(1583210816.244:8196): pid=25068 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/549/bus" dev="sda1" ino=17486 res=1
[  846.070570][   T27] audit: type=1804 audit(1583210816.284:8197): pid=25076 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/589/bus" dev="sda1" ino=17492 res=1
[  846.106281][   T27] audit: type=1800 audit(1583210816.284:8198): pid=25076 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17492 res=0
[  846.130394][   T27] audit: type=1800 audit(1583210816.294:8199): pid=25068 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17486 res=0
[  846.137581][T25082] FAULT_INJECTION: forcing a failure.
[  846.137581][T25082] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  846.171038][   T27] audit: type=1804 audit(1583210816.294:8200): pid=25068 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/549/bus" dev="sda1" ino=17486 res=1
[  846.195797][T25082] CPU: 1 PID: 25082 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  846.204554][T25082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  846.214775][T25082] Call Trace:
[  846.218080][T25082]  dump_stack+0x11d/0x187
[  846.222438][T25082]  should_fail.cold+0x5/0xf
[  846.226940][T25082]  __alloc_pages_nodemask+0xcf/0x310
[  846.232273][T25082]  alloc_pages_current+0xca/0x170
[  846.237352][T25082]  push_pipe+0x18b/0x340
[  846.241617][T25082]  ? __radix_tree_lookup+0x18d/0x1c0
[  846.246904][T25082]  iov_iter_get_pages+0x49d/0x8cc
[  846.252107][T25082]  bio_iov_iter_get_pages+0x106/0x5a0
[  846.257485][T25082]  iomap_dio_bio_actor+0x5e8/0x970
[  846.262681][T25082]  iomap_dio_actor+0x83/0x390
[  846.267425][T25082]  iomap_apply+0x1e6/0x660
[  846.271852][T25082]  ? iomap_dio_bio_actor+0x970/0x970
[  846.277155][T25082]  iomap_dio_rw+0x67e/0x9a0
[  846.281646][T25082]  ? iomap_dio_bio_actor+0x970/0x970
[  846.286938][T25082]  ? ext4_file_read_iter+0x2b4/0x360
[  846.293691][T25082]  ext4_file_read_iter+0x2b4/0x360
[  846.299109][T25082]  generic_file_splice_read+0x2df/0x470
[  846.304664][T25082]  ? add_to_pipe+0x1b0/0x1b0
[  846.309323][T25082]  do_splice_to+0xc7/0x100
[  846.313754][T25082]  splice_direct_to_actor+0x1b9/0x540
[  846.319285][T25082]  ? generic_pipe_buf_nosteal+0x20/0x20
[  846.324948][T25082]  do_splice_direct+0x152/0x1d0
[  846.330000][T25082]  do_sendfile+0x396/0x810
[  846.334472][T25082]  __x64_sys_sendfile64+0x121/0x140
[  846.339719][T25082]  do_syscall_64+0xc7/0x390
[  846.344278][T25082]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  846.350217][T25082] RIP: 0033:0x45c479
[  846.354163][T25082] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  846.374007][T25082] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  846.382440][T25082] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  846.390644][T25082] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  846.398745][T25082] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  846.406727][T25082] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  846.415015][T25082] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000034
[  846.425205][   T27] audit: type=1804 audit(1583210816.294:8201): pid=25076 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/589/bus" dev="sda1" ino=17492 res=1
[  846.459655][   T27] audit: type=1804 audit(1583210816.304:8202): pid=25078 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/616/bus" dev="sda1" ino=17495 res=1
[  846.485929][   T27] audit: type=1800 audit(1583210816.304:8203): pid=25078 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17495 res=0
[  846.509646][   T27] audit: type=1804 audit(1583210816.304:8204): pid=25077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/640/bus" dev="sda1" ino=17496 res=1
[  846.547209][   T27] audit: type=1800 audit(1583210816.304:8205): pid=25077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17496 res=0
04:46:57 executing program 1 (fault-call:16 fault-nth:53):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:57 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r2, 0x200004)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x5, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r3 = socket(0x10, 0x80002, 0x0)
ioctl(r3, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB="480000100f14000026bd7000fcdbdf250800030000000000080045007372700008f373c8d030a79daf2b0045007372700008000300d32458342b8ae9920f660300000008000300020000000805ffff0000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r6 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="0000dc39c7440700"]}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)

04:46:57 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f0000000080))
close(r2)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r4, 0x0, 0x80001d00c0d0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r5, 0x0, 0x488, &(0x7f0000000100)={{0x2b, @rand_addr=0x9, 0x4e22, 0x2, 'lblc\x00', 0x3, 0x7, 0x25}, {@local, 0x4e23, 0x10000, 0x3, 0x1, 0x7fffffff}}, 0x44)

04:46:57 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x64, &(0x7f0000000200), &(0x7f0000000240)=0x4)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r9 = socket$pppoe(0x18, 0x1, 0x0)
ftruncate(r9, 0x9)
sendfile(r4, r7, 0x0, 0x80001d00c0d0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000440)={<r12=>0x0})
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f0000000300)={r12, 0x17})
ioctl$DRM_IOCTL_DMA(r11, 0xc0406429, &(0x7f00000001c0)={r12, 0x3, &(0x7f0000000040)=[0x7, 0x9, 0x4], &(0x7f00000000c0)=[0xc0], 0x0, 0x1, 0x7fff, &(0x7f0000000140)=[0x8], &(0x7f0000000180)=[0x0, 0x7, 0xafa, 0x1, 0x9, 0x8001, 0x5, 0xde000, 0x20]})
ioctl$NS_GET_NSTYPE(r7, 0xb703, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

[  846.933349][T25093] FAULT_INJECTION: forcing a failure.
[  846.933349][T25093] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  846.983089][T25093] CPU: 1 PID: 25093 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  846.991952][T25093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  847.002540][T25093] Call Trace:
[  847.005909][T25093]  dump_stack+0x11d/0x187
[  847.010421][T25093]  should_fail.cold+0x5/0xf
[  847.014983][T25093]  __alloc_pages_nodemask+0xcf/0x310
[  847.020302][T25093]  alloc_pages_current+0xca/0x170
[  847.025717][T25093]  push_pipe+0x18b/0x340
[  847.030017][T25093]  ? __radix_tree_lookup+0x18d/0x1c0
[  847.036642][T25093]  iov_iter_get_pages+0x49d/0x8cc
[  847.041969][T25093]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  847.047886][T25093]  bio_iov_iter_get_pages+0x106/0x5a0
[  847.053319][T25093]  iomap_dio_bio_actor+0x5e8/0x970
[  847.058673][T25093]  iomap_dio_actor+0x83/0x390
[  847.063470][T25093]  iomap_apply+0x1e6/0x660
[  847.067909][T25093]  ? iomap_dio_bio_actor+0x970/0x970
[  847.073309][T25093]  iomap_dio_rw+0x67e/0x9a0
[  847.077836][T25093]  ? iomap_dio_bio_actor+0x970/0x970
[  847.083168][T25093]  ? ext4_file_read_iter+0x2b4/0x360
[  847.088706][T25093]  ext4_file_read_iter+0x2b4/0x360
[  847.093924][T25093]  generic_file_splice_read+0x2df/0x470
[  847.099521][T25093]  ? add_to_pipe+0x1b0/0x1b0
[  847.104138][T25093]  do_splice_to+0xc7/0x100
[  847.108594][T25093]  splice_direct_to_actor+0x1b9/0x540
[  847.114116][T25093]  ? generic_pipe_buf_nosteal+0x20/0x20
[  847.119819][T25093]  do_splice_direct+0x152/0x1d0
[  847.124713][T25093]  do_sendfile+0x396/0x810
04:46:57 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000440)={<r6=>0x0})
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f0000000300)={r6, 0x17})
ioctl$DRM_IOCTL_NEW_CTX(r5, 0x40086425, &(0x7f0000000140)={r6, 0x2})
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000180)={'gretap0\x00', {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x12}}})
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCADDDLCI(r8, 0x8980, &(0x7f00000000c0)={'gretap0\x00', 0x8})
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  847.129183][T25093]  __x64_sys_sendfile64+0x121/0x140
[  847.134646][T25093]  do_syscall_64+0xc7/0x390
[  847.139190][T25093]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  847.145116][T25093] RIP: 0033:0x45c479
[  847.149108][T25093] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  847.168714][T25093] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  847.177124][T25093] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  847.185156][T25093] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  847.193207][T25093] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  847.201212][T25093] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  847.209193][T25093] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000035
04:46:57 executing program 1 (fault-call:16 fault-nth:54):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  847.722185][T25120] FAULT_INJECTION: forcing a failure.
[  847.722185][T25120] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  847.737952][T25120] CPU: 1 PID: 25120 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  847.747607][T25120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  847.757667][T25120] Call Trace:
[  847.760978][T25120]  dump_stack+0x11d/0x187
[  847.765341][T25120]  should_fail.cold+0x5/0xf
[  847.769920][T25120]  __alloc_pages_nodemask+0xcf/0x310
[  847.776074][T25120]  alloc_pages_current+0xca/0x170
[  847.781270][T25120]  push_pipe+0x18b/0x340
[  847.785529][T25120]  ? __radix_tree_lookup+0x18d/0x1c0
[  847.790841][T25120]  iov_iter_get_pages+0x49d/0x8cc
[  847.795942][T25120]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  847.801883][T25120]  bio_iov_iter_get_pages+0x106/0x5a0
[  847.807420][T25120]  iomap_dio_bio_actor+0x5e8/0x970
[  847.812565][T25120]  iomap_dio_actor+0x83/0x390
[  847.817320][T25120]  iomap_apply+0x1e6/0x660
[  847.821812][T25120]  ? iomap_dio_bio_actor+0x970/0x970
[  847.827132][T25120]  iomap_dio_rw+0x67e/0x9a0
[  847.831645][T25120]  ? iomap_dio_bio_actor+0x970/0x970
[  847.836972][T25120]  ? ext4_file_read_iter+0x2b4/0x360
[  847.842288][T25120]  ext4_file_read_iter+0x2b4/0x360
[  847.847492][T25120]  generic_file_splice_read+0x2df/0x470
[  847.853058][T25120]  ? add_to_pipe+0x1b0/0x1b0
[  847.857691][T25120]  do_splice_to+0xc7/0x100
[  847.862147][T25120]  splice_direct_to_actor+0x1b9/0x540
[  847.867558][T25120]  ? generic_pipe_buf_nosteal+0x20/0x20
[  847.873131][T25120]  do_splice_direct+0x152/0x1d0
[  847.878041][T25120]  do_sendfile+0x396/0x810
[  847.883703][T25120]  __x64_sys_sendfile64+0x121/0x140
[  847.888930][T25120]  do_syscall_64+0xc7/0x390
[  847.893613][T25120]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  847.899511][T25120] RIP: 0033:0x45c479
[  847.903426][T25120] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  847.923060][T25120] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  847.931495][T25120] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  847.939600][T25120] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  847.947607][T25120] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  847.955803][T25120] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  847.963790][T25120] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000036
04:46:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
writev(r2, &(0x7f0000000380)=[{&(0x7f0000000040)="cebf61f22e0d59f764e62259540f0963bca9dc03b3b0e7b7688e1538c90f0ee7317e799bda6b4d1623ab24c958a8a28e8d205a1157c22ed787a7f515614cdba1edd7cbf4291f8d92c6fbe5f29648eef6a3d23acfc90a01e8ca7d3e6f874bfaad832a1ac300c4173c28bf0fea656ba1caa4c0278362722067c589f20555f2c7fee62fdd14e63825dda422299dc7403765489fb62562367b12355e79105f9c103aacd08dd831bd56459f489ba9676bda0954d3549d612b2ec69eed808ab072c501415f55fee6621523cf3f15251b2993c115de0b", 0xd3}, {&(0x7f0000000140)="f7f397d354989b04fbbeedc026ed7e5dd97f10e33e37acb3970b0283af95e5a058c32f548798fac37836210c3dc6c94778bb98a002a5468cb2f81a156ac8a52f8688184509bcc16bc074372da31a8245e38779d9c83af2b9eac6352c9cd0204fbc30beef249bacf0c3d6c00c4b939fc906596f784db5e3a96a8e69a12df29a9315b9d3d392760a632b924582c4161ba124c207016dee87bdb1e03538f8f196afa0590c316273ecd047ae442dc19aa06b6fc7c534abcfd33f73076d08e169b3d76ceefe8b196f", 0xc6}, {&(0x7f0000000240)="655272af40bb55b65996e297f61ac38ae398fde67e518473998f979249f24c8b3801adc1f7f772bfeb9c4fc6799f6ba819abc5ec991c6c33901a7060687446df7cae0b7b1b76b5dca2064ec90572607e22ca80d7ff797b96789abb452bf216a238d5723555dca46c8cf884de0dab6d3718048dc6ca4b40360576ad99c669fbb40c30e2c65c9bdf9219acfff48bc162e07e379e5a8032c753701a911062", 0x9d}, {&(0x7f0000000300)="f7431bd5cb79cb7c15ee4ec6d5fa7a7e496963df872e16bdb40308310c899f7d384dca945cfff48b7aa0f62de68514c7e83c228678c603598d501d3937fe96a5e25fafd3d35ce4c6c30531fabb1b8f5f", 0x50}], 0x4)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r4 = socket$inet6(0xa, 0xa, 0x20)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)

04:46:59 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:46:59 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f00000000c0))
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:59 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000540)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:59 executing program 1 (fault-call:16 fault-nth:55):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:59 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000000200)={0x6})
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$RTC_EPOCH_READ(r7, 0x8008700d, &(0x7f0000000240))
write$binfmt_elf64(r0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000000c0)=0x1, 0x943b98c95dfdf2cc)
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000080)={0x0, 0x2})
fstatfs(r0, &(0x7f00000006c0)=""/4096)
r8 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80000)
getsockopt$IP_SET_OP_GET_BYINDEX(r8, 0x1, 0x53, &(0x7f0000000180)={0x7, 0x7, 0x2}, &(0x7f00000001c0)=0x28)
recvmmsg(r1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/187, 0xbb}}], 0x1, 0x0, 0x0)

[  849.155663][T25139] FAULT_INJECTION: forcing a failure.
[  849.155663][T25139] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  849.171222][T25139] CPU: 0 PID: 25139 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  849.179929][T25139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  849.189995][T25139] Call Trace:
[  849.193307][T25139]  dump_stack+0x11d/0x187
[  849.197662][T25139]  should_fail.cold+0x5/0xf
[  849.202193][T25139]  __alloc_pages_nodemask+0xcf/0x310
[  849.207675][T25139]  alloc_pages_current+0xca/0x170
[  849.212728][T25139]  push_pipe+0x18b/0x340
[  849.216996][T25139]  ? __radix_tree_lookup+0x18d/0x1c0
[  849.222315][T25139]  iov_iter_get_pages+0x49d/0x8cc
[  849.227391][T25139]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  849.233382][T25139]  bio_iov_iter_get_pages+0x106/0x5a0
[  849.239148][T25139]  iomap_dio_bio_actor+0x5e8/0x970
[  849.245267][T25139]  iomap_dio_actor+0x83/0x390
[  849.249983][T25139]  iomap_apply+0x1e6/0x660
[  849.254624][T25139]  ? iomap_dio_bio_actor+0x970/0x970
[  849.260477][T25139]  iomap_dio_rw+0x67e/0x9a0
[  849.265066][T25139]  ? iomap_dio_bio_actor+0x970/0x970
[  849.270425][T25139]  ? ext4_file_read_iter+0x2b4/0x360
[  849.275878][T25139]  ext4_file_read_iter+0x2b4/0x360
[  849.281027][T25139]  generic_file_splice_read+0x2df/0x470
[  849.286847][T25139]  ? add_to_pipe+0x1b0/0x1b0
[  849.291461][T25139]  do_splice_to+0xc7/0x100
[  849.295938][T25139]  splice_direct_to_actor+0x1b9/0x540
[  849.301605][T25139]  ? generic_pipe_buf_nosteal+0x20/0x20
[  849.307185][T25139]  do_splice_direct+0x152/0x1d0
[  849.312112][T25139]  do_sendfile+0x396/0x810
[  849.316641][T25139]  __x64_sys_sendfile64+0x121/0x140
[  849.321905][T25139]  do_syscall_64+0xc7/0x390
[  849.326441][T25139]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  849.333591][T25139] RIP: 0033:0x45c479
[  849.337686][T25139] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  849.357304][T25139] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  849.366163][T25139] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  849.374330][T25139] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  849.382361][T25139] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  849.390355][T25139] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  849.398733][T25139] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000037
04:46:59 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
sendfile(r4, r6, &(0x7f00000000c0)=0x3, 0x7)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:46:59 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14008026bd7000fcdbdf2508000300000000000800450073727000083fb9f8dc7270000800030003000000080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x80000, 0x0)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00')
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_GATEWAYS(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x1c, r6, 0x711, 0x0, 0x0, {0x9}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}}, 0x0)
sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r6, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r10 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:00 executing program 1 (fault-call:16 fault-nth:56):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:00 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r5=>0xffffffffffffffff}}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000100)=0x1, r5, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000080)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x5, @mcast2, 0xffffff00}, {0xa, 0x4e24, 0x1, @loopback, 0x8}, r5, 0x1}}, 0x48)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d0)
setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000040)=0x1ff, 0x4)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r0, r6, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)

[  849.963625][T25168] FAULT_INJECTION: forcing a failure.
[  849.963625][T25168] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  849.980954][T25168] CPU: 0 PID: 25168 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  849.989673][T25168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  849.999807][T25168] Call Trace:
[  850.003126][T25168]  dump_stack+0x11d/0x187
[  850.007925][T25168]  should_fail.cold+0x5/0xf
[  850.012516][T25168]  __alloc_pages_nodemask+0xcf/0x310
[  850.017850][T25168]  alloc_pages_current+0xca/0x170
[  850.023366][T25168]  push_pipe+0x18b/0x340
[  850.027631][T25168]  ? __radix_tree_lookup+0x18d/0x1c0
[  850.032995][T25168]  iov_iter_get_pages+0x49d/0x8cc
[  850.038048][T25168]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  850.044052][T25168]  bio_iov_iter_get_pages+0x106/0x5a0
[  850.049467][T25168]  iomap_dio_bio_actor+0x5e8/0x970
[  850.054873][T25168]  iomap_dio_actor+0x83/0x390
[  850.059576][T25168]  iomap_apply+0x1e6/0x660
[  850.064048][T25168]  ? iomap_dio_bio_actor+0x970/0x970
[  850.070070][T25168]  iomap_dio_rw+0x67e/0x9a0
[  850.074598][T25168]  ? iomap_dio_bio_actor+0x970/0x970
[  850.080188][T25168]  ? ext4_file_read_iter+0x2b4/0x360
[  850.085493][T25168]  ext4_file_read_iter+0x2b4/0x360
[  850.090635][T25168]  generic_file_splice_read+0x2df/0x470
[  850.096195][T25168]  ? add_to_pipe+0x1b0/0x1b0
[  850.100874][T25168]  do_splice_to+0xc7/0x100
[  850.105399][T25168]  splice_direct_to_actor+0x1b9/0x540
[  850.110914][T25168]  ? generic_pipe_buf_nosteal+0x20/0x20
[  850.116510][T25168]  do_splice_direct+0x152/0x1d0
[  850.121562][T25168]  do_sendfile+0x396/0x810
[  850.126006][T25168]  __x64_sys_sendfile64+0x121/0x140
[  850.131282][T25168]  do_syscall_64+0xc7/0x390
[  850.135818][T25168]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  850.141981][T25168] RIP: 0033:0x45c479
[  850.146078][T25168] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  850.165796][T25168] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  850.174216][T25168] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  850.182318][T25168] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  850.190414][T25168] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  850.199212][T25168] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
04:47:00 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
open(&(0x7f00000001c0)='./bus\x00', 0x10002, 0x1)
lseek(r0, 0x0, 0x2)
close(0xffffffffffffffff)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r2 = socket(0x10, 0x80002, 0x0)
ioctl(r2, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="000000001000000000000000000000aee3b3dd77", @ANYRES32=0x0, @ANYBLOB="2135bf37f77d383ecafca0ac08e61bcac5a719a266dd86dd1b45e7db31a3c04675c00efd583a85bc5734026fa20c6c1d1b8f220533a06c2f7bf67e27e26836c4d57a8423907c690be577b0763a3e14efdf4fbb89e7a419037763b5e8759f9913833d63db7250127880f0fb7c7c4a30587a0508b980eea1e628e3484db2f57c294fdc3c22c2992092"]}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
recvmsg(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000000)=""/19, 0x13}], 0x2}, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200aa0802000000000000000000000105000600200000000a0000000000dfffff0400e50000070000001f000000000000250000000000000200010000000000000000020000627c05000500000000000a000000000000001700"/128], 0x80}}, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
sendmsg$NL80211_CMD_SET_MPATH(r7, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001400)={&(0x7f0000001380)={0x64, 0x0, 0x10, 0x70bd29, 0x25dfdbff, {}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @remote}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_MAC={0xa, 0x6, @dev={[], 0x2b}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x1}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x10001}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x7, 0xffffffffffffffff}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xffffffffffffffff}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x400000000000117, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r8 = msgget$private(0x0, 0x412)
msgctl$IPC_STAT(r8, 0x2, &(0x7f0000000500)=""/70)

[  850.207535][T25168] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000038
04:47:00 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r9 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0xc2200, 0x0)
ioctl$KDFONTOP_COPY(r9, 0x4b72, &(0x7f0000000900)={0x3, 0x1, 0xc, 0xb, 0x47, &(0x7f0000000500)})
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:00 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00')
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00')
sendmsg$NL80211_CMD_GET_MPATH(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x20, r14, 0x2468825185d9173d, 0x0, 0x0, {}, [@NL80211_ATTR_WDEV={0xc}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_GET_MPATH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x14, r14, 0x2468825185d9173d, 0x0, 0x2000}, 0x14}}, 0x8000)
sendmsg$NL80211_CMD_REQ_SET_REG(r9, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x18, r10, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24000002}, 0x40001c1)
sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
r16 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r16)
r17 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r17, 0x200004)
sendfile(r16, r17, 0x0, 0x80001d00c0d0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r15, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYRESHEX=r17], 0x5}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="2000000014000104000000000000000002000000", @ANYRES32=r15, @ANYBLOB="0802003fe9ca5b84c710867c0000000000"], 0x20}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r15}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb01001800000000000000650000006500000004000000090000000300000f01000000040000000600000009000000040000000300000036f602000000010000009d0000003f0000002f08000000020000060004000000000000000000000300000000050000000200000000000000000000002e0600"/134], &(0x7f00000003c0)=""/120, 0x84, 0x78}, 0x20)
bind$xdp(r1, &(0x7f00000000c0)={0x2c, 0x0, r15, 0x3}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r18 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r18, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  850.631613][T25182] Unknown ioctl 19314
[  850.808833][T25190] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  850.992517][   T27] kauditd_printk_skb: 98 callbacks suppressed
[  850.992538][   T27] audit: type=1804 audit(1583210821.264:8304): pid=25179 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/644/bus" dev="sda1" ino=16851 res=1
[  851.024851][   T27] audit: type=1804 audit(1583210821.264:8305): pid=25186 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/644/bus" dev="sda1" ino=16851 res=1
[  851.049419][   T27] audit: type=1804 audit(1583210821.264:8306): pid=25184 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/644/bus" dev="sda1" ino=16851 res=1
[  851.074154][   T27] audit: type=1804 audit(1583210821.304:8307): pid=25179 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/644/bus" dev="sda1" ino=16851 res=1
04:47:02 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:02 executing program 1 (fault-call:16 fault-nth:57):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:02 executing program 2:
r0 = socket$inet6(0xa, 0xa, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x20080, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x0)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000100)={0xa2, 0x3, 0xfdff, 0x4000, 0x3e, {0x0, 0x2710}, {0x4, 0xc, 0x20, 0xcf, 0x8, 0xfa, "50fd2ed0"}, 0x0, 0x2, @offset=0xf8f6, 0x3f, 0x0, r2})
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x145042, 0xc0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x4)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)

04:47:02 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r10, 0xc0984124, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:02 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000080)=0xd8f)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7800fcdbdf250800030000000000080045007372700008004500737270000800030003000000080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000540)=0xffffffffffffff2c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="0100000000000000"]}}, 0x0)
r6 = socket(0x1d, 0x2, 0x8)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x63, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x8061}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:02 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x5, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  852.124528][   T27] audit: type=1804 audit(1583210822.394:8308): pid=25203 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/554/bus" dev="sda1" ino=17361 res=1
[  852.196027][T25212] FAULT_INJECTION: forcing a failure.
[  852.196027][T25212] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  852.233488][   T27] audit: type=1800 audit(1583210822.394:8309): pid=25203 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17361 res=0
[  852.235080][T25212] CPU: 0 PID: 25212 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  852.262717][T25212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  852.266645][   T27] audit: type=1804 audit(1583210822.394:8310): pid=25203 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/554/bus" dev="sda1" ino=17361 res=1
[  852.272775][T25212] Call Trace:
[  852.272805][T25212]  dump_stack+0x11d/0x187
[  852.272828][T25212]  should_fail.cold+0x5/0xf
[  852.272906][T25212]  __alloc_pages_nodemask+0xcf/0x310
[  852.272937][T25212]  alloc_pages_current+0xca/0x170
[  852.272966][T25212]  push_pipe+0x18b/0x340
[  852.324056][T25212]  ? __radix_tree_lookup+0x18d/0x1c0
[  852.329530][T25212]  iov_iter_get_pages+0x49d/0x8cc
[  852.334731][T25212]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  852.341791][   T27] audit: type=1804 audit(1583210822.414:8311): pid=25201 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/620/bus" dev="sda1" ino=17313 res=1
[  852.342020][T25212]  bio_iov_iter_get_pages+0x106/0x5a0
[  852.372664][T25212]  iomap_dio_bio_actor+0x5e8/0x970
[  852.373652][   T27] audit: type=1800 audit(1583210822.414:8312): pid=25201 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17313 res=0
[  852.378126][T25212]  iomap_dio_actor+0x83/0x390
[  852.378173][T25212]  iomap_apply+0x1e6/0x660
[  852.378191][T25212]  ? iomap_dio_bio_actor+0x970/0x970
[  852.378225][T25212]  iomap_dio_rw+0x67e/0x9a0
[  852.378241][T25212]  ? iomap_dio_bio_actor+0x970/0x970
[  852.378290][T25212]  ? ext4_file_read_iter+0x2b4/0x360
[  852.414155][   T27] audit: type=1804 audit(1583210822.424:8313): pid=25201 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/620/bus" dev="sda1" ino=17313 res=1
[  852.417900][T25212]  ext4_file_read_iter+0x2b4/0x360
[  852.417929][T25212]  generic_file_splice_read+0x2df/0x470
[  852.418035][T25212]  ? add_to_pipe+0x1b0/0x1b0
[  852.418097][T25212]  do_splice_to+0xc7/0x100
[  852.472826][T25212]  splice_direct_to_actor+0x1b9/0x540
[  852.478232][T25212]  ? generic_pipe_buf_nosteal+0x20/0x20
[  852.483858][T25212]  do_splice_direct+0x152/0x1d0
[  852.488982][T25212]  do_sendfile+0x396/0x810
[  852.493434][T25212]  __x64_sys_sendfile64+0x121/0x140
[  852.498669][T25212]  do_syscall_64+0xc7/0x390
[  852.503198][T25212]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  852.509106][T25212] RIP: 0033:0x45c479
[  852.513240][T25212] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  852.533233][T25212] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  852.541659][T25212] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  852.549903][T25212] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  852.557889][T25212] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  852.565956][T25212] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  852.573940][T25212] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000039
04:47:03 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x34, 0x7, 0x6, 0x504, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x5}, 0x4c047)
r6 = getpid()
sched_setscheduler(r6, 0x5, 0x0)
get_robust_list(r6, &(0x7f0000000300)=&(0x7f00000002c0)={&(0x7f0000000280)={&(0x7f0000000240)}}, &(0x7f0000000340)=0x18)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhci\x00', 0x6000)
getsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000180), &(0x7f0000000200)=0x4)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$VT_GETSTATE(r5, 0x5603, &(0x7f00000000c0)={0x9, 0x1000, 0x6})
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x0)
ioctl(r7, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r8, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:03 executing program 1 (fault-call:16 fault-nth:58):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:03 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x20100, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000240)={0x2, 0x0, 'client0\x00', 0xffffffff80000000, "1efbccfb97d2ad95", "437c0dbd03921cd30735f86c286cf4ee293ced40bc88354f2071b2a75a03d017", 0x7fe})
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, {0x1d748, 0x0, 0x3003, 0x3, 0xc, 0x92f785780cce380e, 0x1, 0x3}})
open(&(0x7f00000000c0)='./bus\x00', 0x20203, 0x8)
sendfile(r0, r1, 0x0, 0x20008)

04:47:03 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000500)='TIPCv2\x00')
sendmsg$TIPC_NL_PUBL_GET(r5, &(0x7f0000000680)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1c92bf80051b4367cae2eda32c3049003fb8d71d12125c69feea", @ANYRES16=r6, @ANYBLOB="06082dbd7000fbdbdf2507000000100006800800010004000000040002001c00098008000100040000000800010008000000080001008000000058000180100001006574683a67656e65766530000d00010069623a6361696630000000002c0004001400010002004e24ffffffff00000000000000001400020002004e22ac1e0001000000000000000008000300ff0000001c0006800800010001000080080001000000000008000100020000001400028008000100010000000800020008000000"], 0xc8}, 0x1, 0x0, 0x0, 0x8880}, 0x4000000)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r7 = socket(0x10, 0x80002, 0x0)
ioctl(r7, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r9 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r11, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r9, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  853.220344][T25236] FAULT_INJECTION: forcing a failure.
[  853.220344][T25236] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  853.248998][T25236] CPU: 0 PID: 25236 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  853.257858][T25236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  853.268096][T25236] Call Trace:
[  853.271911][T25236]  dump_stack+0x11d/0x187
[  853.276793][T25236]  should_fail.cold+0x5/0xf
[  853.281440][T25236]  __alloc_pages_nodemask+0xcf/0x310
[  853.286767][T25236]  alloc_pages_current+0xca/0x170
[  853.292079][T25236]  push_pipe+0x18b/0x340
[  853.296719][T25236]  ? __radix_tree_lookup+0x18d/0x1c0
[  853.302239][T25236]  iov_iter_get_pages+0x49d/0x8cc
[  853.308102][T25236]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  853.314279][T25236]  bio_iov_iter_get_pages+0x106/0x5a0
[  853.319690][T25236]  iomap_dio_bio_actor+0x5e8/0x970
[  853.325599][T25236]  iomap_dio_actor+0x83/0x390
[  853.330841][T25236]  iomap_apply+0x1e6/0x660
[  853.335320][T25236]  ? iomap_dio_bio_actor+0x970/0x970
[  853.340934][T25236]  iomap_dio_rw+0x67e/0x9a0
[  853.345586][T25236]  ? iomap_dio_bio_actor+0x970/0x970
[  853.351025][T25236]  ? ext4_file_read_iter+0x2b4/0x360
[  853.356367][T25236]  ext4_file_read_iter+0x2b4/0x360
[  853.361798][T25236]  generic_file_splice_read+0x2df/0x470
[  853.367652][T25236]  ? add_to_pipe+0x1b0/0x1b0
[  853.372743][T25236]  do_splice_to+0xc7/0x100
[  853.377413][T25236]  splice_direct_to_actor+0x1b9/0x540
[  853.382928][T25236]  ? generic_pipe_buf_nosteal+0x20/0x20
[  853.388605][T25236]  do_splice_direct+0x152/0x1d0
[  853.393553][T25236]  do_sendfile+0x396/0x810
[  853.398033][T25236]  __x64_sys_sendfile64+0x121/0x140
[  853.403403][T25236]  do_syscall_64+0xc7/0x390
[  853.408107][T25236]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  853.414143][T25236] RIP: 0033:0x45c479
[  853.418089][T25236] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  853.438066][T25236] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  853.446569][T25236] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  853.454595][T25236] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  853.462653][T25236] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  853.470738][T25236] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  853.478731][T25236] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000003a
04:47:04 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
syslog(0x4, &(0x7f0000000180)=""/32, 0x20)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x10800, 0x2a)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:04 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$LOOP_CLR_FD(r7, 0x4c01)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ftruncate(r4, 0xedee)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_S_AUDOUT(0xffffffffffffffff, 0x40345632, &(0x7f00000000c0)={0x6, "e557ff69786d5f060dc4455d665b5bbf5100a9206c7c788959135e279ad4748f", 0x3})
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r8 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r8, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:05 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:05 executing program 3 (fault-call:9 fault-nth:0):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:05 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="a34da9807404ee68"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:05 executing program 1 (fault-call:16 fault-nth:59):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:05 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(0xffffffffffffffff, 0x40045731, &(0x7f0000000180)=0x40)
socket$pptp(0x18, 0x1, 0x2)
ioctl$SG_GET_PACK_ID(r3, 0x227c, &(0x7f0000000300))
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r3, 0xc0c85666, &(0x7f0000000200)={{0x2, @name="c4a06adf14cd232b3872355a9da3f149ca2cf363dd0f00ab536505b2422cf14a"}, "8835a505ddd1dfb177eb1798168162be19de6ac3984f6b1e1732470368c49943", 0x3})
sendfile(r0, r1, 0x0, 0x20008)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvram\x00', 0x10001, 0x0)
ioctl$PPPIOCGIDLE(r5, 0x8010743f, &(0x7f0000000140))

[  855.315750][T25269] FAULT_INJECTION: forcing a failure.
[  855.315750][T25269] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  855.356275][T25269] CPU: 1 PID: 25269 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  855.365370][T25269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  855.375738][T25269] Call Trace:
[  855.379177][T25269]  dump_stack+0x11d/0x187
[  855.383644][T25269]  should_fail.cold+0x5/0xf
[  855.388192][T25269]  __alloc_pages_nodemask+0xcf/0x310
[  855.393515][T25269]  alloc_pages_current+0xca/0x170
[  855.398600][T25269]  push_pipe+0x18b/0x340
[  855.402856][T25269]  ? __radix_tree_lookup+0x18d/0x1c0
[  855.408251][T25269]  iov_iter_get_pages+0x49d/0x8cc
[  855.410226][T25271] FAULT_INJECTION: forcing a failure.
[  855.410226][T25271] name failslab, interval 1, probability 0, space 0, times 0
[  855.413299][T25269]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  855.413324][T25269]  bio_iov_iter_get_pages+0x106/0x5a0
[  855.413400][T25269]  iomap_dio_bio_actor+0x5e8/0x970
[  855.443300][T25269]  iomap_dio_actor+0x83/0x390
[  855.448084][T25269]  iomap_apply+0x1e6/0x660
[  855.452702][T25269]  ? iomap_dio_bio_actor+0x970/0x970
[  855.458021][T25269]  iomap_dio_rw+0x67e/0x9a0
[  855.462564][T25269]  ? iomap_dio_bio_actor+0x970/0x970
[  855.467898][T25269]  ? ext4_file_read_iter+0x2b4/0x360
[  855.473209][T25269]  ext4_file_read_iter+0x2b4/0x360
[  855.478453][T25269]  generic_file_splice_read+0x2df/0x470
[  855.484078][T25269]  ? add_to_pipe+0x1b0/0x1b0
[  855.488686][T25269]  do_splice_to+0xc7/0x100
[  855.493209][T25269]  splice_direct_to_actor+0x1b9/0x540
[  855.498731][T25269]  ? generic_pipe_buf_nosteal+0x20/0x20
[  855.504467][T25269]  do_splice_direct+0x152/0x1d0
[  855.509343][T25269]  do_sendfile+0x396/0x810
[  855.513848][T25269]  __x64_sys_sendfile64+0x121/0x140
[  855.519148][T25269]  do_syscall_64+0xc7/0x390
[  855.523716][T25269]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  855.529621][T25269] RIP: 0033:0x45c479
[  855.533548][T25269] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  855.553339][T25269] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  855.561792][T25269] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  855.569780][T25269] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  855.578038][T25269] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  855.587008][T25269] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  855.595217][T25269] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000003b
[  855.603656][T25271] CPU: 0 PID: 25271 Comm: syz-executor.3 Not tainted 5.6.0-rc1-syzkaller #0
[  855.612645][T25271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  855.624149][T25271] Call Trace:
[  855.627506][T25271]  dump_stack+0x11d/0x187
[  855.631946][T25271]  ? __tsan_read8+0xa/0x100
[  855.636514][T25271]  should_fail.cold+0x5/0xf
[  855.641758][T25271]  __should_failslab+0x82/0xb0
[  855.646741][T25271]  should_failslab+0x5/0xf
[  855.651185][T25271]  kmem_cache_alloc_trace+0x26/0x5f0
[  855.656684][T25271]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  855.662629][T25271]  alloc_pipe_info+0xf3/0x3d0
[  855.667328][T25271]  splice_direct_to_actor+0x4b8/0x540
[  855.673441][T25271]  ? apparmor_file_permission+0x35/0x40
[  855.679395][T25271]  ? security_file_permission+0x86/0x270
[  855.685113][T25271]  ? irq_work_interrupt+0xa/0x20
[  855.690785][T25271]  ? generic_pipe_buf_nosteal+0x20/0x20
[  855.697904][T25271]  do_splice_direct+0x152/0x1d0
[  855.703533][T25271]  do_sendfile+0x396/0x810
[  855.708693][T25271]  __x64_sys_sendfile64+0x121/0x140
[  855.717003][T25271]  do_syscall_64+0xc7/0x390
[  855.722145][T25271]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  855.728226][T25271] RIP: 0033:0x45c479
[  855.733117][T25271] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  855.754088][T25271] RSP: 002b:00007fd333e06c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  855.762800][T25271] RAX: ffffffffffffffda RBX: 00007fd333e076d4 RCX: 000000000045c479
[  855.771237][T25271] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  855.782122][T25271] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  855.790371][T25271] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  855.798489][T25271] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000000
04:47:06 executing program 1 (fault-call:16 fault-nth:60):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:06 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$netlink(0x10, 0x3, 0x0)
r13 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r13, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r14, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r14}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r14}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r9, 0x114, 0x7, &(0x7f00000005c0)={@xdp={0x2c, 0x6, r14, 0x40}, {&(0x7f0000000500)=""/180, 0xb4}, &(0x7f0000000080)}, 0xa0)
close(r7)
r15 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r15, 0x200004)
sendfile(r7, r15, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r15, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0)='NLBL_CIPSOv4\x00')
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)={0xa0, r4, 0x8, 0x70bd26, 0x0, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x35cc57ed}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2f759ce3}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x62}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5c4ace23}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xd2a25ef}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x70}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xda}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x84}, 0x0)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r3, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x188, r4, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x150, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd249}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x990e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa3bd}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xef52}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc2c4}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xb6fb785}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9fb0}]}, {0x54, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1f319219}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5063}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2fa8f842}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4852}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x49f8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x187ea826}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcbde}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x49ff1aa1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xda8c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4519}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6bd9f864}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8994}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf742}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x679469f6}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x31abb9f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb4c2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc794}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6e34}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x440ecb2a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x54a1}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xfbc1385}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x93a5}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x966}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x46551870}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x48d6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc15e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x85bc}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc645}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x27d8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf3cf}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb0d2}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5}, {0x5, 0x3, 0x7}]}]}, 0x188}, 0x1, 0x0, 0x0, 0x10}, 0x4881)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x74)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)

[  856.064943][   T27] kauditd_printk_skb: 80 callbacks suppressed
[  856.064964][   T27] audit: type=1804 audit(1583210826.334:8394): pid=25278 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/598/bus" dev="sda1" ino=17502 res=1
04:47:06 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  856.166408][   T27] audit: type=1800 audit(1583210826.364:8395): pid=25278 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17502 res=0
04:47:06 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  856.236028][   T27] audit: type=1804 audit(1583210826.374:8396): pid=25278 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/598/bus" dev="sda1" ino=17502 res=1
[  856.294832][   T27] audit: type=1804 audit(1583210826.384:8397): pid=25278 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/598/bus" dev="sda1" ino=17502 res=1
[  856.319751][T25290] FAULT_INJECTION: forcing a failure.
[  856.319751][T25290] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  856.334504][T25290] CPU: 0 PID: 25290 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  856.343205][T25290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  856.353444][T25290] Call Trace:
[  856.356788][T25290]  dump_stack+0x11d/0x187
[  856.361148][T25290]  should_fail.cold+0x5/0xf
[  856.366433][T25290]  __alloc_pages_nodemask+0xcf/0x310
[  856.371753][T25290]  alloc_pages_current+0xca/0x170
[  856.376810][T25290]  push_pipe+0x18b/0x340
[  856.381368][T25290]  ? __radix_tree_lookup+0x18d/0x1c0
[  856.386857][T25290]  iov_iter_get_pages+0x49d/0x8cc
[  856.391998][T25290]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  856.398006][T25290]  bio_iov_iter_get_pages+0x106/0x5a0
[  856.403477][T25290]  iomap_dio_bio_actor+0x5e8/0x970
[  856.408981][T25290]  iomap_dio_actor+0x83/0x390
[  856.413861][T25290]  iomap_apply+0x1e6/0x660
[  856.418584][T25290]  ? iomap_dio_bio_actor+0x970/0x970
[  856.424131][T25290]  iomap_dio_rw+0x67e/0x9a0
[  856.428762][T25290]  ? iomap_dio_bio_actor+0x970/0x970
[  856.434231][T25290]  ? ext4_file_read_iter+0x2b4/0x360
[  856.439993][T25290]  ext4_file_read_iter+0x2b4/0x360
[  856.446100][T25290]  generic_file_splice_read+0x2df/0x470
[  856.452721][T25290]  ? add_to_pipe+0x1b0/0x1b0
[  856.457342][T25290]  do_splice_to+0xc7/0x100
[  856.461792][T25290]  splice_direct_to_actor+0x1b9/0x540
[  856.467220][T25290]  ? generic_pipe_buf_nosteal+0x20/0x20
[  856.473313][T25290]  do_splice_direct+0x152/0x1d0
[  856.478350][T25290]  do_sendfile+0x396/0x810
[  856.482805][T25290]  __x64_sys_sendfile64+0x121/0x140
[  856.488117][T25290]  do_syscall_64+0xc7/0x390
[  856.492644][T25290]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  856.498612][T25290] RIP: 0033:0x45c479
[  856.502536][T25290] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  856.522161][T25290] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  856.530736][T25290] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  856.538826][T25290] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  856.546508][   T27] audit: type=1804 audit(1583210826.394:8398): pid=25278 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/598/bus" dev="sda1" ino=17502 res=1
[  856.546803][T25290] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  856.546813][T25290] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  856.546822][T25290] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000003c
[  856.598527][   T27] audit: type=1804 audit(1583210826.474:8399): pid=25284 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/557/bus" dev="sda1" ino=17490 res=1
[  856.637451][   T27] audit: type=1800 audit(1583210826.474:8400): pid=25284 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17490 res=0
[  856.674654][   T27] audit: type=1804 audit(1583210826.494:8401): pid=25283 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/598/bus" dev="sda1" ino=17502 res=1
[  856.709879][   T27] audit: type=1804 audit(1583210826.504:8402): pid=25284 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/557/bus" dev="sda1" ino=17490 res=1
[  856.737678][   T27] audit: type=1804 audit(1583210826.554:8403): pid=25289 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/649/bus" dev="sda1" ino=17501 res=1
04:47:07 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x401, 0x400000008d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
pipe2$9p(&(0x7f0000000d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c6673636163687ac6673dbafa652c616363657398466f1b9b10f09d74656e642c089387d6324d6bd4ea6c1cdf5a21c8a5b175137e1876a01303a375a64ca0c51686964195bfcbf128be0dd20800000001b8b04037a1317da78960f8cbbcbd7ed6fd1123412aedee3f6bda2a6f02c19e73ced1bb6f3afb9872ec"])
syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000019c0)='/dev/sequencer\x00', 0x1, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$BLKGETSIZE64(r3, 0x80081272, &(0x7f0000000040))
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00')
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000640)={0x24c, r4, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x7}, @NL80211_ATTR_PROBE_RESP={0x22e, 0x91, "ab444e4f1b106b3d4988d22552a8ef0f07687a0c668389bc6c66d4fa9d2b88baa35095eb48d0985d9989c6ca1667ee447a58d03b0b70e15b4543fc7b5ca4d7c0b6bfad25458ad8efd7e0ba475518c939ea486580c82997d4afc7bd507eeab8984fdd44da7f528c69cb6cb334c4d5f8dbebf9bd26e793bbdbb214213cc2d70399ed26324b278736b16bfb5c709a93cf44292edbb0c7df12f46f62cd40719d1e8af927005b818659e8f6ab9d4bf9bbe6d1255ba79eda8b05ac61826ed601a3842dc46796be703050227fcc6fd10889adb5b828e7b30234aa4dbc3f1052c2c5638af361f78ea304944314891d3543e33ccf168fc19dd94e203c0075e0a8611bd202074ba3c8c9c71b19cafce61cb7cd5df94a3d7421fe42a5b41744aaa29e385bc75381a5ee49d0d0ee6616e1c30a4d3ca6fffe9f98b88c04cd8bc4bcdd4fcae02556b4bb94544d58993a8ba7ea5338bcf96baa350f4d29671133de50ea98c72be4f0c784e99223eebbf4ab13498ac474260a7cae426b46db1d85d5afaf9751c73dee90e6b8dcb28cc5edf8b16be1ef8a78f40b371cb07120ea027628bd33d839f9c46d2616d4067aa74471208915386b91f520181f5fca9f636ddb2ddc84ec19590fea61d77ae2ff1b7864a7331fdc289b4412c9aeb45b5a5ea563d91cd8c751ba78877bad4bb3f4a927dbb23a0c868ad664c3f8b22e4235e9bccb00530e9b5ce1224fe945af97fbd514155074446fdc29b3d93e7b7f1d2ee42aad3bc1cddf43ae4a52a44279fc4a093a40"}]}, 0x24c}}, 0x4048805)
socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(0xffffffffffffffff, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r0, r5, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x143042, 0x0)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)

04:47:07 executing program 1 (fault-call:16 fault-nth:61):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  857.246990][T25313] FAULT_INJECTION: forcing a failure.
[  857.246990][T25313] name failslab, interval 1, probability 0, space 0, times 0
[  857.259742][T25313] CPU: 1 PID: 25313 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  857.268420][T25313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  857.278507][T25313] Call Trace:
[  857.281816][T25313]  dump_stack+0x11d/0x187
[  857.286161][T25313]  should_fail.cold+0x5/0xf
[  857.290676][T25313]  ? mempool_free+0x190/0x190
[  857.295404][T25313]  __should_failslab+0x82/0xb0
[  857.300310][T25313]  should_failslab+0x5/0xf
[  857.304738][T25313]  kmem_cache_alloc+0x23/0x5e0
[  857.309514][T25313]  ? virtqueue_add+0xab3/0x1ab0
[  857.314564][T25313]  ? mempool_free+0x190/0x190
[  857.319251][T25313]  mempool_alloc_slab+0x21/0x30
[  857.324183][T25313]  mempool_alloc+0x8d/0x280
[  857.328678][T25313]  ? _find_next_bit.constprop.0+0x126/0x160
[  857.334658][T25313]  sg_pool_alloc+0xa6/0xc0
[  857.339058][T25313]  __sg_alloc_table+0x1da/0x260
[  857.343901][T25313]  sg_alloc_table_chained+0xa5/0x160
[  857.349169][T25313]  ? mac_pton+0x1a0/0x1a0
[  857.353593][T25313]  scsi_init_io+0xba/0x380
[  857.357999][T25313]  sd_init_command+0x145/0x1db0
[  857.362955][T25313]  ? blk_mq_start_request+0x167/0x360
[  857.368328][T25313]  scsi_queue_rq+0xc3a/0x1770
[  857.373036][T25313]  blk_mq_dispatch_rq_list+0x9ca/0xe70
[  857.378530][T25313]  ? deadline_remove_request+0xa1/0x250
[  857.384187][T25313]  ? blk_req_needs_zone_write_lock+0x9a/0x140
[  857.390243][T25313]  ? _raw_spin_unlock+0x38/0x60
[  857.395188][T25313]  ? dd_dispatch_request+0x14b/0x4f0
[  857.400531][T25313]  blk_mq_do_dispatch_sched+0x12b/0x270
[  857.406071][T25313]  blk_mq_sched_dispatch_requests+0x2b6/0x380
[  857.412130][T25313]  ? rb_insert_color+0x108/0x340
[  857.417162][T25313]  __blk_mq_run_hw_queue+0xb1/0x150
[  857.422347][T25313]  __blk_mq_delay_run_hw_queue+0x315/0x390
[  857.428322][T25313]  blk_mq_run_hw_queue+0xfa/0x1b0
[  857.433415][T25313]  ? dd_merged_requests+0x260/0x260
[  857.438676][T25313]  blk_mq_sched_insert_requests+0x19c/0x270
[  857.444584][T25313]  blk_mq_flush_plug_list+0x2f0/0x4c0
[  857.449995][T25313]  blk_flush_plug_list+0x281/0x2b0
[  857.455202][T25313]  blk_finish_plug+0x59/0x7a
[  857.459792][T25313]  iomap_dio_rw+0x909/0x9a0
[  857.464320][T25313]  ? ext4_file_read_iter+0x2b4/0x360
[  857.469609][T25313]  ext4_file_read_iter+0x2b4/0x360
[  857.474728][T25313]  generic_file_splice_read+0x2df/0x470
[  857.480280][T25313]  ? add_to_pipe+0x1b0/0x1b0
[  857.484881][T25313]  do_splice_to+0xc7/0x100
[  857.489302][T25313]  splice_direct_to_actor+0x1b9/0x540
[  857.494739][T25313]  ? generic_pipe_buf_nosteal+0x20/0x20
[  857.500446][T25313]  do_splice_direct+0x152/0x1d0
[  857.505432][T25313]  do_sendfile+0x396/0x810
[  857.510169][T25313]  __x64_sys_sendfile64+0x121/0x140
[  857.515538][T25313]  do_syscall_64+0xc7/0x390
[  857.520438][T25313]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  857.527024][T25313] RIP: 0033:0x45c479
[  857.530931][T25313] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  857.550723][T25313] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  857.559178][T25313] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  857.567313][T25313] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  857.575289][T25313] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  857.583345][T25313] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  857.591389][T25313] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000003d
04:47:08 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:08 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20002)

04:47:08 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, 0x0)
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:08 executing program 2:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
execve(&(0x7f00000000c0)='./bus\x00', &(0x7f00000001c0)=[&(0x7f0000000100)='/security.eth0\x00', &(0x7f0000000140)='vmnet0^.wlan1\x00', &(0x7f0000000180)='\x00'], &(0x7f00000002c0)=[&(0x7f0000000200)='-vmnet1\x17\x86]trusted!nodev@-}\x00', &(0x7f0000000240)='[vmnet1\x00', &(0x7f0000000280)='vmnet1selinux*vmnet1\x92\x00'])
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r4, 0x29, 0x41, &(0x7f0000000040)={'raw\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:47:08 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r7 = fcntl$dupfd(r4, 0x0, r6)
r8 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r9=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r9, @ANYBLOB="00000004"], 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000500)=ANY=[@ANYRES32=<r10=>r9, @ANYBLOB="9b002b0015b813326813df5fdcc88db286ae37a192a0117ac34225b179ac2469ff0a73a2e6a621179e5d7ffbeb709af2f515980c77f8155e22eb7c837a36786c2676bb545aa40b419a39695c94e8770e86b444d30302b800f552a409779053f266d210e59a7c8fac601ba2751a0153563661f02bc0dad5dc405f06e5cd89517c62069701004cf5596681b9b6c9ec327a68a738128d2b9a48383ecadece0647"], &(0x7f0000000080)=0xa3)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x1f, &(0x7f00000005c0)={r10, @in6={{0xa, 0x4e21, 0xd205, @remote, 0x7}}, 0x2, 0x3}, &(0x7f0000000680)=0x90)
r11 = socket(0x10, 0x80002, 0x0)
ioctl(r11, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r11, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf2508000300f7ea80d59ca162364f5686774ee7a300000000080045007332700008004500737270000800030003000000080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r12 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r13 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r14 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r14)
r15 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r15, 0x200004)
sendfile(r14, r15, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r15, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r13, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:08 executing program 1 (fault-call:16 fault-nth:62):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  858.407810][T25337] FAULT_INJECTION: forcing a failure.
[  858.407810][T25337] name failslab, interval 1, probability 0, space 0, times 0
[  858.428375][T25337] CPU: 1 PID: 25337 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  858.437080][T25337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  858.447241][T25337] Call Trace:
[  858.450591][T25337]  dump_stack+0x11d/0x187
[  858.455168][T25337]  should_fail.cold+0x5/0xf
[  858.459873][T25337]  __should_failslab+0x82/0xb0
[  858.464660][T25337]  should_failslab+0x5/0xf
[  858.471788][T25337]  __kmalloc+0x54/0x640
[  858.476366][T25337]  ? iter_file_splice_write+0x120/0x830
[  858.483929][T25337]  iter_file_splice_write+0x120/0x830
[  858.489420][T25337]  ? touch_atime+0x83/0x150
[  858.495006][T25337]  ? ext4_file_read_iter+0x110/0x360
[  858.502093][T25337]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  858.510045][T25337]  direct_splice_actor+0x97/0xb0
[  858.516618][T25337]  splice_direct_to_actor+0x22f/0x540
[  858.522183][T25337]  ? generic_pipe_buf_nosteal+0x20/0x20
[  858.527793][T25337]  do_splice_direct+0x152/0x1d0
[  858.532893][T25337]  do_sendfile+0x396/0x810
[  858.537413][T25337]  __x64_sys_sendfile64+0x121/0x140
[  858.543046][T25337]  do_syscall_64+0xc7/0x390
[  858.548910][T25337]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  858.555296][T25337] RIP: 0033:0x45c479
[  858.559190][T25337] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  858.578872][T25337] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  858.587359][T25337] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  858.595478][T25337] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  858.604168][T25337] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  858.612298][T25337] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  858.620552][T25337] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000003e
04:47:09 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20004)

04:47:09 executing program 1 (fault-call:16 fault-nth:63):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:09 executing program 4:
creat(&(0x7f0000000100)='./bus\x00', 0x0)
open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
write$cgroup_int(r3, &(0x7f00000000c0)=0x6, 0x12)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
sendfile(r6, r1, 0x0, 0x20008)

04:47:09 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x88000, 0x3f)
utimensat(r4, &(0x7f0000000500)='./bus\x00', &(0x7f0000000540)={{0x77359400}, {0x77359400}}, 0x100)
r5 = socket(0x10, 0x80002, 0x0)
ioctl(r5, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r5, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r6 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  859.111671][T25355] FAULT_INJECTION: forcing a failure.
[  859.111671][T25355] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  859.125362][T25355] CPU: 1 PID: 25355 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  859.134074][T25355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  859.144248][T25355] Call Trace:
[  859.147559][T25355]  dump_stack+0x11d/0x187
[  859.151912][T25355]  should_fail.cold+0x5/0xf
[  859.156511][T25355]  __alloc_pages_nodemask+0xcf/0x310
[  859.161824][T25355]  alloc_pages_current+0xca/0x170
[  859.167056][T25355]  __page_cache_alloc+0x17f/0x1a0
[  859.172186][T25355]  pagecache_get_page+0x251/0x700
[  859.177821][T25355]  grab_cache_page_write_begin+0x56/0x80
[  859.183499][T25355]  ext4_da_write_begin+0x1b4/0x860
[  859.188661][T25355]  generic_perform_write+0x13a/0x320
[  859.194023][T25355]  ext4_buffered_write_iter+0x14e/0x280
[  859.199879][T25355]  ext4_file_write_iter+0xf4/0xd30
[  859.205183][T25355]  ? common_file_perm+0x1d1/0x490
[  859.210233][T25355]  do_iter_readv_writev+0x4a7/0x5d0
[  859.215456][T25355]  do_iter_write+0x137/0x3a0
[  859.220070][T25355]  ? debug_smp_processor_id+0x3f/0x129
[  859.225566][T25355]  ? delay_tsc+0x8a/0xb0
[  859.229846][T25355]  vfs_iter_write+0x56/0x80
[  859.234384][T25355]  iter_file_splice_write+0x530/0x830
[  859.239793][T25355]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  859.245620][T25355]  direct_splice_actor+0x97/0xb0
[  859.250583][T25355]  splice_direct_to_actor+0x22f/0x540
[  859.255978][T25355]  ? generic_pipe_buf_nosteal+0x20/0x20
[  859.261595][T25355]  do_splice_direct+0x152/0x1d0
[  859.266453][T25355]  do_sendfile+0x396/0x810
[  859.270922][T25355]  __x64_sys_sendfile64+0x121/0x140
[  859.276138][T25355]  do_syscall_64+0xc7/0x390
[  859.280661][T25355]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  859.286599][T25355] RIP: 0033:0x45c479
[  859.290538][T25355] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  859.310333][T25355] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  859.318899][T25355] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  859.326930][T25355] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  859.334927][T25355] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  859.342914][T25355] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  859.350946][T25355] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000003f
04:47:09 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x400000, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f0000000180))
setsockopt$CAIFSO_LINK_SELECT(r1, 0x116, 0x7f, &(0x7f0000000080)=0x8f6, 0x4)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ftruncate(r5, 0xfffffffffffffe00)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
getsockopt$inet_udp_int(r4, 0x11, 0x3a0e231678ae1cb4, &(0x7f0000001240), &(0x7f0000001280)=0x4)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x2)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
ftruncate(r6, 0x4)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
r12 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r12)
r13 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r13, 0x200004)
sendfile(r12, r13, 0x0, 0x80001d00c0d0)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e26, 0x7f, @remote, 0x4001002}, 0x1c)
r14 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r14)
r15 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r15, 0x200004)
sendfile(r14, r15, 0x0, 0x80001d00c0d0)
sendto$unix(r15, &(0x7f00000001c0)="bbe8c33aedbc558ff0e54cd77890469836f33f6884a5783424853bc574173536a7c699072fbd00795c922bcf8c6f75102df97b74cf94dfc70eba70e2fd0d033924c37a290b40663a3aadaf4d16dfc1dd954db1ac5102350fffd920ef40d5359c7696a99477b5c80c7f32d9f9a56eb8dab6c605c895d380765331b6ea284b9ab801023872adcdcf410781aa362946952132a484fe0ec5d385493f38ceb8db05dbd1fd5359ff4bb77d5f8406ed8f8c07c61d21baba5a82935d0d4fd474792482524bc0c278efdeb91673b4160d47f1c1b3ddcd1ad8596de84a161c65f131a47a6351d746826989c3d4c010e63d545dcc00e1be1416f7ccafd4143db1a3a3fd0f6acc7b3b3dcc6302ded3d8b120f2878b9093e51def736c9d2d0a47ce0b5446ead48b8a57329cc388bdc82afeff5b40cacd0a6535a63de478e72886183610740e8e4df0679723471100215c0b842d1e8a67c92d002c5a37677ed5082b2287c7266728d882f3f950b02d7ef52c1cdf724e69181760557296e45d37210d49e37113b99340573285a6fbc371b7deff1ad1f3b3e3567f11bf601741771148184f4a336d8fbcb1cb71022995ce435f66c918077f7d4efd67765a5d40db731af1925ec6cc7132806210629495843a7bd42c63b7a507a2837c49b2ebff54e77a077828e4d199adba73012d1be08e0e2151bde0738c158290706398e8509ea0bb62eb3fc820714826e3bb60315a48027c2060ffa55478bfaed807756b41027bfc9428f4513c4c13f51501603e5e47a6a188dc0eb3621a47b00a7190ff0dbd80f2b4b7f5659ddb641ca6f36c8a17d4abb16a86129bec4a86d0a920896f89e2a14b20e633f145508c67eee9b0c6576321e0a4b2cd5f5d5a684007997285d4b3b9bba13314a8f62fb11f8f12731041f062f19ab9598240b20eb526c7646e0a7ee29adb0c1d0a18765e7f8b51259b51ee265f5ff81028c8ba406902cea611296fee32a03bffb47e1626e3751c3f66dd73b46dc05f4a397c9276fa163691d8e8c63a24a31fc71cb8a74015314918f3f281fe1da34e0e4916751dabc938d5b26520c6dcd92cc2bc448a69db90bc1b1547d5a48d4beff306e6412b0380654ebe3faa1c76f645e252f1153a389db6c18bdef518884485eaa72f0a66eb4f83eaaa557bad97d22d5772043a61ca1a933564c01da4bd471283f5465cf07b1372a3419f55864f5467967d686886c49c0c2367426193c13da771c3842b6d7cdb5a86ded19f322d34ea9ca2eae7b29bdcca21304effb2b916e1fee2b35c64585c748a5b38c70898010ec7e7d0301aa6d96dd9648f678a66c7f99784d346778ad9c2b9a471591a48e7261f7751a03d3363537ed3901f9b0b12138a68cd95777b560b009d9eff81fd50317304ccbde9a97fbc31554aa0a43a3e75137a000f2751d59160596b04ca176cee827bd9d326e81dcb626b81a9802ca6f13442399388d052ea195bf1baf09620a9b6bf7718c28e14e2fae3427925f0a359fc88599498b68150a2c1dfc57020016c69bb40dcc5d9ed7d9fcb38639cff54b3a0e48886cbd12eb27b860261d907a986dba3678f82d33674a4fe89a1d1a7af540debf527165fcc12776569bd5e27ea31f8ae0f9820837d3b99e5257740bb09439dffbc3297bc0d6dca2eedcef166700c469cbe17780b4bc9ffa230e478721f14aab4325600c3c762dd624731b2aa4dfbebdcd560ae6574898910079239befab5857cd1b9e044cdd5d852874ada3c3f26bc81987eb4068dca1c428d00f01bb7aab4b3b7db731070e32b3cd42c3b80475b7f2cf15e8eb2a3fb2db2489164290f7c164a36193c28b7c3dd8cda70db2068a6a6b2585f77fded9151f7cfa528b0f66ae33352ed12d8c5a5bbe3aa7d9dc9106a76b5309aaac90099449442dee2146f10b680305e888e12c22f04ebff3f762c176fe56ef1625b8d49c8c25ba7ee24f69c8cc1e5939203398532e4a8a618c7ec92a6ff00305fb4168d9d565b8246a2add4d927b876846f0667e6ee61d30e12e861b5a23a1dfdb24f42d18a4c928c3879f4018df8ae938b7eef0b9ff7b633cddab591121cb91b9dd0ebc91fc4daf3f051bebe6f0842dc89c0fa675aaf3abf6ea9975770638354bd0fee0526513903f11d3d096fddfcd6117b182555099599f1297f9284e4d1824c7e4948baa35e920379dee0537268e968755c9f9e0c62da4b4f2ef467eb744d9f7b35976eab767bee33f30f7348cfdacd09ee2eeff750a379e1696faff13b969195f7fb05834fb8dc3e24e576c457eb7f5b61f3af990df54f02f18b8f535646a55a742db1ad6b2ce6676059a878f6c2b445a7a5b97d4b3e0ecead5b04d9a721a6e63369745dce96bc21e91a009399e6e105b94f7d1bcba2480f179019047d4f71eca5321e51fdd263c588453d2905ef2b65cbc9d4eb259935be5498691d7a82c9ff22ee9540c85de322e8a187393319e7af475033dd2202de22496cce0828c55ac559e08dd1f0f5c9b1469714a3fb3f612ad91df3f543a074fd64dac787560722db7aba55398208b806d333c5dbe49549af5bac8fec5508e0fe64bbb6b420ce5df2fe6da7314621d501d5aac621ccb81a7554871eb886b2ba14ef74a7f1fdd668972630bbf0e76b5a23961d268a644c0674c033d031becfff38be50d6d5530a8f7a89133c41fd3605cc193bc2a98f7ffe6938000821898b958c0d13b207eff4af46969f755fa6fc3479b1e0adf1eb80e74ca11613f2fb98a726979f4b9a3e63e77b494e915bfedf1158c597c0788c0b62341caa1e1e9173fe7a356db32f8c607d752d8d247cda498fd24b157dfcb07ebb4f3206963b598f4a76c8e7a1b799e830754d9eabb523c5b0b3fb7125448c98ccc2ab484161e002de2a67e9d132a0ad8fa4fc646985817b1969fff2d2761ae28512e619b20c6d4fe36e97e64f7ff6826535787b716adf46599ebcd4c3f890a98f585a591de1f0b4ca6d58460d4a7589c7097a7ad957bc77d0f81e5f51a3c80f5281bd7b395089d995d9b51a01f80cb1ca50bd7bd62ec4c149dd1811c23fbebb80ec19281f9f1b498634c1812636f62ffb3300a6ac7e9d77bf889b815b81e2bdfe9e748696c5021fde9ee860d1e9887c15de48a69a63aad7d6cb0c0d64a386bdbf486ef9e79e514ee202e455ea17bf3265d662cd58894a77db5fd4dde6aaf140a6241be70b70bae9183c2d4fee251e5764efb8a76465d215b13491c87b3b9e7aede9c4cab977586bd4c7431575a294fe8571f5ca993f3443c8666fa512d721cc125a6dd1508f1eb73a6e0168104df8e4e1a8007c5a7a6a5171cb0f1f1f8298de31ad85ac58936dbe68a30b8addecbeeb6fe939e82a0dd7ba6610046de9098ad7b4a1276d6f1cf8307535d2e5e6a7abebeacc3c13b5bb5842df690c7bf5e58d566026fc4c672c36a4bfae99cec5e20d1cad7f5ac05965c0f14a5bde87a3f2ef11a44fbb1e5e3231588caffc437359584b5424ce30767d315c4274bb0eeb35368ef1d51218d85933a90f941be3e2b7ad1637485caa3be5d5571bfb3ea6fe7a97bd9b9dd76befe215df04e97286e4d59ea1873cc39047b16def62c91ddb41d9a505a40505cc995ffd793c48d3dc63b99f86f537375626b8566ac49a5f038d02adf633a11b13e82bb333befed423d49e379f4140e8924d2bd8ae8985837f65c0cbb43314af97b8b40ab4c73ab3b1d6b96ac9547e4b31617b591d71641430ce6a848aae1a317a490b10b5e4cefad69f89b6197bb00691f2f198119a7528a55b008931fdd1e6ee1f220b3bb1774f5cfaec67f38bd9a16db7477290437c835dc7568c9c7507d877a24a1a8a5ea3a2ecd1187cb71a1fca94761aaa0250aa0e4ee73b68aacd129f08810057c636f88ebd06f8e701dfae50e8469c1a7c8728a6dd22a1722e0251717c49572f5b8bdc7d65ddf5aa92f09b4383ea8c5ad468a06ace07c7939c3ffbc3595649d04b8e4b2aeec5c956bae4ecaca0304336d3444856377fe9765ece64311ff57706386ca8ef4a1b4d3413cc956f749d33a38e9292dbbacdc6dfddc35d28f4030814f1ebb7d572a4831730a3ecbb13fc8ac9bbe959032eed753358b2194905a9bae72de5b47a8ad2626809fca3e4cbba7e4fd91c54730dadc156c874e981562011a8d27f9bde38f254e56bdafe4d416989747d07c1966ede92cb99a01185f9012405db344e0760498642fb85aeef03857904819b62108bf55cf03058418c3ab16e4b20382390f4f592275277092554c4d943372f427384a2944f4727dcfbb8147d41da2b21f76bc02fbe20ad5d12cae2094879b769632058cc074ee2abbaa2b61be4e68464e3dd286013e7c10e2c39d788a613bf4a5a1624fb584890f60584f963ed4668602b39ee2dffaea72b0f6c04cbce2134ab4feec4b20ad0b1a4005f56b213a7780518c0906c67661a87ee6fa570f877ba0892164c4a88bb36a9b95473fa040504bc3566e88cfb298fea706fbdff24abc744b8088c80599bab18b6cdf66db10dd7f07848abe56097095c7bcf81f9bf3257031a43f9be081880899505f5733e3cb7ba736d28495c2018ec43e7755a41763f497fd6cbce10f016b729390e962fe84f9539af15ab756be15ed27f2b4980e59561c8ebf57fc424245ef84477d015f4ae7f9f6d710a87da21c84ab200870e8457ae7ebec24ccc342886d5b414fc94a61d59563539d483216eac4031bd611e359192b2cb19900ae0f96016ad392f4fdc0c4e07610f0bfc37f7e0de4c2114e0756e0f3d4ddb615c020018a759c333265afeb1102de36f45fa6bf528eaecb0877b48e2d420872309a762dde144b976bb87c3e5f658dfa2046da8e24ae998aace494e5bf4b5505febca8dc10966e6c4379153b68fd355c19425311a8c530099fc44a0b3ab460e8bc324f531507ed896eaaae92d75bfc710eeac053b9d9290bf2f2795bbe960e25ca10f3961f1eca15c88272bbad3513933d70c93fa82e3b75e6f4b3dc2a2e6716b74ea5462b5f391d41c0081739abb40daeb9e2371a061ceeb4d1db545ee7d003da428eca6c24bd6056243d35e0fc744044852e218895a2e197d2f092de44b912905dc63fbe7f29f088157592186a85e40e382ea1fb5db877c667e1f7fd3aaf55e532313f299f3c962ee0b96657afe7d9a82095f12e389620badddc362d268f9ebbe27a62697de06d1970be02cc0fc809b0bcab58e17b9cd5f8a7ad11dfc1a5337eb9563ad67434d85f036a97995e3e34f0e93f59d2d0e31b5e66c3ca3a554865f9145ca327ae2061441744ab8733cb276f2ddabe3a0f6eed10ea5b27c43c10950cc2456bf90118c94c534e4cb21d2edde8531f9aad0afebc5074f6ce3c260d292cf83244ac77850696c473cb50a4ecbd1037d46d03236ec500774039bb7937949f36b28b87796d50d2805d829b216c75c5dbc142f8e37a6187ca28c5234da9555f45e090b5198f15e01ccc442ddfaf70795e63a367a133c20ee16b8220d7c28226507e0e2642dab9d7115fdbeed45b57d3974ec5da5997bd8e746ba14243d4b4aceaa8f34c7f885f7b2ca371a970c3d7d0c2cd4e657543f2506299e92f7d98d8b7b052bcc3c51e81c3c96c9d87f0b26506fe27542f988572dfa5f46e7c770443f510eab9cf6f0425810e41d4dd089c3cb5afd3af21d66938d8f89571ed9fb60bc1d54bb8c28596daa58d18aa9d423640ebd7407a0a928bb5ade138fd8817132d9a813f20310b77323565b06fbb7182167b8019eb19dc8124dad0cfae8fb19da8ef5f8af974f0acdd6faf0a1795b7ea468", 0x1000, 0x48000, &(0x7f00000011c0)=@file={0x1, './bus\x00'}, 0x6e)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r9, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
sendfile(r9, r6, 0x0, 0x80001d00c0d0)
prctl$PR_GET_TSC(0x19, &(0x7f00000000c0))
r16 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r16)
r17 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r17, 0x200004)
sendfile(r16, r17, 0x0, 0x80001d00c0d0)
r18 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r18, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r18, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r18, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ioctl$sock_SIOCGSKNS(r18, 0x894c, 0x0)
r19 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r19)
sendfile(r19, 0xffffffffffffffff, 0x0, 0x80001d00c0d0)

04:47:09 executing program 1 (fault-call:16 fault-nth:64):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:10 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20007)

04:47:10 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/bluetooth/6lowpan_control\x00', 0x2, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r3)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000240)={'filter\x00', 0x4}, 0x68)
close(r2)
ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f00000000c0)=0x6)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000140)=0x7fffffff, 0x4)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r2, r4, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000300)={0x11})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, &(0x7f0000000200))
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$TUNSETVNETBE(r4, 0x400454de, &(0x7f0000000180)=0x1)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  859.843587][T25377] FAULT_INJECTION: forcing a failure.
[  859.843587][T25377] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  859.898356][T25377] CPU: 0 PID: 25377 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  859.907060][T25377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  859.918419][T25377] Call Trace:
[  859.921738][T25377]  dump_stack+0x11d/0x187
[  859.926094][T25377]  should_fail.cold+0x5/0xf
[  859.930743][T25377]  __alloc_pages_nodemask+0xcf/0x310
[  859.936069][T25377]  alloc_pages_current+0xca/0x170
[  859.941200][T25377]  __page_cache_alloc+0x17f/0x1a0
[  859.946332][T25377]  pagecache_get_page+0x251/0x700
[  859.951385][T25377]  ? radix_tree_load_root+0xb3/0xf0
[  859.956682][T25377]  grab_cache_page_write_begin+0x56/0x80
[  859.962334][T25377]  ext4_da_write_begin+0x1b4/0x860
[  859.967794][T25377]  generic_perform_write+0x13a/0x320
[  859.973119][T25377]  ext4_buffered_write_iter+0x14e/0x280
[  859.978860][T25377]  ext4_file_write_iter+0xf4/0xd30
[  859.984437][T25377]  ? common_file_perm+0x1d1/0x490
[  859.989745][T25377]  do_iter_readv_writev+0x4a7/0x5d0
[  859.995188][T25377]  do_iter_write+0x137/0x3a0
[  860.000200][T25377]  ? __kmalloc+0x21c/0x640
[  860.004723][T25377]  ? iter_file_splice_write+0x120/0x830
[  860.010678][T25377]  vfs_iter_write+0x56/0x80
[  860.015275][T25377]  iter_file_splice_write+0x530/0x830
[  860.021031][T25377]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  860.026897][T25377]  direct_splice_actor+0x97/0xb0
[  860.031953][T25377]  splice_direct_to_actor+0x22f/0x540
[  860.037366][T25377]  ? generic_pipe_buf_nosteal+0x20/0x20
[  860.043046][T25377]  do_splice_direct+0x152/0x1d0
[  860.047926][T25377]  do_sendfile+0x396/0x810
[  860.052531][T25377]  __x64_sys_sendfile64+0x121/0x140
[  860.057907][T25377]  do_syscall_64+0xc7/0x390
[  860.062440][T25377]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  860.068344][T25377] RIP: 0033:0x45c479
[  860.072280][T25377] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  860.092161][T25377] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  860.094640][T25383] QAT: Invalid ioctl
[  860.101135][T25377] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  860.101144][T25377] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  860.101154][T25377] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  860.101165][T25377] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  860.101174][T25377] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000040
04:47:11 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = accept4(0xffffffffffffffff, &(0x7f00000000c0)=@in={0x2, 0x0, @multicast1}, &(0x7f0000000000)=0x80, 0x0)
write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000240)={0x14, 0x67, 0x2, {0x80, 0x0, 0x5}}, 0x14)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00')
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r4, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'vlan0\x00'}}}}}, 0x34}}, 0x0)
sendmsg$TIPC_CMD_SET_NETID(r3, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x800, 0x70bd2c, 0x25dfdbff, {{}, {}, {0x8, 0x2, 0x7ff}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000001)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x2000, 0x90)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)

04:47:11 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, 0x0)
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:11 executing program 1 (fault-call:16 fault-nth:65):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:11 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000080)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000ff41f0026bd7000fcdbdf25080003000000000008cffe1cf183716f65000008000300000000e864180000000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_RES_CTX(r12, 0xc0106426, &(0x7f0000000500)={0x2, &(0x7f0000000440)=[{<r13=>0x0}, {}]})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r10, 0xc010641d, &(0x7f0000000600)={r13, &(0x7f0000000540)=""/188})
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:11 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x0)
splice(r2, &(0x7f0000000140)=0x1b, r4, &(0x7f0000000180)=0x20, 0x2edf584, 0x1)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCX25SDTEFACILITIES(r7, 0x89eb, &(0x7f00000000c0)={0x6, 0x6, 0x401, 0x9, 0xe8, 0x1f, 0x1, "a9bf97a0f148f05534bf91f4963f5d5f44edc9fb", "e06a88bd39980bb33dbf1af1a5d1c44e03daf063"})
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:11 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20009)

[  861.376948][   T27] kauditd_printk_skb: 80 callbacks suppressed
[  861.376970][   T27] audit: type=1804 audit(1583210831.644:8484): pid=25399 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/562/bus" dev="sda1" ino=17534 res=1
[  861.437929][T25406] tipc: Enabling of bearer <eth:vlan0> rejected, already enabled
[  861.446242][T25403] FAULT_INJECTION: forcing a failure.
[  861.446242][T25403] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  861.481121][T25403] CPU: 0 PID: 25403 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  861.490115][T25403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  861.490639][   T27] audit: type=1800 audit(1583210831.644:8485): pid=25399 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17534 res=0
[  861.500295][T25403] Call Trace:
[  861.500347][T25403]  dump_stack+0x11d/0x187
[  861.500370][T25403]  should_fail.cold+0x5/0xf
[  861.500402][T25403]  __alloc_pages_nodemask+0xcf/0x310
[  861.500438][T25403]  alloc_pages_current+0xca/0x170
[  861.536225][   T27] audit: type=1804 audit(1583210831.654:8486): pid=25399 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/562/bus" dev="sda1" ino=17534 res=1
[  861.539084][T25403]  __page_cache_alloc+0x17f/0x1a0
[  861.539126][T25403]  pagecache_get_page+0x251/0x700
[  861.539201][T25403]  ? radix_tree_load_root+0xb3/0xf0
[  861.539271][T25403]  grab_cache_page_write_begin+0x56/0x80
[  861.545289][   T27] audit: type=1804 audit(1583210831.724:8487): pid=25404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/627/bus" dev="sda1" ino=17547 res=1
[  861.568544][T25403]  ext4_da_write_begin+0x1b4/0x860
[  861.568576][T25403]  generic_perform_write+0x13a/0x320
[  861.568608][T25403]  ext4_buffered_write_iter+0x14e/0x280
[  861.568629][T25403]  ext4_file_write_iter+0xf4/0xd30
[  861.568656][T25403]  ? common_file_perm+0x1d1/0x490
[  861.568723][T25403]  do_iter_readv_writev+0x4a7/0x5d0
[  861.586737][   T27] audit: type=1800 audit(1583210831.724:8488): pid=25404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17547 res=0
[  861.589704][T25403]  do_iter_write+0x137/0x3a0
[  861.589725][T25403]  ? __kmalloc+0x21c/0x640
[  861.589743][T25403]  ? iter_file_splice_write+0x120/0x830
[  861.589764][T25403]  vfs_iter_write+0x56/0x80
[  861.589786][T25403]  iter_file_splice_write+0x530/0x830
[  861.589892][T25403]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  861.589958][T25403]  direct_splice_actor+0x97/0xb0
[  861.590032][T25403]  splice_direct_to_actor+0x22f/0x540
[  861.621678][   T27] audit: type=1804 audit(1583210831.734:8489): pid=25407 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/653/bus" dev="sda1" ino=17544 res=1
[  861.626927][T25403]  ? generic_pipe_buf_nosteal+0x20/0x20
[  861.626951][T25403]  do_splice_direct+0x152/0x1d0
[  861.627026][T25403]  do_sendfile+0x396/0x810
[  861.627061][T25403]  __x64_sys_sendfile64+0x121/0x140
[  861.627091][T25403]  do_syscall_64+0xc7/0x390
[  861.627124][T25403]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  861.667500][   T27] audit: type=1800 audit(1583210831.734:8490): pid=25407 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17544 res=0
[  861.670654][T25403] RIP: 0033:0x45c479
[  861.670677][T25403] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  861.670686][T25403] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  861.670702][T25403] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  861.670711][T25403] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  861.670720][T25403] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  861.670787][T25403] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  861.670807][T25403] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000041
[  861.679353][   T27] audit: type=1804 audit(1583210831.734:8491): pid=25405 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/601/bus" dev="sda1" ino=17546 res=1
[  861.895446][   T27] audit: type=1800 audit(1583210831.734:8492): pid=25405 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17546 res=0
[  861.942825][   T27] audit: type=1804 audit(1583210831.734:8493): pid=25405 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/601/bus" dev="sda1" ino=17546 res=1
04:47:12 executing program 2:
r0 = socket$inet6(0xa, 0x6, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
sendmmsg(r1, &(0x7f0000000480)=[{{&(0x7f0000000040)=@hci={0x1f, 0x4}, 0x80, &(0x7f00000001c0)=[{&(0x7f00000000c0)="407de8ed6ea25d35b0c3e4303d0347e6ea49ca95d7802bd425cbcd8e8458204acedfef78295bbc65993382da941d3315d9dc8d1b17825f6479c09d76e4570ad6244a1086e8993ff8e0d6aea7cd48e4594be62627a58595d991f8c0bc948316221524c027cb25a78046b66ffe8510ccef", 0x26}, {&(0x7f0000000140)="aca4aad4e66c534ad46524dd2ee90bcc86ed9bba3a4c78a83d8bd7a09776b64f97bbe2e3c9da9ae63e56087f63c2", 0x2e}, {&(0x7f0000000180)="8edd1d56c5767b5737ab9386444c55643a215fef5b71f4cd077889f8017d9c77e2db37a41223d792", 0x28}], 0x3, &(0x7f0000000200)=[{0x60, 0xa43dc9de1a9bd39a, 0xae7, "4b0d6ba5d490e012c38e781a013c827a3f565a7c5c267cd1c12e70751768a1129c40308920dd275a2f2260bf0aed544b9805167ee3760dbbba88f8688db10e38127091e3bfcf79b0037b"}, {0x90, 0x109, 0x401, "ebbcc59131fc03555ed04e8995a5dc5f04a62301baf20631555962f62743d63eb62a34c83ff1e2722cded37e6b63f6316dc9509a9e359dc08e0823d8928ff474c01611cfc5de9ed9ffb6868795c6dade0e499e71845748f0c12159f76c95a73950f154d6e0a5c58ad1f8cb540427900bf0407f124141514e4c3688f4b41198"}, {0x100, 0x11, 0x200007, "ebd7becc861d8d75e84faead34bfe08c6ba52ccd7c9549d64ca1b1514f8aea6b2968646df84e09b1bd9eceece5281ba074b8237a569d083d2d238df93c23276e9859b3f3b72ef92b898c4ca512888cadc2e487ea6afb18ce1f0f2605879c6a93450f50d14c7e24c0dc4f263dcc7dd833ea1cdfb1e0fb4d86f85f02d925d22fb05ac6658d0ab0e511bbe7bb69adea6a4289a7b91b234e93e2db5898f393951aeda14acb6667c0be2c24cc92fdefb4c6a36ae21a6455acc0c7454a7c6fc4006b4f12614323606fe3edea71ce355e1221b394d4b99c6fa268f925ccfdd5fd18e666a67964ce90dfb7bf388b"}, {0x20, 0x116, 0x80000001, "b63395c614ebd239120be0b99e16"}, {0x38, 0x108, 0x6e, "4c3a1a922394198709b4f190825bb687010400005cec9fc73327f60008fce4ae9da06d"}], 0x248}}], 0x0, 0x4000000)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x4e20, 0x20, @mcast1, 0x3}, 0x1c)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)

04:47:12 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2000f)

04:47:12 executing program 1 (fault-call:16 fault-nth:66):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:12 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in={0x2, 0x4e21, @rand_addr=0x5}], 0x10)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e25, 0x0, @loopback}, 0x1c)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/seq/clients\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
accept4(r6, 0x0, &(0x7f00000000c0), 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$dsp(r5, &(0x7f0000000200)="220fd9227f3fe0dcd6f8b492263c51e19540b6798b4dd9042ca8b4f2046af7776fe1511e492304e7e50622fd34ef7a5a242d4c99ef23d79c2682a1501e161d2bc33d14ca81369fd851c4888e9090ba3f9693a13482291eea52ba8ed4d4693511487f6a3678456a9a7d78d9e3494d188468ae8b98e883dbee06689789c9faf93c47d4d1e58cd9b0f4d2c9be8cf9108866e3a4467facae7dab19f743a6b49d1f675de6c6f4b2dc6f4cd76dd5a262867845eed42fe0ac82e05e2c67bdc2e4961f9548cbcc1f7d650314ab95225a8ecd73c4323daf3bf0ed8a1d1634d0bbfb56da24d1d377e85ca85b95bfb97267ca957d20c1df2db30c68963d46d8cd5024983ea1180fcf9e73eac4f2f9e90a76f52c0f10ddc0ab497a0fdf956815930adc56f3c42db11a614754cc85a0cad0b40151f8599385ff10c18d7df817cdc044efc90ba9e7ddcb2dc329cc9c7da5573e2e1a429e1e447d4824d82acc2673f19b5507c0b15de94c3153a617f0982f5d2ce6df2fb00be10984373be7c0f027a9e97c31eddf778e9a83e23fb98e779d304e3af55f3b51752fb28933331a6ac36b5d3451a9e2b0fa04134c7c4169a9fe734ddfaf70a2f614a9c3159c24de8a5ffe16d9bea816ec8e95a993d5c3402af556a8d5c81173b988cfe3c464660a59f5a6319cec3633886c08c088ee46f718845ff57bc5e58a09cde70dccd36da71d4ee7b429afe9bbde22b34bedcc9dab112fcf31dd7a57354fcba5b566efe3b6802fb9d358c37dcd347eab2001b94b21485d7cb2268cac654db574481bf1b15d371252759eb619835a16ef7b0f3684ee457aeafff371849b56b42ee8644f90ee97daa5432bf5a465aef867fd8704b501c4da0617d7a6e856f21362d77e2cab43994c226297de579f925cff53a73c22ccc71224ded9f78c110dc3288aa7badce01019ed4f65582122796640b1e8280b84def251fcedef904075522e873d6b67932438d247b614c1b921614a22098036a25763424764f14211c578277e2d6ec3c9a8c27e20a3cf0459488a6e5cbc745839d31781a042245319d7cfebb46e059960ee5b2a14929a2d4270d0c29ae93b1f4415f2f1493aa2f5d7900d025fcecd2bca13cef2b4c8fc109f001ceb221b69048e4ba28947a0cb87b00ae3b99b0e8cd662561819770801b07e39c59dd1f177867116a97a1c0b1bd7db6387cafce3a674cac613cb0e9732129dab2553a1d229428ad8a1509b6f3a0681255a41e10c679a1d1657e5e26ecb6b16080d75aa2c4ab24c0e690023b38f38ea24916cc1e025343a9a885713a7e4a074efd8f1ebb37357598667581c6aa7f64067f7ae658913f532f7d08da603aea0ed2ac283822e545b00c38265b927e5c5cc9b2be5825df04027c9004dbf7951d1ba9f5ffc09bde7fd3b66d910b815030b56cf773df78ff08fc2fc3f75b6f2eb060314dce33831b06e435f61a90ac3023c24571a93d7360e19aaa31309ca08e2b8e16625b69634910e55bf6977c87dda6fc928d0ffaf8681745e84f2d42534d7ff0f1d12a4418a5583efe6b60d953dee8bb94c20d269a45e1ea4bffe5da4ccf5d7b5fd16d3b7c9805286fa9644a889ef67626950dbb991b5dfc2b99274a95eed083affd07a439a5888e27b92090c6f1b30b8cc7c55909cdda7e95f61df9fdacd139200140d7cf864137ab484874b852c7ff7291dc0563a4462ee332caa83110e0ca539cef4366a3e15ba0dfde8654dec0592018c9902afda98f54ce5e4fc977e8457289b7e8cbe80bd073aedde26b60663de7ec7e9a3c39ac80d5454287611372585bc0f2826209b746eb54e3b63a5822b7c55436420a39944937c31a95f1f85bc5e85a23d9d576db0700de65b6ebc4af37d598da4e405f85bb7173e891b988233b754972cbc24dfbb47750693164a87f0d7df08c6124624b6724b11cb9f2f6a30fc8a0ebabba5c4a33397b1489846c1cc67c30075a185f44b6554ec4b0da4998f687f5472f62396442b6543d91575e69e121eb96c89cf71bbdffa950a120d1f99697d694e4707224fbe93da7debbbb2a8761acb11f0236c2fda8d80931f7e97c92a1d7cbf937f7dcf3b8f84c81abe178f32007bb0019d045c2b11f2e05630b8030da07637c54c6126a75e4d09988bcf68a9e9955d5fb1f3ba58909201860a567a52b770b39d171bf34f75ac70921d07778d7c6b74b23a16ce6c3f42f43f124670553ed9c69275ff990716e1ead145e55158896a249b8d98947a715aa5d4c08d0593dd559762cc0233c29028f79f1ea3d8022f928ebbacb4a2b787ebbc8501508b05b4c240f8c3b56815d4f41c8ea26c8e88161de5f1cabf6f4647a17b507affa3328d7a96aa33944a0acfccb5c8e71463b8387f03f87897f4c81d39690dec74f6bb24c2faf7de5360a296082a470198d9e68a50d3f3a526c70fbcf17e4ae09268a58cee82da7175f22971d2281d0fe5fa337af83651485f3f89cd042e2708c6528f037bbe4b5a26e6d8be1bfe50716071cf89f607d3a3f44b86083eece4659f6269bef61255c4c56d6fdd17dd86b38a4ea37078c6eee27909277b203082a02aadb15b70a1def04fd0db6a27a7422b17d971e2d7db756d0ef4e6edfade824fca3c79f308f7e31b4ba0ce6850815bda236c845bc7f95bfc940f8716b99e08d74428951158b8af5721225705c34e62072dcde14818e3e4910749e4467e543c145fca132a54ba3d5e7b307c2da20f389b6e7cfcc0315e9ba28f4b614959e74d4a1accb84f643b27d733df6aceb14fb395dd4cd5c4ebd5411b94c6abb361a859b2329463f4450b78b7485a5ec00489c50bacf92ba5028f08cfbcdb4716bce0cdb79f4e7987edef5ae78d8aa5cca61aa30da6d8704870048ebc1506e16dc82e0b6f0bcaef38d83d0ef6f3b3de608629a7960d157c34d0e635c2f3a0fbef70375c1e7db56b202f0b466bb1b599ac443aee99305dad2c0c723fe24d7ae2cd4b7dd8fa2f2479e81a9d28d793b55333f6926a52b873260f5067a9d6d5a3306069d68cb2557623f40f651076f0e48533874bbb104fd1a400860af2c5258d6299fa0360a978830cba0fab58e42b0e5fc5314f992165b7547e4fef48d6f2f5a1d7d277d0c6a0025a5258942b9dd551db8940f905f1231cfb4bde20e8db79ea67558b36510421e2009705e498f783a99ba0d0f04ac640baab81da36d538268fa1ff3c5504c4aedf87a53cadc39c19c7aa13cb84c7e21b5786f88ae567f2dc55a8de36b406180462fd324267e2e21db79cea97102fa449f1543f0bcbe234be026fcfdfd00939ffb3a26ab7aa57aab41d12ce178e464219b03063578154a5ab3a829dda6b43b4ebbf6028ea57cc65c92539fdcc9bef386bfeae6fefee411c221abd911fdaf809b422321c21a62c6f444580483ef0891600f9e79cbbfd478a7f1760a56409ece6bd002d15a265fb419600f889413c2e7782e966e496841867d911fb59a4b39f635edfab5c75320b9376c15df1592e51f432255e214bb390bfad5d68952748d0491ab82e54038e770afed0f02aa4ee3e7fd2022b187ae9769f4067f019f40d04aa9154e4003c17945068a3bc430f74f07341aba0b904d85052e87b1004fa19cfe2aed3a6eb34b2bd9bd247245a2ee94ae464da26e907848277a8c96bfd92f1c26139ade6994a84822b8e1cc27458a4dcb6332a58a5fabf7a1485fc33ceaee545e59092371d52b268e130500729b77e79ea8d5c07d02c7914e16bab92022cd70bfb035b3786acfde534d0007a43bbc671051e3156020356681f0f3f34f17f9a0f06cc6b1a16a70168f93f18c4a4e052a21d436b2c3988e14848bc78ce430619375e9bfcd18181be5cac1c2c44f2ec0e0557d785eefcc31e09e137a722c7c8e5e0a76b56196d875c2a80a43291f0e1e3581f1bbfb9b55ef6539c98606aea2d0497b603debd3ac3d3cea1ae9f2d21688d2e6961e5d234ef85ee87460a7b8ebadf3a91759bfef84d2f7525a4c30550fdff0af2ffaa1e840b1d8e3786399db09080ee6bc664712bcda07b062043693bedddb7031ce52fc0d020bca9ba301cffc95d698b96bacf9552be5c93db300fff5376c7603c168bc203baa44537d92e3dddbe967e4c8b8e4a380f5b319908952a125c7c54ec589a42518f32a3363fd05914c50070b8c09c0dad5b011d3c210e4c7fc6dc28b7fccf7297fba71333c1b69e1023078edca49417915447116ef6769adef652a35c4a6bc06fc3db7ec6dabe64cde417b97909a10fa2f08d4d26b7f061b752fce1a152f2d56acee6aa9804d8f5f9cdca162048d45b1a5938ea9d90e9ab275c7c1aa06ac253bfdb3aa7b2aaf9d1d508f18d480d414866fa196548a3fcd4bd0cd46db6d4bd4aacdeee23830d592d98ce4924aa2dfe221283278c087664419fcfffc06df27cec154340bb6d115d5e48f187485701e56cd86471254d76742c73bad0aa373773d36da211440feb350a1822587634e302bf74c056768d5b335d2728a2fa58727496ceba8604fa0405271bd4beb502d2f2e5c7d4bac1c0f9b429fef07c339b116697cd276f871970f0bd31c4ab6dbaee19222400ddd8643bea6d1d890d94ebe475c090a536b3bd00f8a272e9f155fe93d018be55f7ab7f401e7a2a3eea35ebd00ca5660b0f9d8c5aa96ffcc759c84cbb699ad6d3c725c35ca8b9479cea0e814c825c3d63a1f4626bd4f0c45ebb181671eb44111b8856d4f79ce5dfda5fc812370a05676fdc500c6b6ac4ba9db43fc4d04144a6d65e925614fd3a10f1ee64e364e35d18661fc0ed726192463785039f2a2d40bfe3e5ef5a9b32c6ec775be92e2a35d4f1c6ebb72fc8052f0bae4b4646352fc102e3c8b608143c320a2315572152680ddc02f8dcaf2a0cc4dd1593695fca9e42374ac0a7476440f304d3d8da9b3293c205847d75f2dcf97d86677b12ed6aa7b85529bb4bb7296f4433f925e88445b01ddcc84614b29278c82bb3085a1f792eadd0ebd6cfbb522b0affee3edead98d621a7f1f82eeb509a323f2aafa3f687deb90168284cbf9ba62835d8ef10c51c2d01967ee7fbe779fbb8dd4f2bc7b2156313b184750febd805b2e61601176282325b07ed9a4e31935b69caf794d9d2b447acf5f4bd0208fccc2217b77e5591b7a5ac138d80f7972e09f707db070eadb8bffeb65150bc50d61e88efc251266d617eec1cfa8b9799546d07cedd05a4f66f739ccf0a2b345b2b9dc23be01c011a047fdb9ff1064bc46141d5015347c08520757a91048f0053146cab93dcd6015bdbb6b38577052eb8a5c289e58c1c30dc809e6b2777a9cbec66086c385612b249613e145b676eca37ec3488668c7059cb860525dd323fd470e6efa0f1ceae60cc9410fd6756efd1d4c17947dfbea441b09f7d9ef562b2b9289f799822bb5e4ab55c1fabe171ef41bcaf58d8ede146aafede3e520273574b36d2e71842ebe316ab27d6f3b9e8373210e37a789cd86c00ab329af1b0ff991a8f4f0d86a8b42c7fa9df5aadb70592495cb16cc8e9707fcb11fa517c7fdab343533fe85193f2e9885a2f15fc615846b22824c7e3e7aada689858a69008a451608f36394de22ea617db0074da0bab5b379fc6f05860f01fe0d25c4926b2fd845c60c29b52c6efb82b24697d8ee1b0c47c73b4a6b3e219e0752c891c76976a6760caeb6bae0141754a5b11558f31132fd894f295141b839c59e8792241f7231e76de731f3eab7ce491ac3394e227d60feeff7cabcdb585370d2a6bd6484728fe373515b47e1bb7993f734362832273d7a495211d00009ece4cb55c15", 0x1000)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x9)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  862.498034][T25429] FAULT_INJECTION: forcing a failure.
[  862.498034][T25429] name fail_page_alloc, interval 1, probability 0, space 0, times 0
04:47:12 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="580000000f14000026bd7000fcdbdf254b8503000300000008004500737270001100450069625f6d756c906963617374000000000000450072646d615f636d00080003000000000008000300000000000800030002000000"], 0x58}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB='\x00']}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
ftruncate(r10, 0x3)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  862.573779][T25429] CPU: 1 PID: 25429 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  862.582617][T25429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  862.592859][T25429] Call Trace:
[  862.596181][T25429]  dump_stack+0x11d/0x187
[  862.600560][T25429]  should_fail.cold+0x5/0xf
[  862.605102][T25429]  __alloc_pages_nodemask+0xcf/0x310
[  862.610428][T25429]  alloc_pages_current+0xca/0x170
[  862.615535][T25429]  __page_cache_alloc+0x17f/0x1a0
[  862.620589][T25429]  pagecache_get_page+0x251/0x700
[  862.625844][T25429]  ? radix_tree_load_root+0xb3/0xf0
[  862.631080][T25429]  grab_cache_page_write_begin+0x56/0x80
[  862.636733][T25429]  ext4_da_write_begin+0x1b4/0x860
[  862.641882][T25429]  generic_perform_write+0x13a/0x320
[  862.647207][T25429]  ext4_buffered_write_iter+0x14e/0x280
[  862.652789][T25429]  ext4_file_write_iter+0xf4/0xd30
[  862.657990][T25429]  ? common_file_perm+0x1d1/0x490
[  862.663047][T25429]  do_iter_readv_writev+0x4a7/0x5d0
[  862.668268][T25429]  do_iter_write+0x137/0x3a0
[  862.673760][T25429]  ? __kmalloc+0x21c/0x640
[  862.678376][T25429]  ? iter_file_splice_write+0x120/0x830
[  862.683956][T25429]  vfs_iter_write+0x56/0x80
[  862.688571][T25429]  iter_file_splice_write+0x530/0x830
[  862.694046][T25429]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  862.699875][T25429]  direct_splice_actor+0x97/0xb0
[  862.704843][T25429]  splice_direct_to_actor+0x22f/0x540
[  862.710333][T25429]  ? generic_pipe_buf_nosteal+0x20/0x20
[  862.716383][T25429]  do_splice_direct+0x152/0x1d0
[  862.721572][T25429]  do_sendfile+0x396/0x810
[  862.726122][T25429]  __x64_sys_sendfile64+0x121/0x140
[  862.731427][T25429]  do_syscall_64+0xc7/0x390
[  862.736007][T25429]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  862.741943][T25429] RIP: 0033:0x45c479
[  862.745831][T25429] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  862.765525][T25429] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  862.774079][T25429] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  862.782205][T25429] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  862.790243][T25429] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  862.798231][T25429] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  862.806215][T25429] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000042
04:47:13 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x5, 0xc00}, {0x1, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf25080023000000000088000300010000000800450073727000080003000300000c661980fd63989500080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="0000000010000000000000000000000000000000e4b7efe2752fc984294b0a938842680ad0a5aa3a179114af94eeb460ea8577b411b62bab2cdc9b31238dee10394c443d15a6cf08b1bdbc4cc67a200ae6b0f9422567", @ANYRES32=0x0, @ANYBLOB='\x00@\x00\x00\x00\x00\x00\x00']}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x8)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x1080000000200003)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
fchmodat(r10, &(0x7f0000000080)='./bus\x00', 0x24)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:13 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20010)

04:47:14 executing program 1 (fault-call:16 fault-nth:67):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:14 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, 0x0)
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:14 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000080)={0x9b0000, 0x82f, 0x6, <r2=>r1, 0x0, &(0x7f0000000040)={0x9909c8, 0x7fff, [], @value64}})
ioctl$USBDEVFS_GETDRIVER(r2, 0x41045508, &(0x7f00000000c0)={0x6, "a0a7a4cf96e1f301cb85b134a852051dac13a4817b7f833064498993c81b2eb94c2e0a3ef66e53481af978a49a205bf7916b882c3195d98b177bdd0a492a0ee9fc1802efd754249ac801b128992cf34a04308df09edd207fe1c3e915cc45e1ea31491f564e1fa4259025de959d8a5663107358c67a6bad145820fbe110e8ffe108ea1535bee431634b965502159d65ea80afb48708f31c38c899a371854edba372de228eae0a83d77f144001cfed03a4a5d810e35cb7431e906ab80cc24e6165b4433e54d095f6380340f468152f75d778adc76e9fabca0dea917863d4ad1b958c53fa71ac1dcfcd99e10fff2a5fa01e75485cf2f116886ee450b5a3f6fa9abb"})
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)

04:47:14 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
syz_open_dev$rtc(&(0x7f0000000080)='/dev/rtc#\x00', 0x0, 0x3042)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:14 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
setsockopt$packet_int(r5, 0x107, 0xc, &(0x7f0000000380)=0x401, 0x4)
r6 = getpid()
sched_setscheduler(r6, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000200)={<r7=>0x0, @in={{0x2, 0x4e23, @multicast1}}, [0x0, 0x7, 0x2, 0xffffffffffffff01, 0x9, 0x40, 0x7, 0x6, 0x3, 0x6, 0x9958, 0x80000000, 0x2, 0x80000001, 0x100000000]}, &(0x7f0000000300)=0x100)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000340)={r7, 0x12}, 0x8)
r8 = syz_open_procfs$namespace(r6, &(0x7f0000000140)='ns/mnt\x00')
ftruncate(r8, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SIOCGETNODEID(r3, 0x89e1, &(0x7f00000000c0)={0x3})
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RAUTH(r1, &(0x7f0000000180)={0x14, 0x67, 0x2, {0x0, 0x2, 0x8}}, 0x14)
fcntl$setstatus(r9, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:14 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x200e0)

[  864.634516][T25474] FAULT_INJECTION: forcing a failure.
[  864.634516][T25474] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  864.660390][T25474] CPU: 1 PID: 25474 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  864.669212][T25474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  864.679273][T25474] Call Trace:
[  864.682589][T25474]  dump_stack+0x11d/0x187
[  864.687035][T25474]  should_fail.cold+0x5/0xf
[  864.691570][T25474]  __alloc_pages_nodemask+0xcf/0x310
[  864.696938][T25474]  alloc_pages_current+0xca/0x170
[  864.702019][T25474]  __page_cache_alloc+0x17f/0x1a0
[  864.707054][T25474]  pagecache_get_page+0x251/0x700
[  864.712103][T25474]  ? delay_tsc+0x8a/0xb0
[  864.716470][T25474]  grab_cache_page_write_begin+0x56/0x80
[  864.722151][T25474]  ext4_da_write_begin+0x1b4/0x860
[  864.727300][T25474]  generic_perform_write+0x13a/0x320
[  864.732663][T25474]  ext4_buffered_write_iter+0x14e/0x280
[  864.738345][T25474]  ext4_file_write_iter+0xf4/0xd30
[  864.743471][T25474]  ? common_file_perm+0x1d1/0x490
[  864.748621][T25474]  do_iter_readv_writev+0x4a7/0x5d0
[  864.753893][T25474]  do_iter_write+0x137/0x3a0
[  864.758660][T25474]  ? __kmalloc+0x21c/0x640
[  864.763097][T25474]  ? iter_file_splice_write+0x120/0x830
[  864.768928][T25474]  vfs_iter_write+0x56/0x80
[  864.773466][T25474]  iter_file_splice_write+0x530/0x830
[  864.778967][T25474]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  864.784910][T25474]  direct_splice_actor+0x97/0xb0
[  864.790035][T25474]  splice_direct_to_actor+0x22f/0x540
[  864.795425][T25474]  ? generic_pipe_buf_nosteal+0x20/0x20
[  864.801256][T25474]  do_splice_direct+0x152/0x1d0
[  864.806258][T25474]  do_sendfile+0x396/0x810
[  864.811067][T25474]  __x64_sys_sendfile64+0x121/0x140
[  864.817393][T25474]  do_syscall_64+0xc7/0x390
[  864.822072][T25474]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  864.828177][T25474] RIP: 0033:0x45c479
[  864.832169][T25474] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  864.851809][T25474] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  864.860419][T25474] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  864.868413][T25474] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  864.876383][T25474] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
04:47:15 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x200f0)

[  864.884898][T25474] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  864.893017][T25474] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000043
04:47:15 executing program 1 (fault-call:16 fault-nth:68):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:15 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x2, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002100)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x3ff, @remote, 0xb6}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000500)="44b94cb45d5a62f121412490ba792a2c3df5988704281348cd35364fb6c7fba7388d25622b259a22e5b30ab0ce781001a011f081973bcc0da5be51a6154c98d032ca449d3702c4b17d2ac461a9e1196965a7d92fbcc5df70d9fc17f9c86442b283fb00a1bab85589af33e30c14ae4ca96325556cf2dada4fad6cdb636bc4a9ba75720b53ba2f3c7f92b8c50411454cf9efbd4d860a40a4ac3bc8de8f60", 0x9d}], 0x1, &(0x7f00000021c0)=ANY=[@ANYBLOB="a00000000000000029000000370000003f100000000000000355a59f997e9db62cb0d8564aa74825bf0ac78e398fec98d4fc329c7e9a7aefc4ff983698694b85e7b3399af74c883039eaa16eea01b46f29cd987fd0497ada36fe8b2a5df52c5a176db7d0e54b420cfee35809637a1b040101040100c910fe8000000000000000000000000000aac910fe880000000000000000000000000101c2040000000100500100000000000029000000040000001d26000000000000c91000000000000000000000000000000000c910000000000000000000000000000000010401001f31effab0eab284a05c3e781cca49644325b5a1eb3ce8b4137604174efb8e667e18180de1cdec80d4065ecb67a549168273370738000000000c3d00020200000000000000ffffffff00000000010400000000000000000000000000000400000000000000010100000000000005020002000100c20400000008c20400000001808addc17d191c78cd135260aab255ed27a849577290c0b1ac578c54f34076e2d1befff0f0e0eccb950f6467f3da19ba44761d6363a54a5c3ede67382720e9765abd99dc60a8f50ebed6cd5cc643c0969cb50d0400000095759365cd65d94f53d230735aebca8a6aa4d102de689f414f0d964b0a717277aa3b7200f132a6585953585e399038fa5acd5565ec0000000000140000000000000029000000080000000900000000000000a80000000000000029000000390000000412020600000000fe8000000000000000000000000000aafe8000000000000000000000000000aa00000000000000000000ffffac1414bbff020000000000000000000000000001fe880000000000000000000000000101fe8000000000000000000000000000aa4eacf9a181b01baff9e4fa8439ce810eff010000000000000000000000000001fe8000000000000000000000000000401400000000000000290000000b0000000000087b0000000098000000000000002900000039000000fd1001250000000000000000000000000000000000000001fe8000000000000000000000000000aafe8000000000000000000000000000bbfe88000000000000000000000000000100000000000000000000ffffac1414aaff020000000000000000000000000001fe8000000000000000000000000000bb0000000000000000000000000000000028000000000000002900000036000000160100000000000004018000010001000101000000000000e7830bed9afdb863a1ece4a96ecc8d8fe9a27d347316cf15959402afca808116dbf9bd233401498bb0c474da5bffb50c0f58d06079339bfeb9c3675f70b38f89fa132c9ed7e35e9fd2bca1063123b01b21a2ea38d12d31e858b48b339f269cccb49c65e0fb74bdf526cc39b69d5b4ea31ea0b7a95d4ebf7c294a839853edf6aaf544060b4196725de4bb46382b1a7314292b7e0ec93123d3ae91649c289c537a158e2ea92612e25111083e5517b657e486b96f6e849da3d4e79d7830e07946e9a0ea2412c0696f057497bda1"], 0x454}}, {{&(0x7f00000009c0)={0xa, 0x4e20, 0x2, @mcast1, 0x100}, 0x1c, &(0x7f0000001d40)=[{&(0x7f0000000a00)="1efc02c8ce6a94a808b0623976de45ac3a6eae24a76e8ce655a67c9c7d51bbcc6a72c6024c00533f18b1c8aaf255150f51580a9dd6b5277288f737baf57327e6d3090a80c17c21329051e38896866454713b0d35d11acb92170ff796a0427618e6948b917dd397e621909bdd9435d7", 0x6f}, {&(0x7f0000000a80)="8c3ffab36346da78156f3a90689716e0a3dec4019a8d3f11d1532842eb830a45dfa4878150c2ad721d7ffb30003147bc28173c522fc6235ff4b445f433016681ec5f", 0x42}, {&(0x7f0000000b00)="69367696c7719f094dd1830f0bbed15552ecb736a15c0aff15251815e1aa0767f27f742c1f29b91a9e082f1cd48cc37354813f751e4a29eb6e2b1a8ac24e2a4219547d5834b8a2c0391d0863bfddb0026a2f63e3a3098e58fd40831079be210e2933e572e052925713bf8dcf59d6fc5cb38f9efeee2c3e036823f6c6ba42c2e225fd17c2b98adf20ab1fb5bffe77f06f6ce8a65b9a5f40cf65c43b4132a1abf27bef292d44318b94232a3f97d47992b067472453b965d4d7ecac4b62f06bcd27691695ea87a71ea07c6f3221f5de3b0270dc268386e2b13ba30916d1d5851c5aede69d4b618b229cb9d96f31ae2d0c9a7c613aafe5da94bd3e9b7d", 0xfb}, {&(0x7f0000000c00)="fc83c9241339137195d612e23af1a59ba8", 0x11}, {&(0x7f0000000c40)="6854b30d855f50bcc3d1bc045f53056d9bb01a9ce043ce9634ce79da4f1523d3ae3d6d25ab1624427f10308b361c89e4f25fb5b0605384a776c366a669662a499dd7e03024a657c754c0d649c8f7708a4e4cb675af963b47655517ca8fc35f299926a02216694453df33ea34c5d2dc93fded67a70af7a4d3c70926ee28e600be9aa6146630c613550dfeb341f4e4f59168578b743aafee62c7030f9c3654fb2c5162a4237638cf91d9633e420579050ec4c1d10b21a1425e724eaef1bf0c403cdf3fdddcbd2ef2d47acff7aa06ae8b6814e078fa09980fac14979351a64fea3ec926e1e8ef770ef4e7a503c8", 0xec}, {&(0x7f0000002640)="8b59d0502851aca3d3260fa1dea8e2a559bff0cd49493406546e7aeb59feef085802d88e44751d76305fa295bd9eed92173eefd95d88644e1376d955fa2a12c396f12e389d26dc5de06b964d83bafc40e9d8a6a5a9e462ba0594d5e147a2d29da1e0644880397277dad75f7fa89e1ae328c1f0a8c074c5bb535c47ff1e318243d355b84f593cb4727470b4c0aea719541b091c3890937922bf5e8a585030413a7e17cf5fb6266ae41cb8ccdb64435e1458750b611acd37f0727241c230aa5f87e19f32b5367a89f85c6132393b9eb908a40cb3ee0f0e8ac439242c9171d3e40a58ff98cabdfd694ea7947846e819729632c3af40b8c96f5c4aee46383e44223e146c0e576d7c13a14e8cbb1e967860e7d7de123524003d58ef35177a6e0512f83a444698ece9c5a339756358275c6fcc2edb89bb407f19268c013527b2188bd33062a07afbf9423ebd4424066295a673fd45d708cc5a6578db0475a7490684215322eb183a80f744f5f739718a7482bf05f59471cee0892f3bac9364dffba4877fd8dc8c8804425cf021d5214f345555f111c2defb7061f7f184a03ff6ca31fd467bbecd98e417209882c431c1b75b8bd755f7ff835c7e3239dc8f16a35bb4e963a52b8111b1087f56c78a0b52f40a8921073f54cca0bfddd7904c66ff0d7b4d0691745af806b35d8c424b1bb957d4a3a5fe13fefa8310be5ba647b93bcd0f03fe8a4f247a68b8d2244efee26e92404e90771031cea64ba57ab1cafd240f7e6fab98af1d57c6429bcb3de4083a7a454ed7792123561bdb991e086d0e5ed5e7d7e00f5483c5d88ec63b239587cd0103c99d5644886a730837256247ecff024832cdcd96ff5a79fd389feaa553502babdde144f035616e864bb36fe29370797cdac1de84d8e7eb56ba8edd425102cd8ebbc66eb23915ed5256d2c977d04c61f7eb47204a6005d8ce416287d123faf20b1ad5ed2068b1fa9e1db46e640bd39355fc6c3c9e7839f6d45909985c38b4be3fdcaa534debf5d66d5bdb9dc7a93cd437dddeda5798918012344d8b50fa0e1861965722c904ed712972bc169b9c4bfb9153ba745dc92565682d772882abfd9ae168790aeb6af1b2582a4565112e8dce1a21edc22d47ab589ea806adeb059cde18227c5f86be2ce18b7bc0f8ce55dc1e849d4d7043df21bf69832e964f5527d06b1a9b904f0c4d3535d9b4815cd3cbef401736abaeb2057d1456c3e081dd6460e91f10df03baff97d2ec6eb66513596324e62228dddc1e2612c0c117c709efdf45aab64b99c4580011e2bcc405f4698ea1be1e67e9ad33572b109af6d0da65f3d4f4301e2817ba6a50a945d72f1b2a7e145f3dc1065ae8a83f9314eedfee8055525af200ae6c58c3250f059dfd3b345946beb487e0d6f038325d7db1bf16dd912929efa1b85309f27703b8edcb46c43f16a81116f062e90591c2f580485c53a78669a8b274e126a497a10a073e2607b183450da48bfc1bf931aef2cf70632397573b292c17f9e76a3575385214ea13172c1eb4f0b97fc5df3f17be0b1387acb0c2299c606f3e62327ec52975508b2336d46aa4ebb4c97505075928b263cb660b3ed08f46dd7d5850228f088edea5ede2d095b8c0fd5b8141329e2952bea08d9fb1fc5f444b34f8fac030c92f2526dfd6b726ba0bce5e9de6c64d06514bd2f66c583e1562f053213b8e5172e2e3d0dcad25a2c2c71e8390b8a3ef94eb2b8046d65cf5a42df667c86ff4f203f7814f67fc30143977d99557ae7db4ed47eeff08c2140d2d66c0f5c3438e0527f5810c77d47c71493902be2bd734d98a8a11c539d05aec95327ea15d882346305a8c1bf0a8a4f3a6462badd8fafda13a663ff3e4468d2e985a9081d388540c4cb978ad375b75361581c5a87af99f8201894c230374ae83407ef5a7f0ee52fb2e59a75f823e037c9efa2a95a3cb5ff5eeac214d25059e4d748f55a57ccd2f4cbf39e1f199812d2c93bc8d88d5f6f9293df4937b8405054df53f7e2a3d0cbdf396f8a79bbe123dff6ca3236cf3627deec718854df74af053b609181b93d2c07bce632517c236848eeac415f5d135925131f4c04831c6cd3682c5811d1a63a411a6fafe84e36abc7e1d810a158edb2fb609cb01702fada7e75fd23c319569913a79f23c588ea98133741614f44def5329fcf7cfe6ff4cc9ad8f7250bc287b817ab1baa53c444d2f97ad9b8c674a9c1c383510480d70430396f354b38371fe0a023e37a1734c2b0542b6793180b906e6d2be0ccf563f618564d8ced4cf9bf1fd5770cdd01162191dc09930e0dfad82b0487c76b6fa0609a8ac2f12db50393a6d69fc2dd228fea94aacf2008c719ead7c211b2f9d0588f1bc5659abb575f30a6c317b52dfa793b023b93daebe440a7d237bfeaa7f544c803cd95fdbe1869e7127a76417a3a883ccb4953e6ad38d209a2be82d322e8c22010713d5c7416d46f3c59adf109aad2b015c85f67f21035f4d01ce63659a8c2394661cc269b503104f0bf9e62ff2e047e6d361f22e30d9185cb6988bc4c532c4e6e89695646a362fdb40c60bdfc8ac9425ee8b74adf5e175cc6b1565dd3aec12a043d3c5a40355d73f8f1f2fb660b009a1583c0ecce90a31efb2f84a2d37aa35613833a9766ff4c3480b0dc73f18472bbcd2ce9eda8cffa6cfcb88e2829309e1bd05b3f218d23e67d0c8e1a20991a6a3abfc4ef35ac0b44b36dca8cf3b21b76f8cd8e306828160faf3bac9db94ddd560fe28d2d71e532f6f928d6ebbc875e21c423464373356ae325d7952d4a509029350fddad389718551fe6715548665c9ad221a2924940f4f5b50e7ea220f23c80d502d9bcf625016643f1d038e738c1eb2304e51c574aa5e0f1c4098c70b00599e6093d3bfe5d6a9658e3ed3116b7ce92b38398a6b0a4ac4abd8d784fbb1db88694975d35bab5a3b6bc22d72bacc28f972625b7051f6cb104519dd110f63611d57cf1e6155cfba923107f698eb30278f5eb188b70f4afe7f73c2292ceb8785c654b794ac4abe6abce41771080597261893f46a6241ef97b57b28497d4288bed7571154b34f7f801dda8409fdf2eb1702e9a742efa3a6de32b255391ae071af6de274cf8e5c38023b66e0c578d5abeb1c36e56300a0aceeef216ceafd3b8bdad8fc3903cd9518120330e3a5f5c88aa0100b3bfc2dedafdaaac0bf67644326af6472f7ce0c29b105aefdd872021abf14acbacaa6864685d74321d07198556d1b1fced6ea8c0083b9b4db33983e42465f4cdada3af3afa16c751a8c36a3ebb51400b5dfcd78f43f976a5fd7c005b62a3dfe89705c4a9a9c19a02f315c0d82547953facfe751f072fa2a5d46e84176a9f085b2bdece1cb0ad2cae13c00ddc8dd116f7631137be6402316dc295ab5f0b1ba4aac3c4e2a11b4f49a9724dd7de7cd43ba3e8180de1037d00c81e63dae5a7c75d1779be4195852d5585d6aa439b4529c21a441e450bc8db00f21654e8448171be5cf1aa77804cb2cc68372ed8db8eef216d809b401db2dab95beedf4cd80cf95bc9502ecf6e668567ad4f9c548ff5a3143bb078aef88ae6325e19c6736a064dd1ef04adbd58eab12ffa2b7a14d97f89474aae29c7ea59ab547d6ae3f2c61cb503762023a22c05631ec1254856de44c48f29cd7b50e7d2026bd7382a28a29507fc222d009f20c048ef3bb46c2e214daf34b4eb60c2cadeab37de04c34eb810f722c844920adc69ad109479edfaf4c77028ee64591acc7a1b337581f10124844c63ca8b0bb7e853004cfeeb4ae5666cc392393220fa9d56bf0605cc59698490fc6b61c99f1d2d5db4815265ff84d12bc9acca196fc39e913e5065f54038f6adce2fad22cf9f39aba0d24d24b91390bcede6f9c63c7f1376f8711def47af324de07850b426cf5f073e226bd086b37563fa6edcdeab53c75678531fedef7b733175d1aebfef72d9666e0157b1ab647a74fd2c093c0d9370d91e678df683077f88314cb5a0de33c2a9389d7b3c1ac7bb83ba44c7165d0d03bd35a62d0b84a4ef8845c542e9905a3bd57cae77cdbe6e5b0d8b4f2baf1dc32a411b38ccb2d49dda22986ad15f53c52b2852ed44e51e58a599c2f41036ed621307f4fac3cdfdd21f6abc3dd692039404d3317cec48fc2fbc85d447c1c7629b0bd1d9b63a6aeb96580a4cac294f06caa46ee0c2091b9d219ecc363c18504ebe245cf06a55c0fa06ff602414c8a8e78c744bcdec6436031cb6c7b4c592be6a7df33bdd0e94e2d0081ebc5188bacea8ed8a62b0a1f35bb7262c0679945078c217c2dc17f640dfab7c5b4cb111d88b1030e8f4bbfe39ba317ab0acf38015ccf4eb4ba4776027bca9eff5fc334a1da3b38de033a5869ebcdf5e865ea99edd50e0fbe69d62948c5a88e2c4a4ef7394f5d5bb738924d2f5b95004aa929c8185cb8898e51217cab83e412864a8ef7a53d95c76addb61155446c7ae0d5369e3190b173e2ec67cc05828d7e4656aad391443e919678626c6200c24cc16d3f9e60b51f2eb66074f18b506719ec4b471f674c256835b44c1056a96991ce3f74ef1978a01d1a95f96cec6dc6a554285ff0e70ba6b1b27c16d94e443bbfece6f99128921b3a3f69f8f437e653737a0f33b7f40ae7642d10378dbf9dfc83674e24e9acadbc946444978c67e5cc53bb72871db6dff95ef75875d7a6c40647ca814e97b2b485ebed2174511f379f328188edca0a2e55c2e96fc76b484d0c03a9cd3d32d105a12d6f4d8b4b365e65c119c66d70a42f410400324cfde65030dfe56bf03bc4230599d11fbec44c0d534d34610644b31753e61ff43236f8c63a2bbad51c4e8a6516ccd4fcc32ff1bd74e37363e902f83e73ee9e75763f7fc62f093681faf644f7150ecc6ad3c43c1a4b114546ca93ccf9bac2ec0d2b5b6e66374ccac50039d95829580d4768d8db83f34633f7c621050eb5f2cf9fc4ceba3d5251fff058a1f356e1c7e232ccc3162d215db598a9d6fb49cb5c877381c7b9c6a94f3bd754afd46a3398224aab9b336e5762040c19e67d9d1a66da5350b71d21b7e5407ed548a3bacbdba4c75e1b34b565753eccc39a22402c4d30aa003a9580696a9efcd446f6f1d635f5a740b1b9764e8eee6fe5c8dfbc937ad39b58aa81f1d0c8818160b3783151bd31c1b1b10ae108f593b07c0ec4762713291cdfa160ef24fe58049908a0836508a0666a35b2c264398a7d0abd29c59ef4d00f542d1abfb25d495efdd6d7064d3257749ebe0428555b5385793446a252cd465eb70220d11b95ba6e0ee3f0858248140d8ad6de5278bd9658bca6766e209436c458bd1c48fed41c6a95f7b2b68297df376bc95148bb99a7a9c4e9e631e7783f449e2ec4d87ae3cbf537098b1a7881bcfb640c1820df959b82f7bbfcf9d3684d6f5b02459dff26a278fc325f1eba34fbd4bf3d24e4c60b0ea06ebd54496c7d58bba1ac5f7074525c385eeb2c3d7a6cb6289e3720e8f3e379d1b4c850dd5503462d34ff4fb6fab6dc135892759b50f7be6a27bf8f4d458b3a099f1693718f4815a79957761129d277e1482fc34a6115359d6efed9ff22a68745cea437f6454f7768d2b383bec60e06c7b0dbc2caf20e425b5b8a8b8080cc24b7cfa206190a4e64a471850f34073bc744c03d584b3c24ec04220410731f4ff6c1b2c2fa436ba13d4744839c187e3293b3a7460c8c3bf590faf34a7a912b7137066d8e3625a4200d5576eb908051f21ba1a008e0fb3fb3e21308da490fe9bf299589040346dd648fe756d3724f6ca95a9bbcd1142552e0b0", 0x1000}], 0x6, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1400000000000000290000003e0000000800000000000000680000000000000029000000370000002f0a0000000000000502001f07400000d170a3b04da6bd240000000000000800000000000000de040000000000000600000000000000dc5f0000000000000000008000000000803200000000000000010001020000040120140000000000000029000000080000000180000000000000480000000000000029000000360000003b05000000000000c910000000000000000000000000000000000502000304010705028000c20400000004050207ffc20400000004000000140000000000000029000000430000000800000000000000480000000000000029000000360000003b05000000000000010700000000000000c20400000003c910fe80000000000000000000000000001b0502001f0502000900000000000000"], 0x140}}, {{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000001f00)="46604c0c08a87cf645015208b09d70d00caa810b04e5270e092def75cf35dd44948458fc94ac147b13e6dba57794d5e6ab33c886119a1529ac64a5a42e38797989858ff27219be3525eb0c03021642334034b9", 0x53}, {&(0x7f0000000640)="727e842c409db3609797e6ab3b35dce2d3f782983adab70de73dbe85ad904d998032b6945b0f44082c2f3341d409012f75b6ade25ca0acce3d277a69f941882e2faaa75c1be51fc579e34fd61aca5979675bb33f004fbaa0c053f47564ec5abf2c79c5d401f81e43c6a822af98", 0x9}], 0x2, &(0x7f0000002000)=ANY=[@ANYBLOB="3000002900000036000000d9ffb1f95109a4cc3af84bcb0819998703000000000000c20400000001c910fe80000000000000000000000000000b0000000000000000290000003253e93e9e0000000000", @ANYRES32=0x0, @ANYBLOB="000000001400000000000000290000000b00000000000009000000001400000000000000290000000b000000000000080000000024000000000000002900000032000000fe800000000000000000000000000017", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00'], 0xd0}}], 0x3, 0x20000814)

04:47:15 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$EVIOCGMASK(r5, 0x80104592, &(0x7f0000000180)={0x16, 0xfe, &(0x7f0000000200)="a0723a83dae7f26aff0cf5a08e1dd593eda1054ad225c6a12b32922f9fbca35eece16284e5e861a0be5aa48cd5d6d278f9bc49fd9429d8cd97aa9027a4781f99bd02b350167cc6632ced34bbe73714c9e3ec6fc2c90e38ab00ffa1eaf144ba26dccce1473ff520b017861856ea901b23e42f893d9580286e7e289ef8a8f7cf0c2150de8995fb037a280e54e12e346df397d6a941632aa6d70bfc15f3edbd63f4a4b3d3632969f6a42289295c7523c315766fe56001086afb6e94e123b424b5218503a3acb175138e7af66a867ff6a52ea5ed0be07c7a766c8f1dcfc75f063a1c8b0435d53d8d2ed35423fc63c5bad0ee0b30aa0ae2efcd1d78b4bc945444"})
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
utimes(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)={{0x77359400}})
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:15 executing program 2:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in={0x2, 0x4e21, @rand_addr=0x5}], 0x10)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e25, 0x0, @loopback}, 0x1c)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/seq/clients\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
accept4(r6, 0x0, &(0x7f00000000c0), 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
write$dsp(r5, &(0x7f0000000200)="220fd9227f3fe0dcd6f8b492263c51e19540b6798b4dd9042ca8b4f2046af7776fe1511e492304e7e50622fd34ef7a5a242d4c99ef23d79c2682a1501e161d2bc33d14ca81369fd851c4888e9090ba3f9693a13482291eea52ba8ed4d4693511487f6a3678456a9a7d78d9e3494d188468ae8b98e883dbee06689789c9faf93c47d4d1e58cd9b0f4d2c9be8cf9108866e3a4467facae7dab19f743a6b49d1f675de6c6f4b2dc6f4cd76dd5a262867845eed42fe0ac82e05e2c67bdc2e4961f9548cbcc1f7d650314ab95225a8ecd73c4323daf3bf0ed8a1d1634d0bbfb56da24d1d377e85ca85b95bfb97267ca957d20c1df2db30c68963d46d8cd5024983ea1180fcf9e73eac4f2f9e90a76f52c0f10ddc0ab497a0fdf956815930adc56f3c42db11a614754cc85a0cad0b40151f8599385ff10c18d7df817cdc044efc90ba9e7ddcb2dc329cc9c7da5573e2e1a429e1e447d4824d82acc2673f19b5507c0b15de94c3153a617f0982f5d2ce6df2fb00be10984373be7c0f027a9e97c31eddf778e9a83e23fb98e779d304e3af55f3b51752fb28933331a6ac36b5d3451a9e2b0fa04134c7c4169a9fe734ddfaf70a2f614a9c3159c24de8a5ffe16d9bea816ec8e95a993d5c3402af556a8d5c81173b988cfe3c464660a59f5a6319cec3633886c08c088ee46f718845ff57bc5e58a09cde70dccd36da71d4ee7b429afe9bbde22b34bedcc9dab112fcf31dd7a57354fcba5b566efe3b6802fb9d358c37dcd347eab2001b94b21485d7cb2268cac654db574481bf1b15d371252759eb619835a16ef7b0f3684ee457aeafff371849b56b42ee8644f90ee97daa5432bf5a465aef867fd8704b501c4da0617d7a6e856f21362d77e2cab43994c226297de579f925cff53a73c22ccc71224ded9f78c110dc3288aa7badce01019ed4f65582122796640b1e8280b84def251fcedef904075522e873d6b67932438d247b614c1b921614a22098036a25763424764f14211c578277e2d6ec3c9a8c27e20a3cf0459488a6e5cbc745839d31781a042245319d7cfebb46e059960ee5b2a14929a2d4270d0c29ae93b1f4415f2f1493aa2f5d7900d025fcecd2bca13cef2b4c8fc109f001ceb221b69048e4ba28947a0cb87b00ae3b99b0e8cd662561819770801b07e39c59dd1f177867116a97a1c0b1bd7db6387cafce3a674cac613cb0e9732129dab2553a1d229428ad8a1509b6f3a0681255a41e10c679a1d1657e5e26ecb6b16080d75aa2c4ab24c0e690023b38f38ea24916cc1e025343a9a885713a7e4a074efd8f1ebb37357598667581c6aa7f64067f7ae658913f532f7d08da603aea0ed2ac283822e545b00c38265b927e5c5cc9b2be5825df04027c9004dbf7951d1ba9f5ffc09bde7fd3b66d910b815030b56cf773df78ff08fc2fc3f75b6f2eb060314dce33831b06e435f61a90ac3023c24571a93d7360e19aaa31309ca08e2b8e16625b69634910e55bf6977c87dda6fc928d0ffaf8681745e84f2d42534d7ff0f1d12a4418a5583efe6b60d953dee8bb94c20d269a45e1ea4bffe5da4ccf5d7b5fd16d3b7c9805286fa9644a889ef67626950dbb991b5dfc2b99274a95eed083affd07a439a5888e27b92090c6f1b30b8cc7c55909cdda7e95f61df9fdacd139200140d7cf864137ab484874b852c7ff7291dc0563a4462ee332caa83110e0ca539cef4366a3e15ba0dfde8654dec0592018c9902afda98f54ce5e4fc977e8457289b7e8cbe80bd073aedde26b60663de7ec7e9a3c39ac80d5454287611372585bc0f2826209b746eb54e3b63a5822b7c55436420a39944937c31a95f1f85bc5e85a23d9d576db0700de65b6ebc4af37d598da4e405f85bb7173e891b988233b754972cbc24dfbb47750693164a87f0d7df08c6124624b6724b11cb9f2f6a30fc8a0ebabba5c4a33397b1489846c1cc67c30075a185f44b6554ec4b0da4998f687f5472f62396442b6543d91575e69e121eb96c89cf71bbdffa950a120d1f99697d694e4707224fbe93da7debbbb2a8761acb11f0236c2fda8d80931f7e97c92a1d7cbf937f7dcf3b8f84c81abe178f32007bb0019d045c2b11f2e05630b8030da07637c54c6126a75e4d09988bcf68a9e9955d5fb1f3ba58909201860a567a52b770b39d171bf34f75ac70921d07778d7c6b74b23a16ce6c3f42f43f124670553ed9c69275ff990716e1ead145e55158896a249b8d98947a715aa5d4c08d0593dd559762cc0233c29028f79f1ea3d8022f928ebbacb4a2b787ebbc8501508b05b4c240f8c3b56815d4f41c8ea26c8e88161de5f1cabf6f4647a17b507affa3328d7a96aa33944a0acfccb5c8e71463b8387f03f87897f4c81d39690dec74f6bb24c2faf7de5360a296082a470198d9e68a50d3f3a526c70fbcf17e4ae09268a58cee82da7175f22971d2281d0fe5fa337af83651485f3f89cd042e2708c6528f037bbe4b5a26e6d8be1bfe50716071cf89f607d3a3f44b86083eece4659f6269bef61255c4c56d6fdd17dd86b38a4ea37078c6eee27909277b203082a02aadb15b70a1def04fd0db6a27a7422b17d971e2d7db756d0ef4e6edfade824fca3c79f308f7e31b4ba0ce6850815bda236c845bc7f95bfc940f8716b99e08d74428951158b8af5721225705c34e62072dcde14818e3e4910749e4467e543c145fca132a54ba3d5e7b307c2da20f389b6e7cfcc0315e9ba28f4b614959e74d4a1accb84f643b27d733df6aceb14fb395dd4cd5c4ebd5411b94c6abb361a859b2329463f4450b78b7485a5ec00489c50bacf92ba5028f08cfbcdb4716bce0cdb79f4e7987edef5ae78d8aa5cca61aa30da6d8704870048ebc1506e16dc82e0b6f0bcaef38d83d0ef6f3b3de608629a7960d157c34d0e635c2f3a0fbef70375c1e7db56b202f0b466bb1b599ac443aee99305dad2c0c723fe24d7ae2cd4b7dd8fa2f2479e81a9d28d793b55333f6926a52b873260f5067a9d6d5a3306069d68cb2557623f40f651076f0e48533874bbb104fd1a400860af2c5258d6299fa0360a978830cba0fab58e42b0e5fc5314f992165b7547e4fef48d6f2f5a1d7d277d0c6a0025a5258942b9dd551db8940f905f1231cfb4bde20e8db79ea67558b36510421e2009705e498f783a99ba0d0f04ac640baab81da36d538268fa1ff3c5504c4aedf87a53cadc39c19c7aa13cb84c7e21b5786f88ae567f2dc55a8de36b406180462fd324267e2e21db79cea97102fa449f1543f0bcbe234be026fcfdfd00939ffb3a26ab7aa57aab41d12ce178e464219b03063578154a5ab3a829dda6b43b4ebbf6028ea57cc65c92539fdcc9bef386bfeae6fefee411c221abd911fdaf809b422321c21a62c6f444580483ef0891600f9e79cbbfd478a7f1760a56409ece6bd002d15a265fb419600f889413c2e7782e966e496841867d911fb59a4b39f635edfab5c75320b9376c15df1592e51f432255e214bb390bfad5d68952748d0491ab82e54038e770afed0f02aa4ee3e7fd2022b187ae9769f4067f019f40d04aa9154e4003c17945068a3bc430f74f07341aba0b904d85052e87b1004fa19cfe2aed3a6eb34b2bd9bd247245a2ee94ae464da26e907848277a8c96bfd92f1c26139ade6994a84822b8e1cc27458a4dcb6332a58a5fabf7a1485fc33ceaee545e59092371d52b268e130500729b77e79ea8d5c07d02c7914e16bab92022cd70bfb035b3786acfde534d0007a43bbc671051e3156020356681f0f3f34f17f9a0f06cc6b1a16a70168f93f18c4a4e052a21d436b2c3988e14848bc78ce430619375e9bfcd18181be5cac1c2c44f2ec0e0557d785eefcc31e09e137a722c7c8e5e0a76b56196d875c2a80a43291f0e1e3581f1bbfb9b55ef6539c98606aea2d0497b603debd3ac3d3cea1ae9f2d21688d2e6961e5d234ef85ee87460a7b8ebadf3a91759bfef84d2f7525a4c30550fdff0af2ffaa1e840b1d8e3786399db09080ee6bc664712bcda07b062043693bedddb7031ce52fc0d020bca9ba301cffc95d698b96bacf9552be5c93db300fff5376c7603c168bc203baa44537d92e3dddbe967e4c8b8e4a380f5b319908952a125c7c54ec589a42518f32a3363fd05914c50070b8c09c0dad5b011d3c210e4c7fc6dc28b7fccf7297fba71333c1b69e1023078edca49417915447116ef6769adef652a35c4a6bc06fc3db7ec6dabe64cde417b97909a10fa2f08d4d26b7f061b752fce1a152f2d56acee6aa9804d8f5f9cdca162048d45b1a5938ea9d90e9ab275c7c1aa06ac253bfdb3aa7b2aaf9d1d508f18d480d414866fa196548a3fcd4bd0cd46db6d4bd4aacdeee23830d592d98ce4924aa2dfe221283278c087664419fcfffc06df27cec154340bb6d115d5e48f187485701e56cd86471254d76742c73bad0aa373773d36da211440feb350a1822587634e302bf74c056768d5b335d2728a2fa58727496ceba8604fa0405271bd4beb502d2f2e5c7d4bac1c0f9b429fef07c339b116697cd276f871970f0bd31c4ab6dbaee19222400ddd8643bea6d1d890d94ebe475c090a536b3bd00f8a272e9f155fe93d018be55f7ab7f401e7a2a3eea35ebd00ca5660b0f9d8c5aa96ffcc759c84cbb699ad6d3c725c35ca8b9479cea0e814c825c3d63a1f4626bd4f0c45ebb181671eb44111b8856d4f79ce5dfda5fc812370a05676fdc500c6b6ac4ba9db43fc4d04144a6d65e925614fd3a10f1ee64e364e35d18661fc0ed726192463785039f2a2d40bfe3e5ef5a9b32c6ec775be92e2a35d4f1c6ebb72fc8052f0bae4b4646352fc102e3c8b608143c320a2315572152680ddc02f8dcaf2a0cc4dd1593695fca9e42374ac0a7476440f304d3d8da9b3293c205847d75f2dcf97d86677b12ed6aa7b85529bb4bb7296f4433f925e88445b01ddcc84614b29278c82bb3085a1f792eadd0ebd6cfbb522b0affee3edead98d621a7f1f82eeb509a323f2aafa3f687deb90168284cbf9ba62835d8ef10c51c2d01967ee7fbe779fbb8dd4f2bc7b2156313b184750febd805b2e61601176282325b07ed9a4e31935b69caf794d9d2b447acf5f4bd0208fccc2217b77e5591b7a5ac138d80f7972e09f707db070eadb8bffeb65150bc50d61e88efc251266d617eec1cfa8b9799546d07cedd05a4f66f739ccf0a2b345b2b9dc23be01c011a047fdb9ff1064bc46141d5015347c08520757a91048f0053146cab93dcd6015bdbb6b38577052eb8a5c289e58c1c30dc809e6b2777a9cbec66086c385612b249613e145b676eca37ec3488668c7059cb860525dd323fd470e6efa0f1ceae60cc9410fd6756efd1d4c17947dfbea441b09f7d9ef562b2b9289f799822bb5e4ab55c1fabe171ef41bcaf58d8ede146aafede3e520273574b36d2e71842ebe316ab27d6f3b9e8373210e37a789cd86c00ab329af1b0ff991a8f4f0d86a8b42c7fa9df5aadb70592495cb16cc8e9707fcb11fa517c7fdab343533fe85193f2e9885a2f15fc615846b22824c7e3e7aada689858a69008a451608f36394de22ea617db0074da0bab5b379fc6f05860f01fe0d25c4926b2fd845c60c29b52c6efb82b24697d8ee1b0c47c73b4a6b3e219e0752c891c76976a6760caeb6bae0141754a5b11558f31132fd894f295141b839c59e8792241f7231e76de731f3eab7ce491ac3394e227d60feeff7cabcdb585370d2a6bd6484728fe373515b47e1bb7993f734362832273d7a495211d00009ece4cb55c15", 0x1000)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x9)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:15 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2ffe0)

[  865.530182][T25498] FAULT_INJECTION: forcing a failure.
[  865.530182][T25498] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  865.578515][T25498] CPU: 1 PID: 25498 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  865.587328][T25498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  865.597392][T25498] Call Trace:
[  865.600838][T25498]  dump_stack+0x11d/0x187
[  865.605380][T25498]  should_fail.cold+0x5/0xf
[  865.609924][T25498]  __alloc_pages_nodemask+0xcf/0x310
[  865.615350][T25498]  alloc_pages_current+0xca/0x170
[  865.620415][T25498]  __page_cache_alloc+0x17f/0x1a0
[  865.625533][T25498]  pagecache_get_page+0x251/0x700
[  865.630630][T25498]  ? radix_tree_load_root+0xb3/0xf0
[  865.635856][T25498]  grab_cache_page_write_begin+0x56/0x80
[  865.641584][T25498]  ext4_da_write_begin+0x1b4/0x860
[  865.646753][T25498]  generic_perform_write+0x13a/0x320
[  865.652126][T25498]  ext4_buffered_write_iter+0x14e/0x280
[  865.657710][T25498]  ext4_file_write_iter+0xf4/0xd30
[  865.662857][T25498]  ? common_file_perm+0x1d1/0x490
[  865.667959][T25498]  do_iter_readv_writev+0x4a7/0x5d0
[  865.673219][T25498]  do_iter_write+0x137/0x3a0
[  865.677927][T25498]  ? __kmalloc+0x21c/0x640
[  865.682370][T25498]  ? iter_file_splice_write+0x120/0x830
[  865.687944][T25498]  vfs_iter_write+0x56/0x80
[  865.692468][T25498]  iter_file_splice_write+0x530/0x830
[  865.697903][T25498]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  865.703797][T25498]  direct_splice_actor+0x97/0xb0
[  865.708750][T25498]  splice_direct_to_actor+0x22f/0x540
[  865.714143][T25498]  ? generic_pipe_buf_nosteal+0x20/0x20
[  865.719807][T25498]  do_splice_direct+0x152/0x1d0
[  865.724960][T25498]  do_sendfile+0x396/0x810
[  865.729459][T25498]  __x64_sys_sendfile64+0x121/0x140
[  865.734803][T25498]  do_syscall_64+0xc7/0x390
[  865.739406][T25498]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  865.745311][T25498] RIP: 0033:0x45c479
[  865.749369][T25498] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  865.769859][T25498] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  865.778303][T25498] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  865.786687][T25498] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  865.795095][T25498] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  865.803418][T25498] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  865.812175][T25498] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000044
04:47:16 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x4, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  866.510192][   T27] kauditd_printk_skb: 120 callbacks suppressed
[  866.510236][   T27] audit: type=1804 audit(1583210836.784:8614): pid=25515 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/606/bus" dev="sda1" ino=17554 res=1
[  866.541765][   T27] audit: type=1800 audit(1583210836.784:8615): pid=25515 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17554 res=0
[  866.564483][   T27] audit: type=1804 audit(1583210836.784:8616): pid=25521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/606/bus" dev="sda1" ino=17554 res=1
[  866.590734][   T27] audit: type=1804 audit(1583210836.784:8617): pid=25515 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/606/bus" dev="sda1" ino=17554 res=1
[  866.615557][   T27] audit: type=1804 audit(1583210836.784:8618): pid=25521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/606/bus" dev="sda1" ino=17554 res=1
04:47:17 executing program 2:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x0)
splice(r2, &(0x7f0000000140)=0x1b, r4, &(0x7f0000000180)=0x20, 0x2edf584, 0x1)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCX25SDTEFACILITIES(r7, 0x89eb, &(0x7f00000000c0)={0x6, 0x6, 0x401, 0x9, 0xe8, 0x1f, 0x1, "a9bf97a0f148f05534bf91f4963f5d5f44edc9fb", "e06a88bd39980bb33dbf1af1a5d1c44e03daf063"})
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:17 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0)

04:47:17 executing program 1 (fault-call:16 fault-nth:69):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:17 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2fff0)

04:47:17 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
exit_group(0x5)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)={0x54, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'smc_ib\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'mad\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x9, 0x45, 'issm\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:17 executing program 4:
creat(&(0x7f0000000100)='./bus\x00', 0x0)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x7, 0x460200)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mixer\x00', 0x92000, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
sendfile(r4, r1, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
ioctl$EVIOCGABS3F(r8, 0x8018457f, &(0x7f00000000c0))
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r9, 0x4, 0x42000)
r10 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r10, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r11 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000, 0x3}, 0x8000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r11, 0x4, 0x0)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ashmem\x00', 0x4000, 0x0)
r12 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r12)
r13 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r13, 0x200004)
sendfile(r12, r13, 0x0, 0x80001d00c0d0)
sendfile(r0, r13, 0x0, 0x8)
r14 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r14)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x4}], 0x1, 0x40)
r15 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r15, 0x200004)
sendfile(r14, r15, 0x0, 0x80001d00c0d0)
dup(r15)
setsockopt$TIPC_DEST_DROPPABLE(r8, 0x10f, 0x81, &(0x7f00000000c0)=0xffffff81, 0x4)

[  867.566950][   T27] audit: type=1804 audit(1583210837.834:8619): pid=25527 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/607/bus" dev="sda1" ino=16577 res=1
[  867.618646][   T27] audit: type=1800 audit(1583210837.834:8620): pid=25527 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16577 res=0
[  867.666413][   T27] audit: type=1804 audit(1583210837.874:8621): pid=25535 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/657/bus" dev="sda1" ino=16769 res=1
04:47:18 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00')
sendmsg$NL80211_CMD_GET_MPATH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x20, r9, 0x2468825185d9173d, 0x0, 0x0, {}, [@NL80211_ATTR_WDEV={0xc}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x20, r9, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x20}, 0x1, 0x0, 0x0, 0x8845}, 0x20008040)
close(r7)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r7, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  867.761154][   T27] audit: type=1800 audit(1583210837.874:8622): pid=25535 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=16769 res=0
[  867.780548][T25541] FAULT_INJECTION: forcing a failure.
[  867.780548][T25541] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  867.821490][T25541] CPU: 0 PID: 25541 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  867.830277][T25541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  867.840346][T25541] Call Trace:
[  867.843658][T25541]  dump_stack+0x11d/0x187
[  867.848034][T25541]  should_fail.cold+0x5/0xf
[  867.852723][T25541]  __alloc_pages_nodemask+0xcf/0x310
[  867.858044][T25541]  alloc_pages_current+0xca/0x170
[  867.863117][T25541]  __page_cache_alloc+0x17f/0x1a0
[  867.868524][T25541]  pagecache_get_page+0x251/0x700
[  867.873634][T25541]  ? radix_tree_load_root+0xb3/0xf0
[  867.878900][T25541]  grab_cache_page_write_begin+0x56/0x80
[  867.884596][T25541]  ext4_da_write_begin+0x1b4/0x860
[  867.889947][T25541]  generic_perform_write+0x13a/0x320
[  867.894347][   T27] audit: type=1804 audit(1583210837.884:8623): pid=25535 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/657/bus" dev="sda1" ino=16769 res=1
[  867.895266][T25541]  ext4_buffered_write_iter+0x14e/0x280
[  867.925016][T25541]  ext4_file_write_iter+0xf4/0xd30
[  867.930324][T25541]  ? common_file_perm+0x1d1/0x490
[  867.935388][T25541]  do_iter_readv_writev+0x4a7/0x5d0
[  867.941038][T25541]  do_iter_write+0x137/0x3a0
[  867.945853][T25541]  ? __kmalloc+0x21c/0x640
[  867.950465][T25541]  ? iter_file_splice_write+0x120/0x830
[  867.956064][T25541]  vfs_iter_write+0x56/0x80
[  867.960588][T25541]  iter_file_splice_write+0x530/0x830
[  867.966013][T25541]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  867.971846][T25541]  direct_splice_actor+0x97/0xb0
[  867.976903][T25541]  splice_direct_to_actor+0x22f/0x540
[  867.982775][T25541]  ? generic_pipe_buf_nosteal+0x20/0x20
[  867.988404][T25541]  do_splice_direct+0x152/0x1d0
[  867.993562][T25541]  do_sendfile+0x396/0x810
[  867.998104][T25541]  __x64_sys_sendfile64+0x121/0x140
[  868.003340][T25541]  do_syscall_64+0xc7/0x390
[  868.008246][T25541]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  868.015201][T25541] RIP: 0033:0x45c479
[  868.019135][T25541] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  868.039983][T25541] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  868.048460][T25541] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  868.056506][T25541] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  868.064531][T25541] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  868.072526][T25541] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  868.080684][T25541] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000045
04:47:18 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0xffffffff000)

04:47:18 executing program 1 (fault-call:16 fault-nth:70):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:18 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000f14000026bd7000fcdbdf250800030000000000080045007372700008030000000000000000030003000000080003000000000008000300000000000800030002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000b2f9e5d5ec9aa536de157be84d2e0bc6d65fa5195d20cad63ede5aeb04ffffa08c04ba2cde59754a6f8ec120956b5e8e746855583592165913191efce430dc293a2a43ad5d592d0e3baf23575927892629cb20aa2607b99f64f84e46115314e84bf895c724c3385c03339269a6ae97668c4dc62e8ec3c49dc4fff1b81d6d6eacee88b61a46b17c771091a836bd81aa41eaea6411dd17b8c9a4c2a2a03bc702b37700"/181]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:18 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x401, 0x400000008d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
pipe2$9p(&(0x7f0000000d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c6673636163687ac6673dbafa652c616363657398466f1b9b10f09d74656e642c089387d6324d6bd4ea6c1cdf5a21c8a5b175137e1876a01303a375a64ca0c51686964195bfcbf128be0dd20800000001b8b04037a1317da78960f8cbbcbd7ed6fd1123412aedee3f6bda2a6f02c19e73ced1bb6f3afb9872ec"])
syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000019c0)='/dev/sequencer\x00', 0x1, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$BLKGETSIZE64(r3, 0x80081272, &(0x7f0000000040))
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00')
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000640)={0x24c, r4, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x7}, @NL80211_ATTR_PROBE_RESP={0x22e, 0x91, "ab444e4f1b106b3d4988d22552a8ef0f07687a0c668389bc6c66d4fa9d2b88baa35095eb48d0985d9989c6ca1667ee447a58d03b0b70e15b4543fc7b5ca4d7c0b6bfad25458ad8efd7e0ba475518c939ea486580c82997d4afc7bd507eeab8984fdd44da7f528c69cb6cb334c4d5f8dbebf9bd26e793bbdbb214213cc2d70399ed26324b278736b16bfb5c709a93cf44292edbb0c7df12f46f62cd40719d1e8af927005b818659e8f6ab9d4bf9bbe6d1255ba79eda8b05ac61826ed601a3842dc46796be703050227fcc6fd10889adb5b828e7b30234aa4dbc3f1052c2c5638af361f78ea304944314891d3543e33ccf168fc19dd94e203c0075e0a8611bd202074ba3c8c9c71b19cafce61cb7cd5df94a3d7421fe42a5b41744aaa29e385bc75381a5ee49d0d0ee6616e1c30a4d3ca6fffe9f98b88c04cd8bc4bcdd4fcae02556b4bb94544d58993a8ba7ea5338bcf96baa350f4d29671133de50ea98c72be4f0c784e99223eebbf4ab13498ac474260a7cae426b46db1d85d5afaf9751c73dee90e6b8dcb28cc5edf8b16be1ef8a78f40b371cb07120ea027628bd33d839f9c46d2616d4067aa74471208915386b91f520181f5fca9f636ddb2ddc84ec19590fea61d77ae2ff1b7864a7331fdc289b4412c9aeb45b5a5ea563d91cd8c751ba78877bad4bb3f4a927dbb23a0c868ad664c3f8b22e4235e9bccb00530e9b5ce1224fe945af97fbd514155074446fdc29b3d93e7b7f1d2ee42aad3bc1cddf43ae4a52a44279fc4a093a40"}]}, 0x24c}}, 0x4048805)
socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(0xffffffffffffffff, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r0, r5, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x143042, 0x0)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)

04:47:19 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r5=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r5)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8)
r7 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r8=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r8)
fstat(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r11=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r11)
r12 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r13=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r13)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, <r14=>0x0}, &(0x7f0000000380)=0xc)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./bus\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x1000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}, 0x4000)
fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {0x1, 0x4}, [{0x2, 0x1, r5}, {0x2, 0x6, r6}, {0x2, 0x4, r8}, {0x2, 0x2, r9}, {0x2, 0x4, r11}, {0x2, 0x6, r13}, {0x2, 0x4, r14}], {0x4, 0x3}, [{0x8, 0x1, r15}, {0x8, 0x4, r16}], {0x10, 0x1}, {0x20, 0x4}}, 0x6c, 0x2)
r17 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r17, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  868.692193][T25560] FAULT_INJECTION: forcing a failure.
[  868.692193][T25560] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  868.792051][T25560] CPU: 1 PID: 25560 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  868.801316][T25560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  868.811510][T25560] Call Trace:
[  868.814824][T25560]  dump_stack+0x11d/0x187
[  868.819183][T25560]  should_fail.cold+0x5/0xf
[  868.823753][T25560]  __alloc_pages_nodemask+0xcf/0x310
[  868.829167][T25560]  alloc_pages_current+0xca/0x170
[  868.834230][T25560]  __page_cache_alloc+0x17f/0x1a0
[  868.839286][T25560]  pagecache_get_page+0x251/0x700
[  868.844408][T25560]  ? radix_tree_load_root+0xb3/0xf0
[  868.849655][T25560]  grab_cache_page_write_begin+0x56/0x80
[  868.855308][T25560]  ext4_da_write_begin+0x1b4/0x860
[  868.860457][T25560]  generic_perform_write+0x13a/0x320
[  868.865781][T25560]  ext4_buffered_write_iter+0x14e/0x280
[  868.871541][T25560]  ext4_file_write_iter+0xf4/0xd30
[  868.876820][T25560]  ? common_file_perm+0x1d1/0x490
[  868.881879][T25560]  do_iter_readv_writev+0x4a7/0x5d0
[  868.887110][T25560]  do_iter_write+0x137/0x3a0
[  868.891908][T25560]  ? __kmalloc+0x21c/0x640
[  868.897327][T25560]  ? iter_file_splice_write+0x120/0x830
[  868.904204][T25560]  vfs_iter_write+0x56/0x80
[  868.908794][T25560]  iter_file_splice_write+0x530/0x830
[  868.914364][T25560]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  868.920928][T25560]  direct_splice_actor+0x97/0xb0
[  868.926459][T25560]  splice_direct_to_actor+0x22f/0x540
[  868.931869][T25560]  ? generic_pipe_buf_nosteal+0x20/0x20
[  868.937594][T25560]  do_splice_direct+0x152/0x1d0
[  868.942482][T25560]  do_sendfile+0x396/0x810
[  868.946964][T25560]  __x64_sys_sendfile64+0x121/0x140
[  868.952573][T25560]  ? constant_test_bit+0xd/0x30
[  868.957976][T25560]  do_syscall_64+0xc7/0x390
[  868.962602][T25560]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  868.969437][T25560] RIP: 0033:0x45c479
[  868.973465][T25560] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  868.994932][T25560] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  869.004140][T25560] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  869.012245][T25560] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  869.020232][T25560] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  869.028364][T25560] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  869.036790][T25560] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000046
04:47:19 executing program 2 (fault-call:9 fault-nth:0):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  869.290760][T25578] FAULT_INJECTION: forcing a failure.
[  869.290760][T25578] name failslab, interval 1, probability 0, space 0, times 0
[  869.307987][T25578] CPU: 0 PID: 25578 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  869.316693][T25578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  869.326916][T25578] Call Trace:
[  869.330235][T25578]  dump_stack+0x11d/0x187
[  869.334825][T25578]  should_fail.cold+0x5/0xf
[  869.339371][T25578]  __should_failslab+0x82/0xb0
[  869.344176][T25578]  should_failslab+0x5/0xf
[  869.348614][T25578]  kmem_cache_alloc_trace+0x26/0x5f0
[  869.354214][T25578]  ? irq_work_interrupt+0xa/0x20
[  869.359350][T25578]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  869.365686][T25578]  alloc_pipe_info+0xf3/0x3d0
[  869.370382][T25578]  splice_direct_to_actor+0x4b8/0x540
[  869.375773][T25578]  ? apparmor_file_permission+0x35/0x40
[  869.381535][T25578]  ? security_file_permission+0x86/0x270
[  869.387293][T25578]  ? generic_pipe_buf_nosteal+0x20/0x20
[  869.392874][T25578]  do_splice_direct+0x152/0x1d0
[  869.397809][T25578]  do_sendfile+0x396/0x810
[  869.402369][T25578]  __x64_sys_sendfile64+0x121/0x140
[  869.407713][T25578]  do_syscall_64+0xc7/0x390
[  869.412235][T25578]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  869.418269][T25578] RIP: 0033:0x45c479
[  869.422275][T25578] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  869.442431][T25578] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  869.451491][T25578] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  869.459592][T25578] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  869.468456][T25578] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  869.476551][T25578] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  869.484638][T25578] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000000
04:47:20 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0)

04:47:20 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000200)=ANY=[@ANYRES32=0x0])
sendfile(r0, r1, 0x0, 0x20008)

04:47:20 executing program 1 (fault-call:16 fault-nth:71):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:20 executing program 2 (fault-call:9 fault-nth:1):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:20 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x80000, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:20 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
socket$inet6(0xa, 0x400000000001, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="045b7f1ce5"]}}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000080)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000500)=0x20)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  870.765732][T25602] FAULT_INJECTION: forcing a failure.
[  870.765732][T25602] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  870.824788][T25602] CPU: 0 PID: 25602 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  870.833671][T25602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  870.844074][T25602] Call Trace:
[  870.847430][T25602]  dump_stack+0x11d/0x187
[  870.851848][T25602]  should_fail.cold+0x5/0xf
[  870.856469][T25602]  __alloc_pages_nodemask+0xcf/0x310
[  870.861795][T25602]  alloc_pages_current+0xca/0x170
[  870.871382][T25602]  __page_cache_alloc+0x17f/0x1a0
[  870.876445][T25602]  pagecache_get_page+0x251/0x700
[  870.881648][T25602]  ? radix_tree_load_root+0xb3/0xf0
[  870.886971][T25602]  grab_cache_page_write_begin+0x56/0x80
[  870.892626][T25602]  ext4_da_write_begin+0x1b4/0x860
[  870.897784][T25602]  generic_perform_write+0x13a/0x320
[  870.903121][T25602]  ext4_buffered_write_iter+0x14e/0x280
[  870.908716][T25602]  ext4_file_write_iter+0xf4/0xd30
[  870.913987][T25602]  ? common_file_perm+0x1d1/0x490
[  870.919162][T25602]  do_iter_readv_writev+0x4a7/0x5d0
[  870.924399][T25602]  do_iter_write+0x137/0x3a0
[  870.929169][T25602]  ? debug_smp_processor_id+0x3f/0x129
[  870.934722][T25602]  ? delay_tsc+0x8a/0xb0
[  870.939020][T25602]  vfs_iter_write+0x56/0x80
[  870.943549][T25602]  iter_file_splice_write+0x530/0x830
[  870.949002][T25602]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  870.958873][T25602]  direct_splice_actor+0x97/0xb0
[  870.963931][T25602]  splice_direct_to_actor+0x22f/0x540
[  870.969330][T25602]  ? generic_pipe_buf_nosteal+0x20/0x20
[  870.975147][T25602]  do_splice_direct+0x152/0x1d0
[  870.980031][T25602]  do_sendfile+0x396/0x810
[  870.984485][T25602]  __x64_sys_sendfile64+0x121/0x140
[  870.989778][T25602]  do_syscall_64+0xc7/0x390
[  870.994387][T25602]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  871.000298][T25602] RIP: 0033:0x45c479
[  871.004220][T25602] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:47:21 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x5, 0x4, 0x20, 0xe4a, 0x3, 0x3, 0x8, 0x220, 0x40, 0x331, 0x3, 0xffff, 0x38, 0x2, 0x5, 0x7, 0x4}, [{0x5, 0x4, 0xffffffffffff0000, 0x101, 0x7, 0x1, 0xc8, 0xffffffffd69fa6be}], "144c", [[], [], [], [], []]}, 0x57a)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  871.023944][T25602] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  871.032570][T25602] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  871.040557][T25602] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  871.048651][T25602] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  871.056732][T25602] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  871.064733][T25602] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000047
04:47:21 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x40)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000000c0)=',*keyringself\x00', &(0x7f0000000200)="2c031684cfbcfe95ac9ffd65126f2ece0f3e7bb5cfc920a69b37fac066879ce527c49368f69be91843cb64faf61a5a07f18d789d7583c4b8b769c56f79e3a912a0cb1a3dd7efb02326a5ff51286b6f5eca9c3b45ed758cc9012030989143bfb2c4aa747b0b643b0de8ff6313e57658b0ab055627dff8bccfbde3841102ba212280e2ea8dcfb4451d0e586c30f94c414d2a6a4c2800c8f3c28844d7bc59f51cb95fffa54cdfa839c4ca81253635b3d2e787a3d0e4c0725b700d22b4266c8a17dd08bb", 0xc2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r4, 0xc0205649, &(0x7f0000000440)={0xa30000, 0x8000, 0x8, <r5=>0xffffffffffffffff, 0x0, &(0x7f0000000400)={0x990a6f, 0x8, [], @p_u16=&(0x7f00000003c0)=0x1}})
r6 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r7=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r7, @ANYBLOB="00000004"], 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000480)={r7, 0x11f8, 0x9, 0x3}, 0x10)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r2, r8, 0x0, 0x80001d00c0d0)
r9 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r9, 0x4, 0x42000)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_ENABLE(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="24000000d3d58467de81d73f8557a515262d34fa7de712ed8003369d2b520c1231301da1a610d0c43e284913f8bf73785c61eec7cc4f82bf875494c84d4a004308576d14a3e9c3e50e3a4564befdadf1ea7b8b7c865fe3a8890b2a4cca62044b2d01ff2af5b9", @ANYRES16=r10, @ANYBLOB="6ffe00000000000000000300000010000180090001006574683a00000000"], 0x24}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)={0x44, r10, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffc01}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x44091}, 0x20000000)
r12 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r12)
r13 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r13, 0x200004)
sendfile(r12, r13, 0x0, 0x80001d00c0d0)
pwritev(r13, &(0x7f0000000640)=[{&(0x7f00000004c0)="1f0fe0fb488555549aa6e06b169ec149a270ab2f19dae5b41799a32f602ed3288481f08922076d3c0df5497ebc14071ea18c19f502c3d2cad5bb9e659280a1be042510f413ec97c88601c782ade858d9968678ef4bdbfe5f3a877923595643263008c5038a64cdc9222de3ec7004634052b524e10faf4bb55d37f5be8416c7df856289bd58", 0x85}, {&(0x7f0000000580)="a2f9b2068382f7dbd61209485e1a82d4da739287847c340a373b7041a23fcdb313a30abbe7fd7e403d47cb9150c70a6538bdbf9e8af70a1886c4f2122748f324408d028c137eeff1a20c28ea44e9e9c0c17418c4cabfe2294c79ad67e55e4f873084abe7cf12da637bf5e220b43c6f274dd4fb3b14ba59460f241ec8ee6676f3fa8042c42849da5189edfccca0e6d78105fb25c60ab1994f4a62f80cd0ceec336ed78924905d1bd6", 0xa8}], 0x2, 0x7f)
sendfile(r0, r1, 0x0, 0x20008)

[  871.096992][T25603] FAULT_INJECTION: forcing a failure.
[  871.096992][T25603] name failslab, interval 1, probability 0, space 0, times 0
[  871.123687][T25603] CPU: 0 PID: 25603 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  871.132404][T25603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.142647][T25603] Call Trace:
[  871.146055][T25603]  dump_stack+0x11d/0x187
[  871.150426][T25603]  should_fail.cold+0x5/0xf
[  871.154962][T25603]  __should_failslab+0x82/0xb0
[  871.159746][T25603]  should_failslab+0x5/0xf
[  871.164359][T25603]  __kmalloc+0x54/0x640
[  871.168529][T25603]  ? kmem_cache_alloc_trace+0x1e1/0x5f0
[  871.176014][T25603]  ? alloc_pipe_info+0x205/0x3d0
[  871.181034][T25603]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  871.186988][T25603]  alloc_pipe_info+0x205/0x3d0
[  871.191910][T25603]  splice_direct_to_actor+0x4b8/0x540
[  871.197442][T25603]  ? apparmor_file_permission+0x35/0x40
[  871.203126][T25603]  ? security_file_permission+0x86/0x270
[  871.208946][T25603]  ? generic_pipe_buf_nosteal+0x20/0x20
[  871.214551][T25603]  do_splice_direct+0x152/0x1d0
[  871.219457][T25603]  do_sendfile+0x396/0x810
[  871.224076][T25603]  __x64_sys_sendfile64+0x121/0x140
[  871.229497][T25603]  ? constant_test_bit+0xd/0x30
[  871.234535][T25603]  do_syscall_64+0xc7/0x390
[  871.239196][T25603]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  871.245325][T25603] RIP: 0033:0x45c479
[  871.249358][T25603] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  871.270609][T25603] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  871.280172][T25603] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  871.288298][T25603] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  871.296380][T25603] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  871.304492][T25603] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  871.313016][T25603] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000001
04:47:21 executing program 2 (fault-call:9 fault-nth:2):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:21 executing program 1 (fault-call:16 fault-nth:72):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:21 executing program 4:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r4 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r5=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r5)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8)
r7 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r8=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r8)
fstat(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r11=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r11)
r12 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r13=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r13)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, <r14=>0x0}, &(0x7f0000000380)=0xc)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./bus\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x1000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}, 0x4000)
fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {0x1, 0x4}, [{0x2, 0x1, r5}, {0x2, 0x6, r6}, {0x2, 0x4, r8}, {0x2, 0x2, r9}, {0x2, 0x4, r11}, {0x2, 0x6, r13}, {0x2, 0x4, r14}], {0x4, 0x3}, [{0x8, 0x1, r15}, {0x8, 0x4, r16}], {0x10, 0x1}, {0x20, 0x4}}, 0x6c, 0x2)
r17 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r17, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:21 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4, 0xff}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x400080)
ioctl$DRM_IOCTL_MAP_BUFS(r8, 0xc0186419, &(0x7f0000000a80)={0x6, &(0x7f0000000500)=""/32, &(0x7f00000009c0)=[{0x6, 0x9d, 0xff, &(0x7f0000000540)=""/157}, {0x2, 0x73, 0x4, &(0x7f0000000600)=""/115}, {0x9, 0x35, 0x20, &(0x7f0000000680)=""/53}, {0x1f, 0xe5, 0x769, &(0x7f00000006c0)=""/229}, {0x1, 0xec, 0x80000000, &(0x7f00000007c0)=""/236}, {0xfffffff7, 0xfc, 0xfa, &(0x7f00000008c0)=""/252}]})
close(r7)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x20000, 0x0)
ftruncate(r9, 0x200004)
sendfile(r7, r9, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r9, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  871.592931][   T27] kauditd_printk_skb: 95 callbacks suppressed
[  871.592949][   T27] audit: type=1804 audit(1583210841.864:8719): pid=25622 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/570/bus" dev="sda1" ino=16483 res=1
[  871.680703][T25629] FAULT_INJECTION: forcing a failure.
[  871.680703][T25629] name failslab, interval 1, probability 0, space 0, times 0
[  871.729153][T25629] CPU: 1 PID: 25629 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  871.738193][T25629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  871.748447][T25629] Call Trace:
[  871.752026][T25629]  dump_stack+0x11d/0x187
[  871.756391][T25629]  should_fail.cold+0x5/0xf
[  871.760932][T25629]  __should_failslab+0x82/0xb0
[  871.762090][   T27] audit: type=1800 audit(1583210841.864:8720): pid=25622 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=16483 res=0
[  871.765722][T25629]  should_failslab+0x5/0xf
[  871.765754][T25629]  kmem_cache_alloc_trace+0x26/0x5f0
[  871.796146][T25629]  ? apparmor_file_open+0xf1/0x770
[  871.801286][T25629]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  871.806092][   T27] audit: type=1804 audit(1583210841.904:8721): pid=25622 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/570/bus" dev="sda1" ino=16483 res=1
[  871.807203][T25629]  ? __rcu_read_unlock+0x66/0x2f0
[  871.807301][T25629]  iomap_dio_rw+0x11f/0x9a0
[  871.832073][   T27] audit: type=1804 audit(1583210842.004:8722): pid=25628 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/661/bus" dev="sda1" ino=17121 res=1
[  871.836502][T25629]  ? aa_file_perm+0x401/0xb20
[  871.836528][T25629]  ? terminate_walk+0x1b8/0x240
[  871.836550][T25629]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  871.836585][T25629]  ? ext4_inode_journal_mode+0x8d/0x260
[  871.842138][   T27] audit: type=1800 audit(1583210842.004:8723): pid=25628 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=17121 res=0
[  871.866551][T25629]  ? ext4_file_read_iter+0x2b4/0x360
[  871.866574][T25629]  ext4_file_read_iter+0x2b4/0x360
[  871.866605][T25629]  generic_file_splice_read+0x2df/0x470
[  871.866642][T25629]  ? add_to_pipe+0x1b0/0x1b0
[  871.866739][T25629]  do_splice_to+0xc7/0x100
[  871.866766][T25629]  splice_direct_to_actor+0x1b9/0x540
[  871.881659][   T27] audit: type=1804 audit(1583210842.004:8724): pid=25631 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/569/bus" dev="sda1" ino=17249 res=1
[  871.882336][T25629]  ? generic_pipe_buf_nosteal+0x20/0x20
[  871.882400][T25629]  do_splice_direct+0x152/0x1d0
[  871.888124][   T27] audit: type=1800 audit(1583210842.004:8725): pid=25631 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17249 res=0
[  871.908781][T25629]  do_sendfile+0x396/0x810
[  871.908858][T25629]  __x64_sys_sendfile64+0x121/0x140
[  871.908884][T25629]  do_syscall_64+0xc7/0x390
[  871.908963][T25629]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  871.915531][   T27] audit: type=1804 audit(1583210842.014:8726): pid=25631 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/569/bus" dev="sda1" ino=17249 res=1
[  871.919855][T25629] RIP: 0033:0x45c479
[  871.919879][T25629] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  871.919889][T25629] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  871.919905][T25629] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  871.919914][T25629] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  871.919923][T25629] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  871.926132][   T27] audit: type=1804 audit(1583210842.014:8727): pid=25628 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir104654131/syzkaller.tTq8H4/661/bus" dev="sda1" ino=17121 res=1
[  871.930074][T25629] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  871.930084][T25629] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000002
[  872.150118][   T27] audit: type=1804 audit(1583210842.024:8728): pid=25632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/611/bus" dev="sda1" ino=17313 res=1
[  872.160602][T25633] FAULT_INJECTION: forcing a failure.
[  872.160602][T25633] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  872.231747][T25633] CPU: 0 PID: 25633 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  872.240772][T25633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  872.251126][T25633] Call Trace:
[  872.256161][T25633]  dump_stack+0x11d/0x187
[  872.260628][T25633]  should_fail.cold+0x5/0xf
[  872.265695][T25633]  __alloc_pages_nodemask+0xcf/0x310
[  872.271450][T25633]  alloc_pages_current+0xca/0x170
[  872.277203][T25633]  __page_cache_alloc+0x17f/0x1a0
[  872.283763][T25633]  pagecache_get_page+0x251/0x700
[  872.289092][T25633]  ? radix_tree_load_root+0xb3/0xf0
[  872.294537][T25633]  grab_cache_page_write_begin+0x56/0x80
[  872.300193][T25633]  ext4_da_write_begin+0x1b4/0x860
[  872.305400][T25633]  generic_perform_write+0x13a/0x320
[  872.310987][T25633]  ext4_buffered_write_iter+0x14e/0x280
[  872.316574][T25633]  ext4_file_write_iter+0xf4/0xd30
[  872.321769][T25633]  ? common_file_perm+0x1d1/0x490
[  872.326818][T25633]  ? iomap_dio_complete+0x212/0x3c0
[  872.332090][T25633]  do_iter_readv_writev+0x4a7/0x5d0
[  872.337306][T25633]  do_iter_write+0x137/0x3a0
[  872.341899][T25633]  ? __kmalloc+0x21c/0x640
[  872.346326][T25633]  ? iter_file_splice_write+0x120/0x830
[  872.351982][T25633]  vfs_iter_write+0x56/0x80
[  872.356541][T25633]  iter_file_splice_write+0x530/0x830
[  872.361950][T25633]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  872.367748][T25633]  direct_splice_actor+0x97/0xb0
[  872.372737][T25633]  splice_direct_to_actor+0x22f/0x540
[  872.378161][T25633]  ? generic_pipe_buf_nosteal+0x20/0x20
[  872.383774][T25633]  do_splice_direct+0x152/0x1d0
[  872.388696][T25633]  do_sendfile+0x396/0x810
[  872.393168][T25633]  __x64_sys_sendfile64+0x121/0x140
[  872.398461][T25633]  do_syscall_64+0xc7/0x390
[  872.402968][T25633]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  872.408896][T25633] RIP: 0033:0x45c479
[  872.412888][T25633] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  872.433166][T25633] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  872.441878][T25633] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  872.449863][T25633] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  872.457834][T25633] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  872.465802][T25633] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  872.474029][T25633] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000048
04:47:23 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0)

04:47:23 executing program 2 (fault-call:9 fault-nth:3):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:23 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x50)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:23 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x0, 0x7f, 0x8, 0x4000c00}, {0x0, 0x6, 0x7}, {0x200, 0x7f, 0x4, 0xffffffff}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:23 executing program 1 (fault-call:16 fault-nth:73):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:23 executing program 4 (fault-call:12 fault-nth:0):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

[  873.807477][T25656] FAULT_INJECTION: forcing a failure.
[  873.807477][T25656] name failslab, interval 1, probability 0, space 0, times 0
[  873.826781][T25658] FAULT_INJECTION: forcing a failure.
[  873.826781][T25658] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  873.842978][T25656] CPU: 1 PID: 25656 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  873.851774][T25656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  873.859554][T25663] FAULT_INJECTION: forcing a failure.
[  873.859554][T25663] name failslab, interval 1, probability 0, space 0, times 0
[  873.861945][T25656] Call Trace:
[  873.861976][T25656]  dump_stack+0x11d/0x187
[  873.862004][T25656]  should_fail.cold+0x5/0xf
[  873.887310][T25656]  __should_failslab+0x82/0xb0
[  873.892210][T25656]  should_failslab+0x5/0xf
[  873.896674][T25656]  kmem_cache_alloc+0x23/0x5e0
[  873.901580][T25656]  ? _raw_spin_unlock_irq+0x55/0x80
[  873.906789][T25656]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  873.912734][T25656]  ext4_init_io_end+0x4d/0x120
[  873.917517][T25656]  ext4_writepages+0x55b/0x1d40
[  873.923085][T25656]  ? debug_smp_processor_id+0x3f/0x129
[  873.928614][T25656]  ? tomoyo_path_matches_pattern+0x93/0x140
[  873.934781][T25656]  ? ext4_mark_inode_dirty+0x420/0x420
[  873.940266][T25656]  ? do_writepages+0x6b/0x170
[  873.945000][T25656]  do_writepages+0x6b/0x170
[  873.949619][T25656]  ? _raw_spin_unlock+0x38/0x60
[  873.954479][T25656]  ? wbc_attach_and_unlock_inode+0xdd/0x3b0
[  873.960523][T25656]  __filemap_fdatawrite_range+0x1bb/0x220
[  873.966425][T25656]  filemap_write_and_wait_range+0xad/0x140
[  873.972262][T25656]  iomap_dio_rw+0x3a2/0x9a0
[  873.976794][T25656]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  873.982888][T25656]  ? ext4_file_read_iter+0x2b4/0x360
[  873.988219][T25656]  ext4_file_read_iter+0x2b4/0x360
[  873.993523][T25656]  generic_file_splice_read+0x2df/0x470
[  873.999328][T25656]  ? add_to_pipe+0x1b0/0x1b0
[  874.004165][T25656]  do_splice_to+0xc7/0x100
[  874.008761][T25656]  splice_direct_to_actor+0x1b9/0x540
[  874.014334][T25656]  ? generic_pipe_buf_nosteal+0x20/0x20
[  874.019899][T25656]  do_splice_direct+0x152/0x1d0
[  874.024812][T25656]  do_sendfile+0x396/0x810
[  874.029284][T25656]  __x64_sys_sendfile64+0x121/0x140
[  874.034498][T25656]  do_syscall_64+0xc7/0x390
[  874.039080][T25656]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  874.045100][T25656] RIP: 0033:0x45c479
[  874.048998][T25656] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  874.068761][T25656] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  874.077434][T25656] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  874.085478][T25656] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  874.093570][T25656] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  874.102278][T25656] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  874.110811][T25656] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000003
[  874.119431][T25663] CPU: 0 PID: 25663 Comm: syz-executor.4 Not tainted 5.6.0-rc1-syzkaller #0
[  874.128237][T25663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  874.139010][T25663] Call Trace:
[  874.142595][T25663]  dump_stack+0x11d/0x187
[  874.147080][T25663]  should_fail.cold+0x5/0xf
[  874.151707][T25663]  __should_failslab+0x82/0xb0
[  874.156499][T25663]  should_failslab+0x5/0xf
[  874.160930][T25663]  kmem_cache_alloc_trace+0x26/0x5f0
[  874.166250][T25663]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  874.172174][T25663]  alloc_pipe_info+0xf3/0x3d0
[  874.176870][T25663]  splice_direct_to_actor+0x4b8/0x540
[  874.182380][T25663]  ? apparmor_file_permission+0x35/0x40
[  874.187952][T25663]  ? security_file_permission+0x86/0x270
[  874.193600][T25663]  ? generic_pipe_buf_nosteal+0x20/0x20
[  874.199330][T25663]  do_splice_direct+0x152/0x1d0
[  874.206495][T25663]  do_sendfile+0x396/0x810
[  874.210987][T25663]  __x64_sys_sendfile64+0x121/0x140
[  874.216214][T25663]  do_syscall_64+0xc7/0x390
[  874.220759][T25663]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  874.226725][T25663] RIP: 0033:0x45c479
[  874.230642][T25663] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  874.250252][T25663] RSP: 002b:00007f5325c9ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  874.258688][T25663] RAX: ffffffffffffffda RBX: 00007f5325c9f6d4 RCX: 000000000045c479
[  874.266840][T25663] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  874.274908][T25663] RBP: 000000000076c060 R08: 0000000000000000 R09: 0000000000000000
[  874.282894][T25663] R10: 000080001d00c0d1 R11: 0000000000000246 R12: 0000000000000008
[  874.290876][T25663] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000000
[  874.299035][T25658] CPU: 1 PID: 25658 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
[  874.307722][T25658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  874.317825][T25658] Call Trace:
[  874.321135][T25658]  dump_stack+0x11d/0x187
[  874.325584][T25658]  should_fail.cold+0x5/0xf
[  874.330231][T25658]  __alloc_pages_nodemask+0xcf/0x310
[  874.335537][T25658]  alloc_pages_current+0xca/0x170
[  874.340562][T25658]  __page_cache_alloc+0x17f/0x1a0
[  874.345689][T25658]  pagecache_get_page+0x251/0x700
[  874.350813][T25658]  ? radix_tree_load_root+0xb3/0xf0
[  874.356091][T25658]  grab_cache_page_write_begin+0x56/0x80
[  874.361786][T25658]  ext4_da_write_begin+0x1b4/0x860
[  874.366953][T25658]  generic_perform_write+0x13a/0x320
[  874.372255][T25658]  ext4_buffered_write_iter+0x14e/0x280
[  874.377801][T25658]  ext4_file_write_iter+0xf4/0xd30
[  874.382962][T25658]  ? common_file_perm+0x1d1/0x490
[  874.388062][T25658]  do_iter_readv_writev+0x4a7/0x5d0
[  874.393279][T25658]  do_iter_write+0x137/0x3a0
[  874.397962][T25658]  ? __kmalloc+0x21c/0x640
[  874.402368][T25658]  ? iter_file_splice_write+0x120/0x830
[  874.407924][T25658]  vfs_iter_write+0x56/0x80
[  874.412447][T25658]  iter_file_splice_write+0x530/0x830
[  874.417869][T25658]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  874.423755][T25658]  direct_splice_actor+0x97/0xb0
[  874.428695][T25658]  splice_direct_to_actor+0x22f/0x540
[  874.434078][T25658]  ? generic_pipe_buf_nosteal+0x20/0x20
[  874.439629][T25658]  do_splice_direct+0x152/0x1d0
[  874.444483][T25658]  do_sendfile+0x396/0x810
[  874.452640][T25658]  __x64_sys_sendfile64+0x121/0x140
[  874.460082][T25658]  do_syscall_64+0xc7/0x390
[  874.464733][T25658]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  874.471015][T25658] RIP: 0033:0x45c479
[  874.474903][T25658] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  874.494913][T25658] RSP: 002b:00007fe63b49bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  874.503991][T25658] RAX: ffffffffffffffda RBX: 00007fe63b49c6d4 RCX: 000000000045c479
[  874.511967][T25658] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  874.519958][T25658] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  874.527969][T25658] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  874.535946][T25658] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000049
04:47:24 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:24 executing program 4 (fault-call:12 fault-nth:1):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

04:47:25 executing program 2 (fault-call:9 fault-nth:4):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:25 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f0000000500)={{0x9, 0xd5}, 0x0, 0x7ff, 0x6325, {0xa1, 0x19}, 0x8, 0x961bde8d})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000001000000007fdd1827"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
r9 = syz_open_dev$cec(&(0x7f0000000580)='/dev/cec#\x00', 0x0, 0x2)
sendfile(r0, r9, 0x0, 0x20007)

04:47:25 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$MON_IOCQ_URB_LEN(r5, 0x9201)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  874.862102][T25682] FAULT_INJECTION: forcing a failure.
[  874.862102][T25682] name failslab, interval 1, probability 0, space 0, times 0
[  874.892729][T25682] CPU: 1 PID: 25682 Comm: syz-executor.4 Not tainted 5.6.0-rc1-syzkaller #0
[  874.901475][T25682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  874.912329][T25682] Call Trace:
[  874.915662][T25682]  dump_stack+0x11d/0x187
[  874.920020][T25682]  should_fail.cold+0x5/0xf
[  874.924558][T25682]  __should_failslab+0x82/0xb0
[  874.929545][T25682]  should_failslab+0x5/0xf
[  874.933973][T25682]  __kmalloc+0x54/0x640
[  874.938147][T25682]  ? kmem_cache_alloc_trace+0x1e1/0x5f0
[  874.943762][T25682]  ? alloc_pipe_info+0x205/0x3d0
[  874.948773][T25682]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  874.954720][T25682]  alloc_pipe_info+0x205/0x3d0
[  874.959500][T25682]  splice_direct_to_actor+0x4b8/0x540
[  874.964901][T25682]  ? apparmor_file_permission+0x35/0x40
[  874.970834][T25682]  ? security_file_permission+0x86/0x270
[  874.976490][T25682]  ? generic_pipe_buf_nosteal+0x20/0x20
[  874.982115][T25682]  do_splice_direct+0x152/0x1d0
[  874.987097][T25682]  do_sendfile+0x396/0x810
[  874.991578][T25682]  __x64_sys_sendfile64+0x121/0x140
[  874.996970][T25682]  do_syscall_64+0xc7/0x390
[  875.001539][T25682]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  875.007533][T25682] RIP: 0033:0x45c479
[  875.011581][T25682] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  875.031296][T25682] RSP: 002b:00007f5325c9ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  875.039733][T25682] RAX: ffffffffffffffda RBX: 00007f5325c9f6d4 RCX: 000000000045c479
[  875.047836][T25682] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  875.055801][T25682] RBP: 000000000076c060 R08: 0000000000000000 R09: 0000000000000000
[  875.063811][T25682] R10: 000080001d00c0d1 R11: 0000000000000246 R12: 0000000000000008
[  875.071787][T25682] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000001
[  875.084357][T25687] FAULT_INJECTION: forcing a failure.
[  875.084357][T25687] name failslab, interval 1, probability 0, space 0, times 0
[  875.099672][T25687] CPU: 1 PID: 25687 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  875.108446][T25687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  875.118669][T25687] Call Trace:
[  875.122143][T25687]  dump_stack+0x11d/0x187
[  875.126643][T25687]  should_fail.cold+0x5/0xf
[  875.131864][T25687]  __should_failslab+0x82/0xb0
[  875.136645][T25687]  should_failslab+0x5/0xf
[  875.141160][T25687]  kmem_cache_alloc+0x23/0x5e0
[  875.145957][T25687]  ? mempool_alloc+0x9f/0x280
[  875.151281][T25687]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  875.157739][T25687]  bvec_alloc+0xa1/0x1e0
[  875.161982][T25687]  bio_alloc_bioset+0x2ad/0x3d0
[  875.167128][T25687]  iomap_dio_bio_actor+0x464/0x970
[  875.172351][T25687]  iomap_dio_actor+0x83/0x390
[  875.177350][T25687]  iomap_apply+0x1e6/0x660
[  875.181779][T25687]  ? iomap_dio_bio_actor+0x970/0x970
[  875.187184][T25687]  iomap_dio_rw+0x67e/0x9a0
[  875.191702][T25687]  ? iomap_dio_bio_actor+0x970/0x970
[  875.197006][T25687]  ? retint_kernel+0x1b/0x1b
[  875.201646][T25687]  ? ext4_file_read_iter+0x2b4/0x360
[  875.206966][T25687]  ext4_file_read_iter+0x2b4/0x360
[  875.212094][T25687]  generic_file_splice_read+0x2df/0x470
[  875.217641][T25687]  ? add_to_pipe+0x1b0/0x1b0
[  875.222395][T25687]  do_splice_to+0xc7/0x100
[  875.226982][T25687]  splice_direct_to_actor+0x1b9/0x540
[  875.232378][T25687]  ? generic_pipe_buf_nosteal+0x20/0x20
[  875.237976][T25687]  do_splice_direct+0x152/0x1d0
[  875.242855][T25687]  do_sendfile+0x396/0x810
[  875.247300][T25687]  __x64_sys_sendfile64+0x121/0x140
[  875.252598][T25687]  do_syscall_64+0xc7/0x390
[  875.257101][T25687]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  875.263063][T25687] RIP: 0033:0x45c479
[  875.266954][T25687] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  875.286874][T25687] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  875.295289][T25687] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  875.303255][T25687] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  875.311287][T25687] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  875.319249][T25687] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  875.327224][T25687] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000004
04:47:25 executing program 4 (fault-call:12 fault-nth:2):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

[  875.870419][T25699] FAULT_INJECTION: forcing a failure.
[  875.870419][T25699] name failslab, interval 1, probability 0, space 0, times 0
[  875.886482][T25699] CPU: 0 PID: 25699 Comm: syz-executor.4 Not tainted 5.6.0-rc1-syzkaller #0
[  875.895623][T25699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  875.906034][T25699] Call Trace:
[  875.909358][T25699]  dump_stack+0x11d/0x187
[  875.914240][T25699]  should_fail.cold+0x5/0xf
[  875.919136][T25699]  __should_failslab+0x82/0xb0
[  875.924030][T25699]  should_failslab+0x5/0xf
[  875.928910][T25699]  __kmalloc+0x54/0x640
[  875.933189][T25699]  ? iter_file_splice_write+0x120/0x830
[  875.938903][T25699]  iter_file_splice_write+0x120/0x830
[  875.944540][T25699]  ? ext4_file_read_iter+0x110/0x360
[  875.949887][T25699]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  875.955798][T25699]  direct_splice_actor+0x97/0xb0
[  875.960787][T25699]  splice_direct_to_actor+0x22f/0x540
[  875.966231][T25699]  ? generic_pipe_buf_nosteal+0x20/0x20
[  875.971886][T25699]  do_splice_direct+0x152/0x1d0
[  875.976775][T25699]  do_sendfile+0x396/0x810
[  875.981292][T25699]  __x64_sys_sendfile64+0x121/0x140
[  875.986787][T25699]  do_syscall_64+0xc7/0x390
[  875.991330][T25699]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  875.997271][T25699] RIP: 0033:0x45c479
[  876.001170][T25699] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  876.021014][T25699] RSP: 002b:00007f5325cbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  876.029760][T25699] RAX: ffffffffffffffda RBX: 00007f5325cc06d4 RCX: 000000000045c479
[  876.038024][T25699] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  876.045990][T25699] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  876.054067][T25699] R10: 000080001d00c0d1 R11: 0000000000000246 R12: 0000000000000008
[  876.062153][T25699] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000002
04:47:27 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, 0x0, 0x0, 0x0)

04:47:27 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20002)

04:47:27 executing program 2 (fault-call:9 fault-nth:5):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:27 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000001000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000086"]}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
r9 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r10 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r10, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
sendfile(r10, r9, 0x0, 0x4)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:27 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000180)={0x4, 0x80000000, 0x80000000, 0xffffffffffffffff, 0x0, &(0x7f0000000140)={0x9b0903, 0x9b, [], @value64=0x8}})
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f00000000c0)=0x5, 0x4)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40080, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:27 executing program 4 (fault-call:12 fault-nth:3):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

[  876.787289][   T27] kauditd_printk_skb: 51 callbacks suppressed
[  876.787307][   T27] audit: type=1804 audit(1583210847.054:8780): pid=25708 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/573/bus" dev="sda1" ino=17579 res=1
[  876.907264][   T27] audit: type=1804 audit(1583210847.084:8781): pid=25713 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/572/bus" dev="sda1" ino=17585 res=1
[  876.946765][   T27] audit: type=1800 audit(1583210847.084:8782): pid=25713 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=17585 res=0
[  876.947979][T25723] FAULT_INJECTION: forcing a failure.
[  876.947979][T25723] name failslab, interval 1, probability 0, space 0, times 0
[  876.971747][   T27] audit: type=1804 audit(1583210847.084:8783): pid=25712 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/614/bus" dev="sda1" ino=17584 res=1
[  877.007180][   T27] audit: type=1800 audit(1583210847.084:8784): pid=25712 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=17584 res=0
[  877.049322][T25721] FAULT_INJECTION: forcing a failure.
[  877.049322][T25721] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  877.063808][T25721] CPU: 0 PID: 25721 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  877.072532][T25721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  877.074073][   T27] audit: type=1804 audit(1583210847.094:8785): pid=25713 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/572/bus" dev="sda1" ino=17585 res=1
[  877.082823][T25721] Call Trace:
[  877.082854][T25721]  dump_stack+0x11d/0x187
[  877.082888][T25721]  should_fail.cold+0x5/0xf
[  877.082912][T25721]  __alloc_pages_nodemask+0xcf/0x310
[  877.082940][T25721]  alloc_pages_current+0xca/0x170
[  877.082971][T25721]  push_pipe+0x18b/0x340
[  877.133978][T25721]  iov_iter_get_pages+0x49d/0x8cc
[  877.139026][T25721]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  877.144947][T25721]  bio_iov_iter_get_pages+0x106/0x5a0
[  877.150471][T25721]  iomap_dio_bio_actor+0x5e8/0x970
[  877.157003][T25721]  iomap_dio_actor+0x83/0x390
[  877.161707][T25721]  iomap_apply+0x1e6/0x660
[  877.166149][T25721]  ? iomap_dio_bio_actor+0x970/0x970
[  877.171567][T25721]  iomap_dio_rw+0x67e/0x9a0
[  877.176085][T25721]  ? iomap_dio_bio_actor+0x970/0x970
[  877.181520][T25721]  ? ext4_file_read_iter+0x2b4/0x360
[  877.186930][T25721]  ext4_file_read_iter+0x2b4/0x360
[  877.192072][T25721]  generic_file_splice_read+0x2df/0x470
[  877.198335][T25721]  ? add_to_pipe+0x1b0/0x1b0
[  877.203035][T25721]  do_splice_to+0xc7/0x100
[  877.207674][T25721]  splice_direct_to_actor+0x1b9/0x540
[  877.213078][T25721]  ? generic_pipe_buf_nosteal+0x20/0x20
[  877.218839][T25721]  do_splice_direct+0x152/0x1d0
[  877.219245][   T27] audit: type=1800 audit(1583210847.094:8786): pid=25708 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=17579 res=0
[  877.223713][T25721]  do_sendfile+0x396/0x810
[  877.223752][T25721]  __x64_sys_sendfile64+0x121/0x140
[  877.223805][T25721]  do_syscall_64+0xc7/0x390
[  877.223842][T25721]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  877.264489][T25721] RIP: 0033:0x45c479
[  877.268856][T25721] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  877.284317][   T27] audit: type=1804 audit(1583210847.094:8787): pid=25712 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/614/bus" dev="sda1" ino=17584 res=1
[  877.288839][T25721] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  877.288856][T25721] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  877.288866][T25721] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  877.288955][T25721] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  877.325279][   T27] audit: type=1804 audit(1583210847.104:8788): pid=25708 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/573/bus" dev="sda1" ino=17579 res=1
[  877.330152][T25721] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  877.330163][T25721] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000005
[  877.352294][T25723] CPU: 0 PID: 25723 Comm: syz-executor.4 Not tainted 5.6.0-rc1-syzkaller #0
[  877.395965][T25723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  877.406091][T25723] Call Trace:
[  877.409472][T25723]  dump_stack+0x11d/0x187
[  877.413901][T25723]  should_fail.cold+0x5/0xf
[  877.418450][T25723]  __should_failslab+0x82/0xb0
[  877.423229][T25723]  should_failslab+0x5/0xf
[  877.427745][T25723]  kmem_cache_alloc+0x23/0x5e0
[  877.432624][T25723]  ? _raw_spin_unlock_irq+0x55/0x80
[  877.438028][T25723]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  877.440577][   T27] audit: type=1804 audit(1583210847.104:8789): pid=25714 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/639/bus" dev="sda1" ino=17587 res=1
[  877.444000][T25723]  ext4_init_io_end+0x4d/0x120
[  877.444020][T25723]  ext4_writepages+0x55b/0x1d40
[  877.444059][T25723]  ? cgroup_rstat_updated+0xbb/0x1f0
[  877.444087][T25723]  ? ext4_mark_inode_dirty+0x420/0x420
[  877.489660][T25723]  ? do_writepages+0x6b/0x170
[  877.494358][T25723]  do_writepages+0x6b/0x170
[  877.499317][T25723]  ? _raw_spin_unlock+0x38/0x60
[  877.504363][T25723]  ? wbc_attach_and_unlock_inode+0xdd/0x3b0
[  877.510398][T25723]  __filemap_fdatawrite_range+0x1bb/0x220
[  877.516621][T25723]  file_write_and_wait_range+0xfb/0x160
[  877.522191][T25723]  ext4_sync_file+0x26e/0x8b0
[  877.527011][T25723]  ? __read_once_size.constprop.0+0x20/0x20
[  877.533131][T25723]  vfs_fsync_range+0x7c/0x150
[  877.537844][T25723]  ext4_buffered_write_iter+0x211/0x280
[  877.543418][T25723]  ext4_file_write_iter+0xf4/0xd30
[  877.548642][T25723]  ? common_file_perm+0x1d1/0x490
[  877.553789][T25723]  ? sanity+0x12d/0x160
[  877.558028][T25723]  do_iter_readv_writev+0x4a7/0x5d0
[  877.563272][T25723]  do_iter_write+0x137/0x3a0
[  877.567897][T25723]  ? __kmalloc+0x21c/0x640
[  877.572358][T25723]  vfs_iter_write+0x56/0x80
[  877.576894][T25723]  iter_file_splice_write+0x530/0x830
[  877.582483][T25723]  ? page_cache_pipe_buf_release+0xf0/0xf0
[  877.588374][T25723]  direct_splice_actor+0x97/0xb0
[  877.593421][T25723]  splice_direct_to_actor+0x22f/0x540
[  877.598958][T25723]  ? generic_pipe_buf_nosteal+0x20/0x20
[  877.604622][T25723]  do_splice_direct+0x152/0x1d0
[  877.609650][T25723]  do_sendfile+0x396/0x810
[  877.614218][T25723]  __x64_sys_sendfile64+0x121/0x140
[  877.619456][T25723]  do_syscall_64+0xc7/0x390
[  877.623986][T25723]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  877.629895][T25723] RIP: 0033:0x45c479
[  877.633907][T25723] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  877.653524][T25723] RSP: 002b:00007f5325c9ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  877.662119][T25723] RAX: ffffffffffffffda RBX: 00007f5325c9f6d4 RCX: 000000000045c479
[  877.670881][T25723] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  877.679019][T25723] RBP: 000000000076c060 R08: 0000000000000000 R09: 0000000000000000
[  877.687227][T25723] R10: 000080001d00c0d1 R11: 0000000000000246 R12: 0000000000000008
04:47:27 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x2, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_QUERYSTD(r10, 0x8008563f, &(0x7f0000000080))

04:47:27 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20004)

04:47:27 executing program 2 (fault-call:9 fault-nth:6):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  877.695215][T25723] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000003
04:47:28 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x41000, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x1, 0x0, 0x7}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0x4090)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7fffffff, 0x80000000}, 0x0, 0x0, 0x6}, 0x0, 0x8, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:28 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20007)

[  877.935296][T25745] FAULT_INJECTION: forcing a failure.
[  877.935296][T25745] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  877.980094][T25745] CPU: 0 PID: 25745 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  877.988974][T25745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  877.999038][T25745] Call Trace:
[  878.002881][T25745]  dump_stack+0x11d/0x187
[  878.007253][T25745]  should_fail.cold+0x5/0xf
[  878.011832][T25745]  __alloc_pages_nodemask+0xcf/0x310
[  878.017252][T25745]  alloc_pages_current+0xca/0x170
[  878.022442][T25745]  push_pipe+0x18b/0x340
[  878.026744][T25745]  ? __radix_tree_lookup+0x18d/0x1c0
[  878.032123][T25745]  iov_iter_get_pages+0x49d/0x8cc
[  878.037185][T25745]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  878.043316][T25745]  bio_iov_iter_get_pages+0x106/0x5a0
[  878.048759][T25745]  iomap_dio_bio_actor+0x5e8/0x970
[  878.054346][T25745]  iomap_dio_actor+0x83/0x390
[  878.059318][T25745]  iomap_apply+0x1e6/0x660
[  878.063762][T25745]  ? iomap_dio_bio_actor+0x970/0x970
[  878.069152][T25745]  iomap_dio_rw+0x67e/0x9a0
[  878.073765][T25745]  ? iomap_dio_bio_actor+0x970/0x970
[  878.079189][T25745]  ? ext4_file_read_iter+0x2b4/0x360
[  878.084602][T25745]  ext4_file_read_iter+0x2b4/0x360
[  878.089851][T25745]  generic_file_splice_read+0x2df/0x470
[  878.095825][T25745]  ? add_to_pipe+0x1b0/0x1b0
[  878.100438][T25745]  do_splice_to+0xc7/0x100
[  878.104879][T25745]  splice_direct_to_actor+0x1b9/0x540
[  878.110415][T25745]  ? generic_pipe_buf_nosteal+0x20/0x20
[  878.115988][T25745]  do_splice_direct+0x152/0x1d0
[  878.120873][T25745]  do_sendfile+0x396/0x810
[  878.125330][T25745]  __x64_sys_sendfile64+0x121/0x140
[  878.130652][T25745]  do_syscall_64+0xc7/0x390
[  878.135227][T25745]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  878.141578][T25745] RIP: 0033:0x45c479
[  878.145640][T25745] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  878.165480][T25745] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
04:47:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

[  878.173919][T25745] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  878.182037][T25745] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  878.190841][T25745] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  878.199648][T25745] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  878.207637][T25745] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000006
04:47:30 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20009)

04:47:30 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
ioctl$PPPOEIOCDFWD(r3, 0xb101, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

04:47:30 executing program 2 (fault-call:9 fault-nth:7):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:30 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)
r1 = dup(r0)
connect$l2tp6(r1, &(0x7f0000000080)={0xa, 0x0, 0x3d8e, @remote, 0x3f, 0x4}, 0x20)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r3 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r2, 0x0, 0x2)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r6 = socket(0x10, 0x80002, 0x0)
ioctl(r6, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
getsockopt$bt_BT_CHANNEL_POLICY(r10, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r2, r3, 0x0, 0x20008)

04:47:30 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x402, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00')
sendmsg$NL80211_CMD_GET_MPATH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x20, r6, 0x2468825185d9173d, 0x0, 0x0, {}, [@NL80211_ATTR_WDEV={0xc}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000b00)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x8fc, r6, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_BEACON_TAIL={0x635, 0xf, "f605598a138e6de9d2ed6b746b17e9a650ae3f96aa8582567e1fd3055a25b77c6e612d6f09721c3daa18ed06b2c50616d08fa7a402fccd37e7f4dea81b2b0e031e3a5209c4f4d4e5efee544b332104ec30874dbd2245df280ea3b0702c39501dbd73ccae6e6cb9cd95c19d60a835dae36758464c6fb5a6147012779735aecb92f16ceba0e510b79fbe5f8ae1901a7165d8160e795bef24c7ad579fb846a89947de9207397010d83615ad6aa5c73324a44bda1aa4232841d5e7a654104f6a18f75f2592f29f11607d6e24907f0cab97d0cb85dec078d3ba76ea081f6e23dd8366f3df7adf725fade16f6c62b6e27046ed2a406bb3aeb06c4234629027b14e6f83217a99f189af228ad2bf868ffb553f198555702d72e6ea4062e3f36b85bda33224e0dac8c5d4822c82ba6e82bab2fa9abda8bcb4d5a85f52db4f0dee19b60e12d1574c90a5f598c90dad997f062199c89844fa68638ed5b95130e005a55ecab3cb99e0520b1086ff1594050ff6292b69d7b2fe3e7ad628c2898b6b16ec1f87c22db9661dad4f5376c5323e156add9482a92d693675e56b620f523dcd0b81d3218e1e0677ea8399c36671e5090d13d1bd4403d0f734f5e7b863b1e2d5823dd27d8abce57f0e107e1d65c6310bf8a139892c3c0b0cf50d55aab96ca0cbb028c6391061e05d04389eb4e7668dd4d6c6d5eaada3c6163ae43114af37b8a7fc4fc23169ff8c6f4af4b8c9df6a140392047a0f658913334f0716388ee7827f8db5a6ba77ccb629aab42fb8e719526bbb0b3764ff14d3e46a15b9783126e4fdcd6c8f4f8579e09f45fb6872e474f0db491e075b9ccd25c532e7c577724a5ab3b3d97d90cef1ce0ef7d077a7a7bda54c1d8f051a620a2f8bd78d67041ee89a6035aea599cb052207b19713d3db77911edbf2355851d45e68197b873a6aa3da594179e0b2bcfb362e2a4aca5b50639d71ef0f6e03a9dcdb29bcc9aba76716e112435e318e3010b13f64edc37c7a01128b0b5c2039d6d0095535b425ef2fdc5e66b9c4332bf518dcf11dacad1409434e30e6228d9f4f1fdb3b4d28004c0b861ed37d6f0eb37db4dc3626121a47c21adc80da20f40d0b84a3af988bca9f6f337a636daafcd935f87cb345af85845d1e678e2b2586723f568c2efd652b1ac1068876493f722b4379f3464318f628e593ddc66e135ab990f12c8f4fb23d9cd4749ca129b9a229d535beae7454729736f8d95609f3f302e53e1e40f5e211da8a9a282a09c0c12afa3dd3f4605abae9bf8c6a54122f48634187b9f7b011e9ef22e865abd4ea0506af9e65045db24494e80423e17ada4279f6b66499bcff031c8b306943d0bac3399d8a2ee73a42c9c03c6d25d83b6ec809412f4f2c158cb04d07e617feaa921f4ef33ceeb6a5882aea216ef2c9434e46dd585f4e52d6880fbc66471159b2b9441bbe5596c5bee7ec66bef0902ce74e2d52b64dab112c0dcb7ef8a4ef5fbdad9e7fcaf103b2bf16a92f66a03f7305a7342816410572c09b593ef1fde918b7f25e96d320b390679c1912814edb5e3d1f291fce098f2e2b752ca6609d3bd9163044c4b81c607783087b1d07e9772ea6a4c808b3e8680db68b8d007fb878670bb0ad6bcf9c67c9f4249bf8f3dd06e4354125c03ece213d0a19d3eb10a38a37c1a17fcedc2226fef21883cd6413c4afc9dc46a1d4d46497eb222ab6de43b7d6bbf86b106ac4c45c6a34a7aada307d86d2d5d52644cc150674a147e7a9d7cd5a86e108930e633601c3295f8bc59904f3f1dfeb702351a407312cc2958dfcc83342240002d98e8d789ca1e45f2004b8016921bdeef89a7e538f6a8e537c9f02d38a18dd5e63688d0ffff08a45800a2ffbbbdee77450d3473966e505d80cc506f93738d32941f233221f6eaf63823f2ed03a4491adb5af5b01b967e82498a02258ce4bd3a6d3ab40b64146bcefc13d1e16f90a3e50485ccbf8024ea8ea51824ce5d9a37efe00309baebd3b0fea1ee647a48c9122edc15cca642f1f3f5cff7b534f23a76c6839321565560142b87fed69f84a1c5a0fbf08b176b030b5584100b5ee686c061bd69283d8eb5dba60afb899c0c9aefb514f8905b93e7c0e3244025a86479400d06317c175602e8b0674132cdf8acf44491bc85be712ac1982742a44d9def6e59a0f885502ba76c1ab99b1dd430e859df6b83e284a789fbe6f908a4788bb2c5a5a782781b895582bcbc0a2783e4252211f8d"}, @NL80211_ATTR_IE_ASSOC_RESP={0x2af, 0x80, "2c9809d98eda2cdab13e89ecc191cf2647ff8e4a477e162b898f4509ab2e2b16aa9498e0897f604f034c751ae8a5cda61528cc09a6fb9e8af47ebc6cc30cc5b593b19cdbc3988908424c0e8b0eac7e0e8b90f5528d0dcb943f06a25c49177a01e808fefe96eb28f60d74ed32004832c1abdad9906f4dc73b72c96040db83a7a256bac680298fe0132c1f80357e2c4ebc41b92f5c923174ba043fa03964795e39192820a5717719cbedb753faded975010f4be790c76c543e9e8555cc8f341a9baaff4aed810a9d206b42c64eff96797d9538da0eb62498ba6f73204124e42da0ee5187983b7a9508bb7d9a927e204a98a00d101a5e91539f268e2df65add40d4a38efdff204ae63082c4b458ccfb3a022b308cfab8794b4f2b5646bb1984265d220f33d06f4780efb91708e1ab908d4c1a63950201466d59ea829f048477f94a4618fc5722845901f2828ebb5c4e5245c0c2ac58baaa0cd9db8986757013858ad392892d8a60370d877229c1cbf97bfd4016d839432798dea56976a699e96dca61cd32a7db42f49ae6b37fa187987269df74d0c08a67e02970f818838327179f3e8e9f08ff103074eaa0ed5e7574637c1f61ccac379365da27b81c821a1e36747d639a0a3834d58e70b4ebaccdd1ec998914f89509db1a5c291db8777eb5eebb7d4b26437abc406e4cf24c0c9fde45dd598712514637cbe592c037d80f8d528f9bfb9458ae5e61b6b7e8048e24e6e4b4e7cf6d88ce649402f8deabc704e57daf2d6f0a6af19e135bd881580032db2fbf0eff5242560c3e392de261808169ff1ed662ec512f5ca0e6806b3b355daf43baedbf573eaa44a3e7b587242a6b9ae07edec99c3a33e684be1765754706403acc8a62ddd1aba18cc19ccc7cd5eff70f2691d9f761b9a4779b2a1a835f4c679083f32ed7d9a37acce819a32043ad4c4d051b7c509358147022767e83"}]}, 0x8fc}, 0x1, 0x0, 0x0, 0x1}, 0x4004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:30 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, 0x0, 0x0, 0x0)

[  880.042138][T25786] FAULT_INJECTION: forcing a failure.
[  880.042138][T25786] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  880.072595][T25786] CPU: 1 PID: 25786 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
04:47:30 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
eventfd2(0xea, 0x1)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

[  880.082479][T25786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  880.093080][T25786] Call Trace:
[  880.096414][T25786]  dump_stack+0x11d/0x187
[  880.100910][T25786]  should_fail.cold+0x5/0xf
[  880.105588][T25786]  __alloc_pages_nodemask+0xcf/0x310
[  880.110959][T25786]  alloc_pages_current+0xca/0x170
[  880.116004][T25786]  push_pipe+0x18b/0x340
[  880.120459][T25786]  ? __radix_tree_lookup+0x18d/0x1c0
[  880.125771][T25786]  iov_iter_get_pages+0x49d/0x8cc
[  880.130932][T25786]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  880.136938][T25786]  bio_iov_iter_get_pages+0x106/0x5a0
[  880.142362][T25786]  iomap_dio_bio_actor+0x5e8/0x970
[  880.147525][T25786]  iomap_dio_actor+0x83/0x390
[  880.152253][T25786]  iomap_apply+0x1e6/0x660
[  880.157020][T25786]  ? iomap_dio_bio_actor+0x970/0x970
[  880.162612][T25786]  iomap_dio_rw+0x67e/0x9a0
[  880.167298][T25786]  ? iomap_dio_bio_actor+0x970/0x970
[  880.172634][T25786]  ? ext4_file_read_iter+0x2b4/0x360
[  880.177995][T25786]  ext4_file_read_iter+0x2b4/0x360
[  880.183149][T25786]  generic_file_splice_read+0x2df/0x470
[  880.188843][T25786]  ? add_to_pipe+0x1b0/0x1b0
[  880.193454][T25786]  do_splice_to+0xc7/0x100
[  880.198068][T25786]  splice_direct_to_actor+0x1b9/0x540
[  880.203555][T25786]  ? generic_pipe_buf_nosteal+0x20/0x20
[  880.209298][T25786]  do_splice_direct+0x152/0x1d0
[  880.214154][T25786]  do_sendfile+0x396/0x810
[  880.218652][T25786]  __x64_sys_sendfile64+0x121/0x140
[  880.223971][T25786]  do_syscall_64+0xc7/0x390
[  880.229188][T25786]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  880.235080][T25786] RIP: 0033:0x45c479
[  880.238975][T25786] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  880.259166][T25786] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  880.268163][T25786] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  880.276159][T25786] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  880.284255][T25786] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  880.292371][T25786] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  880.300736][T25786] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000007
04:47:30 executing program 2 (fault-call:9 fault-nth:8):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:30 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2000f)

04:47:30 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f00000000c0)={0x60, 0x3, 0x7fff})
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000140)={{0x3c, @local, 0x4e24, 0x3, 'lblc\x00', 0x14, 0x891e, 0xd}, {@empty, 0x4e20, 0x0, 0x0, 0x400, 0x7}}, 0x44)

[  880.768013][T25804] FAULT_INJECTION: forcing a failure.
[  880.768013][T25804] name fail_page_alloc, interval 1, probability 0, space 0, times 0
04:47:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x4, 0xa2)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

[  880.842499][T25804] CPU: 1 PID: 25804 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  880.851738][T25804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  880.861842][T25804] Call Trace:
[  880.865240][T25804]  dump_stack+0x11d/0x187
[  880.870122][T25804]  should_fail.cold+0x5/0xf
[  880.874654][T25804]  __alloc_pages_nodemask+0xcf/0x310
[  880.879974][T25804]  alloc_pages_current+0xca/0x170
[  880.885027][T25804]  push_pipe+0x18b/0x340
[  880.889295][T25804]  ? __radix_tree_lookup+0x18d/0x1c0
[  880.894725][T25804]  iov_iter_get_pages+0x49d/0x8cc
[  880.899793][T25804]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  880.905707][T25804]  bio_iov_iter_get_pages+0x106/0x5a0
[  880.911188][T25804]  iomap_dio_bio_actor+0x5e8/0x970
[  880.916401][T25804]  iomap_dio_actor+0x83/0x390
[  880.921216][T25804]  iomap_apply+0x1e6/0x660
[  880.925703][T25804]  ? iomap_dio_bio_actor+0x970/0x970
[  880.931032][T25804]  iomap_dio_rw+0x67e/0x9a0
[  880.935550][T25804]  ? iomap_dio_bio_actor+0x970/0x970
[  880.940962][T25804]  ? ext4_file_read_iter+0x2b4/0x360
[  880.946270][T25804]  ext4_file_read_iter+0x2b4/0x360
[  880.951583][T25804]  generic_file_splice_read+0x2df/0x470
[  880.957239][T25804]  ? add_to_pipe+0x1b0/0x1b0
[  880.961954][T25804]  do_splice_to+0xc7/0x100
[  880.966933][T25804]  splice_direct_to_actor+0x1b9/0x540
[  880.972931][T25804]  ? generic_pipe_buf_nosteal+0x20/0x20
[  880.978610][T25804]  do_splice_direct+0x152/0x1d0
[  880.983599][T25804]  do_sendfile+0x396/0x810
04:47:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r11}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r11}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
connect$can_bcm(r6, &(0x7f0000000040)={0x1d, r11}, 0x10)
close(r4)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r12, 0x0, 0x80001d00c0d1)

[  880.988217][T25804]  __x64_sys_sendfile64+0x121/0x140
[  880.993767][T25804]  do_syscall_64+0xc7/0x390
[  880.998436][T25804]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  881.004346][T25804] RIP: 0033:0x45c479
[  881.008351][T25804] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  881.028170][T25804] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  881.036969][T25804] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  881.044951][T25804] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  881.052932][T25804] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  881.061732][T25804] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  881.069713][T25804] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000008
04:47:31 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
truncate(&(0x7f00000000c0)='./bus\x00', 0x1000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
lseek(r0, 0x0, 0x2)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000440)={0x3, &(0x7f0000000140)=[{0x1, 0x7f, 0x8, 0xc00}, {0x0, 0x1, 0x7}, {0x200, 0x7f, 0x4}]})
r4 = socket(0x10, 0x80002, 0x0)
ioctl(r4, 0x0, &(0x7f00000001c0)="080db5055e0bcfe8696071")
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x48, 0x140f, 0x0, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'srp\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000500)={[{0x5, 0xaa, 0x3, 0x40, 0x8, 0x1f, 0xe1, 0x0, 0x6, 0x2, 0x0, 0x0, 0x4}, {0x1, 0xff, 0x9d, 0x3f, 0xe4, 0x0, 0x6, 0x80, 0x20, 0x1, 0x80, 0x1}, {0x1, 0x200, 0xfb, 0x9, 0x9, 0x8e, 0x8, 0x3f, 0xfa, 0x0, 0x0, 0x1, 0x8}], 0x1000})
r6 = open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
getsockopt$bt_BT_CHANNEL_POLICY(r8, 0x112, 0xa, &(0x7f0000000480)=0x9, &(0x7f00000004c0)=0x4)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:33 executing program 2 (fault-call:9 fault-nth:9):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:33 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, 0x0, 0x0, 0x0)

04:47:33 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20010)

04:47:33 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r5 = memfd_create(&(0x7f00000000c0)='\x00', 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:33 executing program 0:
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x0, 0x803, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200)='batadv\x00')
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="240000001a005f0014f9f407000904000a00000000000000000000000800190000000000", 0x24)
ptrace$peeksig(0x4209, 0x0, &(0x7f0000000400)={0x8, 0x0, 0x1}, &(0x7f0000000440)=[{}])
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x3}, &(0x7f0000000280)=0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = eventfd2(0x0, 0x0)
r4 = fcntl$dupfd(r2, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="5c0000001000010429bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b0b000004000200340012800b00010067656e65766500002400028005000a000100000005000c000000000005f803001a0000000500080000000000080005000c6b2079380d22e15d1de6c9af3f7b1b12986652ce55d0c512570a8159425557ba01d718d2909df99dd7232420ca2247e009d39c712e90ac77e08cb50a11762488965b266a40d4173e9d07caf955e0e9eb7fca01353fda749a15105f16a195c9feb04dade0b684264859c80282a69a9e606a6df8bfa177bf3749bd7a396bc9106a1ffc160df69f936ade40882f5f4bc24f69079998a5de1d7a60f0db92d423ad2ca0de21adb8d79297f58350b7577692bda2243521fcf8c894d66d603b404f57f980150ff803990e1a806e34312271c0990d1cc26ba15101464afff1ee0bd7bbbd6b49efcc92b4373b96cc000000", @ANYRES32=0x0, @ANYBLOB], 0x5c}}, 0x0)

04:47:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
open_by_handle_at(r0, &(0x7f0000000040)={0x95, 0x3, "caf4e024f421ff02ecb796f8357d9449ba18d7e5dab4ffe5f7423db7dae98010c8da75d0bf6467be51150ead7bd3c7802abc9198f08f78a197409715b436774cac3b4c957d651f8ba211da38a046eb844db756f005fb76aa2ca6d4381b1ea1fd079605df0b10b80770f525ee848dc66f15da4b77d57c53ec618503d2d4ec3d6bac90164af9b515145910525d2f"}, 0x10000)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)

[  882.998731][   T27] kauditd_printk_skb: 91 callbacks suppressed
[  882.998767][   T27] audit: type=1804 audit(1583210853.264:8881): pid=25861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/643/bus" dev="sda1" ino=16595 res=1
[  883.043244][   T27] audit: type=1804 audit(1583210853.274:8882): pid=25862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/577/bus" dev="sda1" ino=16849 res=1
[  883.050996][T25857] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  883.074645][T25869] FAULT_INJECTION: forcing a failure.
[  883.074645][T25869] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  883.095632][   T27] audit: type=1800 audit(1583210853.274:8883): pid=25862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=16849 res=0
[  883.119104][T25869] CPU: 1 PID: 25869 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  883.130259][T25869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  883.140324][T25869] Call Trace:
[  883.143630][T25869]  dump_stack+0x11d/0x187
[  883.147989][T25869]  should_fail.cold+0x5/0xf
[  883.152587][T25869]  __alloc_pages_nodemask+0xcf/0x310
[  883.158056][T25869]  alloc_pages_current+0xca/0x170
[  883.159111][   T27] audit: type=1804 audit(1583210853.274:8884): pid=25862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/577/bus" dev="sda1" ino=16849 res=1
[  883.163099][T25869]  push_pipe+0x18b/0x340
[  883.163136][T25869]  ? __radix_tree_lookup+0x18d/0x1c0
[  883.163209][T25869]  iov_iter_get_pages+0x49d/0x8cc
[  883.187354][   T27] audit: type=1804 audit(1583210853.284:8885): pid=25856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/577/bus" dev="sda1" ino=16833 res=1
[  883.191470][T25869]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  883.191496][T25869]  bio_iov_iter_get_pages+0x106/0x5a0
[  883.196885][   T27] audit: type=1800 audit(1583210853.284:8886): pid=25856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16833 res=0
[  883.201993][T25869]  iomap_dio_bio_actor+0x5e8/0x970
[  883.202084][T25869]  iomap_dio_actor+0x83/0x390
[  883.226655][   T27] audit: type=1804 audit(1583210853.284:8887): pid=25856 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/577/bus" dev="sda1" ino=16833 res=1
[  883.232534][T25869]  iomap_apply+0x1e6/0x660
[  883.232584][T25869]  ? iomap_dio_bio_actor+0x970/0x970
[  883.237972][   T27] audit: type=1800 audit(1583210853.284:8888): pid=25861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16595 res=0
[  883.258306][T25869]  iomap_dio_rw+0x67e/0x9a0
[  883.263449][   T27] audit: type=1804 audit(1583210853.364:8889): pid=25861 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/643/bus" dev="sda1" ino=16595 res=1
[  883.268618][T25869]  ? iomap_dio_bio_actor+0x970/0x970
[  883.358007][T25869]  ? ext4_file_read_iter+0x2b4/0x360
[  883.363860][T25869]  ext4_file_read_iter+0x2b4/0x360
[  883.369509][T25869]  generic_file_splice_read+0x2df/0x470
[  883.375193][T25869]  ? add_to_pipe+0x1b0/0x1b0
[  883.380055][T25869]  do_splice_to+0xc7/0x100
[  883.384837][T25869]  splice_direct_to_actor+0x1b9/0x540
[  883.390344][T25869]  ? generic_pipe_buf_nosteal+0x20/0x20
[  883.395982][T25869]  do_splice_direct+0x152/0x1d0
[  883.401493][T25869]  do_sendfile+0x396/0x810
[  883.405979][T25869]  __x64_sys_sendfile64+0x121/0x140
[  883.411495][T25869]  do_syscall_64+0xc7/0x390
[  883.416007][T25869]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  883.421905][T25869] RIP: 0033:0x45c479
[  883.425806][T25869] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:47:33 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8983, &(0x7f0000000000)={0x6, 'vlan0\x00', {0x9}, 0x6})
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nvram\x00', 0x60405, 0x0)
sendmsg$IPSET_CMD_TYPE(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x40, 0xd, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x240008f4)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x2000, 0x0)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r5, 0x84, 0x21, &(0x7f0000000140)=0xffffffff, 0x4)
r6 = accept$alg(r1, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000007b00)=[{{&(0x7f00000026c0)=@hci, 0x80, &(0x7f0000002740)}, 0x49bf}, {{&(0x7f0000002780)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000002940)=[{&(0x7f0000002800)}, {0x0}], 0x2, &(0x7f0000002980)=""/97, 0x61}, 0x4}, {{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002a80)=""/47, 0x2f}, {&(0x7f0000002ac0)=""/250, 0xfa}, {&(0x7f0000002bc0)=""/33, 0x21}], 0x3, &(0x7f0000002c40)=""/167, 0xa7}}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}}], 0x5, 0x2060, 0x0)
recvmmsg(r6, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
ioctl$SIOCGSTAMPNS(r8, 0x8907, &(0x7f00000000c0))

[  883.445400][T25869] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  883.453923][T25869] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  883.461909][T25869] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  883.470597][T25869] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  883.478954][T25869] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  883.486948][T25869] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000009
04:47:33 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x280400, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x4, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3200000014000104000000000000000002000000", @ANYRES32=r10, @ANYBLOB="08000200e0000002"], 0x20}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000014000104000000000700000002000000", @ANYRES32=r10, @ANYBLOB="0800020000000001"], 0x20}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r11=>r10})
bind$packet(r5, &(0x7f0000000140)={0x11, 0xf8, r11, 0x1, 0x2, 0x6, @local}, 0x14)
r12 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xf8b}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
fcntl$setstatus(r12, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  883.609668][   T27] audit: type=1804 audit(1583210853.874:8890): pid=25877 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/644/bus" dev="sda1" ino=16673 res=1
04:47:34 executing program 2 (fault-call:9 fault-nth:10):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:34 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f00000000c0)={0x9, 0x8})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:34 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2002f)

04:47:34 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000040)='./bus/file0\x00', 0x141042, 0x100)
getpeername$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f00000000c0)=0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = accept4$rose(r3, &(0x7f0000000100)=@short={0xb, @dev, @default, 0x1, @null}, &(0x7f0000000140)=0x1c, 0x81800)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r4, 0x8982, &(0x7f0000000180)={0x6, 'batadv_slave_1\x00', {0x1f}, 0x5})
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r9, 0xc0845657, &(0x7f0000000280)={0x0, @bt={0x7, 0xffd, 0x1, 0x1, 0xbd9a, 0x20, 0x9, 0x8, 0x4, 0x3, 0x6, 0x6, 0x0, 0x8, 0x20, 0x10, {0xffffffff, 0xef}, 0x3f, 0xf8}})
close(r7)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r7, r10, 0x0, 0x80001d00c0d0)
ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x8914, &(0x7f00000001c0)={'gre0\x00', 0x8901})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000340)=0xc)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)

[  884.115104][T25905] FAULT_INJECTION: forcing a failure.
[  884.115104][T25905] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  884.128834][T25905] CPU: 1 PID: 25905 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  884.137681][T25905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  884.147916][T25905] Call Trace:
[  884.151289][T25905]  dump_stack+0x11d/0x187
[  884.155643][T25905]  should_fail.cold+0x5/0xf
[  884.160182][T25905]  __alloc_pages_nodemask+0xcf/0x310
04:47:34 executing program 4:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000280)=@gcm_128={{0x303}, "59f9078e54c12fca", "016d3dc38c3623ac1d40923bc171c17d", "4cc8aed1", "df2b249f0947d93d"}, 0x28)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x1, 0xe1)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r3, 0x4, 0x0)
fcntl$setstatus(r3, 0x4, 0x0)
close(r2)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendmsg$IPSET_CMD_TYPE(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0xd, 0x6, 0x300, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x110)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x0)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
sendfile(r7, r8, 0x0, 0x8573)
socket$inet6(0xa, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/exec\x00', 0x2, 0x0)
sendfile(r9, r10, 0x0, 0x80001d00c0d1)

[  884.165586][T25905]  alloc_pages_current+0xca/0x170
[  884.170816][T25905]  push_pipe+0x18b/0x340
[  884.175106][T25905]  ? __radix_tree_lookup+0x18d/0x1c0
[  884.180419][T25905]  iov_iter_get_pages+0x49d/0x8cc
[  884.185471][T25905]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  884.191464][T25905]  bio_iov_iter_get_pages+0x106/0x5a0
[  884.196936][T25905]  iomap_dio_bio_actor+0x5e8/0x970
[  884.202293][T25905]  iomap_dio_actor+0x83/0x390
[  884.207486][T25905]  iomap_apply+0x1e6/0x660
[  884.212088][T25905]  ? iomap_dio_bio_actor+0x970/0x970
[  884.217557][T25905]  iomap_dio_rw+0x67e/0x9a0
[  884.222081][T25905]  ? iomap_dio_bio_actor+0x970/0x970
[  884.227458][T25905]  ? ext4_file_read_iter+0x2b4/0x360
[  884.233147][T25905]  ext4_file_read_iter+0x2b4/0x360
[  884.238289][T25905]  generic_file_splice_read+0x2df/0x470
[  884.243962][T25905]  ? add_to_pipe+0x1b0/0x1b0
[  884.248578][T25905]  do_splice_to+0xc7/0x100
[  884.253301][T25905]  splice_direct_to_actor+0x1b9/0x540
[  884.258705][T25905]  ? generic_pipe_buf_nosteal+0x20/0x20
[  884.264295][T25905]  do_splice_direct+0x152/0x1d0
[  884.269177][T25905]  do_sendfile+0x396/0x810
[  884.273694][T25905]  __x64_sys_sendfile64+0x121/0x140
[  884.279137][T25905]  do_syscall_64+0xc7/0x390
[  884.283681][T25905]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  884.290041][T25905] RIP: 0033:0x45c479
[  884.293993][T25905] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  884.313702][T25905] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  884.322695][T25905] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  884.331116][T25905] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  884.339236][T25905] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  884.347308][T25905] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  884.355895][T25905] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000a
04:47:36 executing program 2 (fault-call:9 fault-nth:11):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:36 executing program 0:
r0 = socket$inet6(0x10, 0x80000, 0x4)
sendto$inet6(r0, &(0x7f00000001c0)="4c00000012001f15b9409b849ac00a00a5784002000005000000030038c88cc055c5ac27a6c5b068d0bf46d323456536005ad94a461cdbfee9bdb9423523598451d1ec0cffc8792cd8000000", 0x4c, 0x0, 0x0, 0x0)

04:47:36 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = getpid()
sched_setscheduler(r4, 0x5, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xffff}, r4, 0x0, 0xffffffffffffffff, 0x0)
r5 = eventfd2(0x3ff, 0x80000)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:36 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x200e0)

04:47:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ftruncate(0xffffffffffffffff, 0x200004)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x3b)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000000040)={0x2, {{0xa, 0x4e21, 0x3e, @ipv4={[], [], @remote}, 0xc}}}, 0x88)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r9, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r10 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r11=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='giL=', @ANYRESHEX=r11, @ANYBLOB=',\x00'])
getresgid(&(0x7f0000000200), &(0x7f0000000280), &(0x7f00000002c0)=<r12=>0x0)
socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r13=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r13}}]})
getresgid(&(0x7f0000000300)=<r14=>0x0, &(0x7f0000000340), &(0x7f0000000380))
r15 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r16=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r16}}]})
r17 = socket(0xa, 0x800, 0x0)
getsockopt$sock_cred(r17, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r18=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r18}}]})
r19 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r19, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r20=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r20}}]})
getgroups(0x8, &(0x7f00000003c0)=[r16, 0xffffffffffffffff, r18, <r21=>r20, 0xffffffffffffffff, 0xee01, 0xee00, 0x0])
r22 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r22, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r23=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r23}}]})
fsetxattr$system_posix_acl(r9, &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000400)={{}, {0x1, 0x4}, [], {0x4, 0x4}, [{0x8, 0x3, r11}, {0x8, 0x2, r12}, {0x8, 0x0, r13}, {0x8, 0x0, r14}, {0x8, 0x4, r21}, {0x8, 0x4, r23}], {0x10, 0x2}, {0x20, 0x4}}, 0x54, 0x1)
ppoll(&(0x7f0000000100)=[{r4, 0x10}, {r6, 0x4200}, {r8}, {r1, 0x1}], 0x4, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)={[0x5]}, 0x8)
close(r3)
r24 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r3, r24, 0x0, 0x80001d00c0d1)

04:47:36 executing program 5 (fault-call:11 fault-nth:0):
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:36 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x0)

04:47:36 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500001000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x5, 0x10}]}, 0x30}}, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x300, &(0x7f0000000040)="b90103ffe000f000009e0ff008001fffffe100004000632177fbac141414e0000001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000}, 0x28)

[  886.188289][T25945] FAULT_INJECTION: forcing a failure.
[  886.188289][T25945] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  886.282085][T25945] CPU: 0 PID: 25945 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  886.291545][T25945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  886.301731][T25945] Call Trace:
[  886.305053][T25945]  dump_stack+0x11d/0x187
[  886.309534][T25945]  should_fail.cold+0x5/0xf
[  886.314067][T25945]  __alloc_pages_nodemask+0xcf/0x310
[  886.319389][T25945]  alloc_pages_current+0xca/0x170
[  886.324493][T25945]  push_pipe+0x18b/0x340
[  886.328962][T25945]  ? __radix_tree_lookup+0x18d/0x1c0
[  886.334277][T25945]  iov_iter_get_pages+0x49d/0x8cc
[  886.339336][T25945]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  886.345421][T25945]  bio_iov_iter_get_pages+0x106/0x5a0
[  886.350873][T25945]  iomap_dio_bio_actor+0x5e8/0x970
[  886.356016][T25945]  iomap_dio_actor+0x83/0x390
[  886.360961][T25945]  iomap_apply+0x1e6/0x660
[  886.365441][T25945]  ? iomap_dio_bio_actor+0x970/0x970
[  886.370773][T25945]  iomap_dio_rw+0x67e/0x9a0
[  886.375503][T25945]  ? iomap_dio_bio_actor+0x970/0x970
[  886.381098][T25945]  ? ext4_file_read_iter+0x2b4/0x360
[  886.386504][T25945]  ext4_file_read_iter+0x2b4/0x360
[  886.391670][T25945]  generic_file_splice_read+0x2df/0x470
[  886.397347][T25945]  ? add_to_pipe+0x1b0/0x1b0
[  886.401988][T25945]  do_splice_to+0xc7/0x100
[  886.406431][T25945]  splice_direct_to_actor+0x1b9/0x540
[  886.411812][T25945]  ? generic_pipe_buf_nosteal+0x20/0x20
[  886.417445][T25945]  do_splice_direct+0x152/0x1d0
[  886.422546][T25945]  do_sendfile+0x396/0x810
[  886.427055][T25945]  __x64_sys_sendfile64+0x121/0x140
[  886.432499][T25945]  do_syscall_64+0xc7/0x390
[  886.437214][T25945]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  886.443121][T25945] RIP: 0033:0x45c479
[  886.447195][T25945] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  886.467157][T25945] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  886.475660][T25945] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  886.483789][T25945] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  886.491770][T25945] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  886.499778][T25945] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  886.508189][T25945] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000b
04:47:37 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0xff, 0x0, 0x1, 0x29084, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:37 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x200f0)

04:47:37 executing program 2 (fault-call:9 fault-nth:12):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:37 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500001000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x5, 0x10}]}, 0x30}}, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x300, &(0x7f0000000040)="b90103ffe000f000009e0ff008001fffffe100004000632177fbac141414e0000001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000}, 0x28)

[  887.343529][T26000] FAULT_INJECTION: forcing a failure.
[  887.343529][T26000] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  887.410013][T26000] CPU: 1 PID: 26000 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  887.418846][T26000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  887.430201][T26000] Call Trace:
[  887.433550][T26000]  dump_stack+0x11d/0x187
[  887.437917][T26000]  should_fail.cold+0x5/0xf
[  887.442495][T26000]  __alloc_pages_nodemask+0xcf/0x310
[  887.447866][T26000]  alloc_pages_current+0xca/0x170
[  887.453009][T26000]  push_pipe+0x18b/0x340
[  887.457287][T26000]  iov_iter_get_pages+0x49d/0x8cc
[  887.462466][T26000]  bio_iov_iter_get_pages+0x106/0x5a0
[  887.467873][T26000]  iomap_dio_bio_actor+0x5e8/0x970
[  887.473930][T26000]  iomap_dio_actor+0x83/0x390
[  887.478652][T26000]  iomap_apply+0x1e6/0x660
[  887.483182][T26000]  ? iomap_dio_bio_actor+0x970/0x970
[  887.488642][T26000]  iomap_dio_rw+0x67e/0x9a0
[  887.493159][T26000]  ? iomap_dio_bio_actor+0x970/0x970
[  887.498577][T26000]  ? ext4_file_read_iter+0x2b4/0x360
[  887.504031][T26000]  ext4_file_read_iter+0x2b4/0x360
[  887.509173][T26000]  generic_file_splice_read+0x2df/0x470
[  887.514863][T26000]  ? add_to_pipe+0x1b0/0x1b0
[  887.519481][T26000]  do_splice_to+0xc7/0x100
[  887.523937][T26000]  splice_direct_to_actor+0x1b9/0x540
[  887.529349][T26000]  ? generic_pipe_buf_nosteal+0x20/0x20
[  887.534931][T26000]  do_splice_direct+0x152/0x1d0
[  887.540064][T26000]  do_sendfile+0x396/0x810
[  887.544569][T26000]  __x64_sys_sendfile64+0x121/0x140
[  887.549804][T26000]  do_syscall_64+0xc7/0x390
[  887.554411][T26000]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  887.560408][T26000] RIP: 0033:0x45c479
[  887.564323][T26000] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  887.583940][T26000] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  887.592465][T26000] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  887.600446][T26000] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
04:47:37 executing program 0:
socket$rds(0x15, 0x5, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000000)='dummy0\x00')
syz_mount_image$ext4(&(0x7f00000001c0)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="73623d3478303030303fc27eb6aeadaf3030303030303030303030302c008ba87176767e984f95687da788ee671a101da75b4cf485fefbbb4ccb3703be278b198a4814558af13983bfe9c743417da2f2b7f6899ecf4eb060358670dd64493b74cca32268deb5828fa2a119c6fd69ab24e2ed37fda42bc914e69b0fe9f5034bb81903a2be05d19a7c2d1d3abc871c86d7ccb2cff3e0d3c8108fd908f39d1f0c999fceaab0680fbfa90195e6cedf639c19e1454ca41c85e795136802bc02b4bb4ae48f35e33f087b617800"])

04:47:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
r5 = eventfd2(0x8001, 0x800)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
r8 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
fcntl$setstatus(r8, 0x4, 0x98428d57a99b5f44)
io_setup(0xd, &(0x7f0000000100)=<r9=>0x0)
io_submit(r9, 0x200002f1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r8, &(0x7f0000000000), 0x377140be6b5ef4c7}])
r10 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r10, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r11 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r11, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r11, &(0x7f0000000080)={0xa, 0x4e23, 0xffffffff, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r11, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r12 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r12, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r12, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r12, 0x84, 0x72, &(0x7f0000000800), 0xc)
r13 = io_uring_setup(0xfd2, &(0x7f0000000580)={0x0, 0x0, 0x9, 0x3, 0x3c3})
r14 = syz_init_net_socket$nl_rdma(0xffffffffffffffff, 0x3, 0x14)
r15 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r15)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r16, 0x200004)
sendfile(r15, r16, 0x0, 0x80001d00c0d0)
io_submit(r9, 0x6, &(0x7f00000007c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x1, r7, &(0x7f0000000140)="453e69187ec2a6ea9bfd7f52e2e0929cc231b324192ef6fd32d19af805530781d763970f809d588c3f732a49f66629a980f0abc255f50128cee2c7ef0d5ae4c8ec4e70ebc65afa92d2a9bc15dbfca88a0b441bc197c5dbb4d0325b54e6623ab1544c383f78692ee300295760c6f2d87c0310c8171f628f68b9138fe6e2f009c4304ff92aa0b93a3ca67c26c958247d70f2c441b547de9c369f444b58f906a18c9775579f630d3df4d78f588ea1e05476f23f604388bc9095497ae430ecfa5b74fff753df7892f6eec509f027f86f63b4f504b7c386", 0xd5, 0x10001, 0x0, 0x1, r5}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0xa52fcdcb644e0327, 0x7, r10, &(0x7f0000000280)="a5e7c26d89a543dbb24686cfaed5461f18e14437b2f8bfe8f4a17cc047784ea639efcc547526669be6729e6cc3cdc26e23af8338bf7e6be8de44c9f3d1f3549be5", 0x41, 0x80000000, 0x0, 0x3}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x6, 0x3ff, r11, &(0x7f0000000340)="659a18e8c1786ed43c28358ccc4697dc085ce18dd4cfdcf2a7c4d353ca6a7e3d2ccaf63332d08ae4a60b3feedb8b0f186751df5485d784d6f33340c1158022f845baa4f34a336b437f7eaf5bae1285a015a8aa27b9e5b4ec398f10ec825ff9580ac79bc6adb681059fb8c6ac6fc8e182f75cbd588368f00e1c91cc3d3d5ce880ea5117a4aa1fbc03ff128b4fbb85941958514908d49fab9677db59f3ebd40d6802bcc6f0924676fcf5d0c607af0d", 0xae, 0x7f, 0x0, 0x3}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0xe51, r12, &(0x7f0000000440)="4b99a2d6c3f607c4f7ae0b44db89ca02883d3e171c3eaf1ce24b989ecb1a0822f0ae54967b2718572c714847ca9a56e4d410636e1d56dca3d54ea8bb9942235fd4ab932505993d52ae06511c8513191912fbb3aceafa72616afca68ef8a10b557274e16fb7a8b58768fda6c49a3dcd80b85a97d66ce3a3fc1995168798b895818bf6236334b1b76ffc7cc2aa17d9a9dc8c9eef3990c2b0a201a9978639705f8919ab4eea6bb1c1f77cb69a2ab6a6d592013119a72e9703f41a15770743847f04e74988608fff488d28e19164f4d03fdd7c34f75129bfb746471e7d29af34a1e63f308af998eb49879ecae46b389c61612dde1f401d84c72fda8c4c77145af6", 0xff, 0x0, 0x0, 0x2}, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x6, 0x1cd, r13, &(0x7f0000000600)="303eee94acf90b630317a954195ff5a760b9a9c38381469e7236620661c690c45cd3dc9604e292c2fa0aca6266940601977e9f9cfa70fba1f65fe04a85f754acfa99a4bd2f6b1274efc72d4f26ea567b4f751c7a8f59bc3282da5f1c8c0468f3fba9ccab4e7e757d8beec300b0742136c72ff0e940017259dce95f2857e26f0c636945fa69689862cb721bddd6bca6756e2b1844931f8a2e50468ce17cbd8686552f8c18a5deae2d72ab6b24762d8f0b45c0b7fc4498005c963c09f7de2309b15965", 0xc2, 0x3f, 0x0, 0x2}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x3, 0x8, r14, &(0x7f0000000740)="de7fb29c5a06b167a6ee043212b31ea4173e855d030891fc624fb14b2bdd56fd6c5868b4085e0a10a1fb73a01d7e053fe03f1e7434cffd9be5ebb81ef8e2bb1e", 0x40, 0xe0, 0x0, 0x1, r16}])
close(r7)
r17 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r17, 0x200004)
sendfile(r7, r17, 0x0, 0x80001d00c0d0)
r18 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r18, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r18, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r18, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
close(r2)
r19 = open(&(0x7f00000000c0)='./bus\x00', 0x26fbfee29324067e, 0xa8)
sendfile(r4, r19, 0x0, 0x80001d00c0d1)

[  887.608555][T26000] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  887.616535][T26000] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  887.624881][T26000] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000c
04:47:37 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = getpid()
sched_setscheduler(r4, 0x5, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x88}, r4, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x80440, 0x0)
sendfile(r0, r1, 0x0, 0x20008)

04:47:38 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x21000)

[  887.832317][T26017] EXT4-fs: Invalid sb specification: sb=4x0000?Â~¶®­¯000000000000,,errors=continue
[  887.914083][T26017] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
04:47:38 executing program 2 (fault-call:9 fault-nth:13):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  888.124014][   T27] kauditd_printk_skb: 56 callbacks suppressed
[  888.124035][   T27] audit: type=1804 audit(1583210858.394:8947): pid=26034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/581/bus" dev="sda1" ino=16977 res=1
[  888.159543][   T27] audit: type=1800 audit(1583210858.394:8948): pid=26034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=16977 res=0
[  888.181020][   T27] audit: type=1804 audit(1583210858.394:8949): pid=26034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/581/bus" dev="sda1" ino=16977 res=1
[  888.193406][T26035] FAULT_INJECTION: forcing a failure.
[  888.193406][T26035] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  888.226452][T26035] CPU: 1 PID: 26035 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  888.235154][T26035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  888.245695][T26035] Call Trace:
[  888.249005][T26035]  dump_stack+0x11d/0x187
[  888.253355][T26035]  should_fail.cold+0x5/0xf
[  888.257868][T26035]  __alloc_pages_nodemask+0xcf/0x310
[  888.263222][T26035]  alloc_pages_current+0xca/0x170
[  888.268269][T26035]  push_pipe+0x18b/0x340
[  888.272622][T26035]  ? __radix_tree_lookup+0x18d/0x1c0
[  888.277942][T26035]  iov_iter_get_pages+0x49d/0x8cc
[  888.283072][T26035]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  888.289052][T26035]  bio_iov_iter_get_pages+0x106/0x5a0
[  888.294530][T26035]  iomap_dio_bio_actor+0x5e8/0x970
[  888.300303][T26035]  iomap_dio_actor+0x83/0x390
[  888.304976][T26035]  iomap_apply+0x1e6/0x660
[  888.309381][T26035]  ? iomap_dio_bio_actor+0x970/0x970
[  888.314826][T26035]  iomap_dio_rw+0x67e/0x9a0
[  888.319364][T26035]  ? iomap_dio_bio_actor+0x970/0x970
[  888.324693][T26035]  ? ext4_file_read_iter+0x2b4/0x360
[  888.330337][T26035]  ext4_file_read_iter+0x2b4/0x360
[  888.335483][T26035]  generic_file_splice_read+0x2df/0x470
[  888.341165][T26035]  ? add_to_pipe+0x1b0/0x1b0
[  888.345790][T26035]  do_splice_to+0xc7/0x100
[  888.350227][T26035]  splice_direct_to_actor+0x1b9/0x540
[  888.355657][T26035]  ? generic_pipe_buf_nosteal+0x20/0x20
[  888.361314][T26035]  do_splice_direct+0x152/0x1d0
[  888.366344][T26035]  do_sendfile+0x396/0x810
[  888.371011][T26035]  __x64_sys_sendfile64+0x121/0x140
[  888.376276][T26035]  do_syscall_64+0xc7/0x390
[  888.380799][T26035]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  888.386708][T26035] RIP: 0033:0x45c479
[  888.390905][T26035] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  888.410653][T26035] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  888.419069][T26035] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  888.427210][T26035] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  888.435312][T26035] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  888.443292][T26035] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  888.451755][T26035] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000d
[  888.519398][   T27] audit: type=1800 audit(1583210858.784:8950): pid=26011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=16721 res=0
04:47:38 executing program 0:
syz_read_part_table(0x0, 0x1, &(0x7f0000000100)=[{&(0x7f0000000040)="76e94f7d0201a6ffffff00090000ff070000800100000000000000cb5bffffff", 0x20, 0x1c0}])
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
r2 = accept$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000080)=0x10)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f00000000c0)=0x800, 0x4)

[  888.667350][   T27] audit: type=1804 audit(1583210858.934:8951): pid=26029 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/581/bus" dev="sda1" ino=16769 res=1
[  888.828815][   T27] audit: type=1800 audit(1583210858.934:8952): pid=26029 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16769 res=0
[  888.868994][T26044] Dev loop0: unable to read RDB block 1
[  888.877640][   T27] audit: type=1804 audit(1583210858.944:8953): pid=26038 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/581/bus" dev="sda1" ino=16769 res=1
[  888.913262][   T27] audit: type=1804 audit(1583210859.124:8954): pid=26020 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/648/bus" dev="sda1" ino=16727 res=1
[  888.914954][T26044]  loop0: unable to read partition table
[  888.989912][T26044] loop0: partition table beyond EOD, truncated
[  888.996455][T26044] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[  889.245383][   T27] audit: type=1800 audit(1583210859.514:8955): pid=26050 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=16978 res=0
[  889.266508][T26044] Dev loop0: unable to read RDB block 1
[  889.272108][T26044]  loop0: unable to read partition table
[  889.277743][T26044] loop0: partition table beyond EOD, truncated
[  889.283961][T26044] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
04:47:39 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x5d, r1, 0x0, 0x0)

04:47:39 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2ffe0)

04:47:39 executing program 2 (fault-call:9 fault-nth:14):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x5, 0x48000)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r1, 0x111, 0x4, 0x1, 0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x13f, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20)
close(r2)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x12b)
ftruncate(r4, 0x200004)
sendfile(r2, r4, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)

04:47:39 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r4, 0x111, 0x4, 0x0, 0x4)
r5 = accept4$unix(r4, &(0x7f0000000440), &(0x7f00000004c0)=0x6e, 0x0)
setsockopt$inet_dccp_buf(r1, 0x21, 0xc, &(0x7f0000000540)="79224a17a79d83026c902897f1fcb51a20270c22dc828be7e87b3127ace5093ad49188a35b006ed01ff4ee67232c513be2d085444d335e3759fd4d6014fdc492cfbc42c2b33ce60d7b7eb5a58b2f0964e65631f1cdacd1325e37", 0x5a)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000500)='veth0_to_hsr\x00', 0x10)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)
syz_mount_image$ceph(&(0x7f0000000200)='ceph\x00', &(0x7f0000000240)='./bus\x00', 0xfff, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000280)="3a9de102681e4f793b4e79507b18bf5949ac7ed172b04d5c7c6233903a23249a18b73f32bfc5cb7147d689c677be2667eecb1bd75dff6aa05b6ecada35ce554425a5217d9f89a9fc75ab2138866c43472646db7894131861bc90a2340db24d3a7a740ca25519f3226c4e0062ba15f8f6d8d4f788f82c3a660f4f47514e40e49ae6f91ea690a8e77fac4f5f668789453f61c397847679983e83f60d28b346fea1b951d5002b198e1fedcbc7779274359be82225a28ec7d32185458acb47f7e26fe59351ad62d9b180ec176021ca348146b11094e59391d77eca48913820bca54ae7c78e9574db", 0xe6, 0x404000000000}, {&(0x7f0000000380)="77c52b", 0x3, 0xfffffffffffffffc}], 0x2, &(0x7f0000000400)='%eth0/\x00')
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000001, 0x2, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0xfff9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snapshot\x00', 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r13}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r13}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000600)={@ipv4={[], [], @multicast1}, r13}, 0x14)
sendfile(r0, r1, 0x0, 0x20008)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000000c0)={0x6, 'batadv0\x00', {0x7}, 0x800})
ioctl$sock_SIOCSIFBR(r6, 0x8941, &(0x7f0000000180)=@get={0x1, &(0x7f0000000140)=""/60, 0x1ff})

[  889.350771][   T27] audit: type=1804 audit(1583210859.624:8956): pid=26061 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/649/bus" dev="sda1" ino=16726 res=1
04:47:39 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x8, 0x0)

04:47:39 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000000000000000000000000c1030000030000001004000000000000000000003002000030020000000000004003000040030000400300004003000040030000030000000000000000000000fe8000000000000000000000000000bbfe80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006970366772657461703000000000000076657468315f746f5f687372000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c80130020000000000000000000000000000000000000000000000009000737268000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000ffffffffffff00000000000000000000000000000001ff010000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000186100000000000090007372680000000000000000000000000000000000000000000000000000010000000000000000fe8000000000000000000000000000bb0000000000000000000000000000000100000000000000000000ffffac1414aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000068004354000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000073797a30000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800100100000000000000000000000000000000000000000000000068004354000000000000000000000000000000000000000000000000000000020000000000000000000000006e657462696f732d6e7300000000000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x470)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x5}}, 0x4004041)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r7}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0xfffffffffffffd76, &(0x7f0000000580)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x8, 0x0, 0x0, r7}, [@IFA_ADDRESS={0x0, 0x1, @broadcast}]}, 0x20}}, 0x0)
r8 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r9=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r9)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000480)={{{@in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x33}, 0x4e22, 0x7, 0x4e22, 0x7f, 0x2, 0x20, 0x0, 0x0, r7, r9}, {0x26e4, 0x2, 0x0, 0x101, 0x25, 0x7, 0x5, 0x990}, {0x3, 0x6, 0x29c, 0x484}, 0xfff, 0x6e6bb6, 0x0, 0x0, 0x1, 0x2}, {{@in6=@loopback, 0x4d6, 0x2b}, 0xa, @in6=@dev={0xfe, 0x80, [], 0x36}, 0x3506, 0x2, 0x3, 0x9a, 0x5cd2cda7, 0x4, 0x4b}}, 0xe8)

04:47:39 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xe, 0x0)

[  889.604672][T26081] ceph: No path or : separator in source
[  889.608504][T26079] FAULT_INJECTION: forcing a failure.
[  889.608504][T26079] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  889.639692][T26079] CPU: 0 PID: 26079 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  889.648487][T26079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  889.658545][T26079] Call Trace:
[  889.662209][T26079]  dump_stack+0x11d/0x187
[  889.666634][T26079]  should_fail.cold+0x5/0xf
[  889.671169][T26079]  __alloc_pages_nodemask+0xcf/0x310
[  889.676696][T26079]  alloc_pages_current+0xca/0x170
[  889.681759][T26079]  push_pipe+0x18b/0x340
[  889.684256][T26091] ip6t_srh: unknown srh match flags  6118
[  889.686030][T26079]  ? __radix_tree_lookup+0x18d/0x1c0
[  889.686056][T26079]  iov_iter_get_pages+0x49d/0x8cc
[  889.686155][T26079]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  889.686182][T26079]  bio_iov_iter_get_pages+0x106/0x5a0
[  889.708164][T26079]  iomap_dio_bio_actor+0x5e8/0x970
[  889.708199][T26079]  iomap_dio_actor+0x83/0x390
[  889.708232][T26079]  iomap_apply+0x1e6/0x660
[  889.708260][T26079]  ? iomap_dio_bio_actor+0x970/0x970
[  889.733488][T26079]  iomap_dio_rw+0x67e/0x9a0
[  889.734113][T26091] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  889.738076][T26079]  ? iomap_dio_bio_actor+0x970/0x970
[  889.738197][T26079]  ? ext4_file_read_iter+0x2b4/0x360
[  889.738215][T26079]  ext4_file_read_iter+0x2b4/0x360
[  889.738246][T26079]  generic_file_splice_read+0x2df/0x470
[  889.768748][T26079]  ? add_to_pipe+0x1b0/0x1b0
[  889.768770][T26079]  do_splice_to+0xc7/0x100
[  889.768802][T26079]  splice_direct_to_actor+0x1b9/0x540
[  889.768827][T26079]  ? generic_pipe_buf_nosteal+0x20/0x20
[  889.768850][T26079]  do_splice_direct+0x152/0x1d0
[  889.768911][T26079]  do_sendfile+0x396/0x810
[  889.798801][T26079]  __x64_sys_sendfile64+0x121/0x140
[  889.804036][T26079]  do_syscall_64+0xc7/0x390
[  889.808660][T26079]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  889.814582][T26079] RIP: 0033:0x45c479
[  889.818575][T26079] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  889.838631][T26079] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  889.847253][T26079] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  889.855453][T26079] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  889.858322][T26095] ip6t_srh: unknown srh match flags  6118
[  889.863445][T26079] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  889.863455][T26079] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  889.863465][T26079] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000e
04:47:40 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x7e, 0x0)

[  889.970656][T26095] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
04:47:40 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x2fff0)

04:47:40 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
arch_prctl$ARCH_GET_CPUID(0x1011)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x42041}, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xf03c25758f0eb0a5, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7d}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}]}, 0x38}}, 0x0)

04:47:40 executing program 2 (fault-call:9 fault-nth:15):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
close(0xffffffffffffffff)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(0xffffffffffffffff, r4, 0x0, 0x80001d00c0d0)
getsockopt$inet6_tcp_buf(r4, 0x6, 0xe, &(0x7f0000000040)=""/195, &(0x7f0000000140)=0xc3)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r5 = openat(r4, &(0x7f0000000180)='./bus\x00', 0xc4000, 0x1)
setsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, &(0x7f00000001c0)={0xff, 0xfa}, 0x2)
socket$inet6(0xa, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = socket$inet6(0xa, 0x1, 0x0)
close(r7)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
ioctl$KVM_GET_DEBUGREGS(r9, 0x8080aea1, &(0x7f0000000280))
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(0xffffffffffffffff, r10, 0x0, 0x80001d00c0d0)
ioctl$HDIO_GETGEO(r10, 0x301, &(0x7f0000000200))
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r6, r11, 0x0, 0x80001d00c0d1)

04:47:40 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xe00, 0x0)

[  890.325533][T26081] ceph: No path or : separator in source
04:47:40 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x2000, 0x0)

04:47:40 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x4000, 0x0)

[  890.512760][T26139] FAULT_INJECTION: forcing a failure.
[  890.512760][T26139] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  890.549986][T26139] CPU: 0 PID: 26139 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  890.558731][T26139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  890.569050][T26139] Call Trace:
[  890.572445][T26139]  dump_stack+0x11d/0x187
[  890.576803][T26139]  should_fail.cold+0x5/0xf
[  890.581496][T26139]  __alloc_pages_nodemask+0xcf/0x310
[  890.586938][T26139]  alloc_pages_current+0xca/0x170
[  890.591990][T26139]  push_pipe+0x18b/0x340
[  890.596260][T26139]  ? __radix_tree_lookup+0x18d/0x1c0
[  890.601670][T26139]  iov_iter_get_pages+0x49d/0x8cc
[  890.606814][T26139]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  890.612885][T26139]  bio_iov_iter_get_pages+0x106/0x5a0
[  890.618530][T26139]  iomap_dio_bio_actor+0x5e8/0x970
[  890.623868][T26139]  iomap_dio_actor+0x83/0x390
[  890.628648][T26139]  iomap_apply+0x1e6/0x660
[  890.633087][T26139]  ? iomap_dio_bio_actor+0x970/0x970
[  890.638417][T26139]  iomap_dio_rw+0x67e/0x9a0
[  890.642936][T26139]  ? iomap_dio_bio_actor+0x970/0x970
[  890.648524][T26139]  ? ext4_file_read_iter+0x2b4/0x360
[  890.654414][T26139]  ext4_file_read_iter+0x2b4/0x360
[  890.660872][T26139]  generic_file_splice_read+0x2df/0x470
[  890.666460][T26139]  ? add_to_pipe+0x1b0/0x1b0
[  890.671071][T26139]  do_splice_to+0xc7/0x100
[  890.675506][T26139]  splice_direct_to_actor+0x1b9/0x540
[  890.680996][T26139]  ? generic_pipe_buf_nosteal+0x20/0x20
[  890.686635][T26139]  do_splice_direct+0x152/0x1d0
[  890.691524][T26139]  do_sendfile+0x396/0x810
[  890.695955][T26139]  __x64_sys_sendfile64+0x121/0x140
[  890.701160][T26139]  do_syscall_64+0xc7/0x390
[  890.705705][T26139]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  890.711626][T26139] RIP: 0033:0x45c479
[  890.717264][T26139] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  890.737218][T26139] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  890.745736][T26139] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  890.754070][T26139] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  890.762164][T26139] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  890.771571][T26139] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  890.779853][T26139] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000000000f
04:47:41 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000140)={0x1f, 0x1b, &(0x7f00000000c0)="4e8459b552ce7013f1b36a35fb26dde9b7fd5cbcbe9457e92cc289"})
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:41 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540)='/dev/hwrng\x00', 0x40640, 0x0)
accept$inet6(r9, &(0x7f0000000500)={0xa, 0x0, 0x0, @empty}, &(0x7f00000004c0))
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000180)={0x6, 0x3, 0x4, 0x20000000, 0x2, {}, {0x3, 0xc, 0x7f, 0x1, 0x5, 0x1, "1c6cbd8d"}, 0x5, 0x1, @fd=r1, 0x50cc6f30, 0x0, <r10=>r4})
ioctl$FS_IOC_FIEMAP(r10, 0xc020660b, &(0x7f0000000280)={0x200, 0x6, 0x2, 0x7fff, 0x7, [{0x9, 0x3ff, 0x7f, [], 0x208a}, {0x3, 0x1ff, 0xffffffff, [], 0x1704}, {0xfffffffffffffffc, 0x9, 0x0, [], 0xdee3f06e58b7a51b}, {0x7, 0x5, 0xffffffff80000000, [], 0x380}, {0x5, 0x0, 0x1, [], 0x200}, {0x3, 0xbb02, 0x5, [], 0x102}, {0x2, 0xffffffffffffff00, 0x8, [], 0x1800}]})
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/95)
syz_mount_image$gfs2(&(0x7f0000000040)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7c780ced29a1a4ea1404a2ac8ff8ca5b96906cc9acf8fa0d299a2c7a045654bf64ce0a14156a861ebe5ddf76964c037486b044fab8485432ffc03df8640600000094d153838380d2a85567dddee43df247f66f227cf16f5718dee9a7fc8725d81b52c8692e632e73729c2ebf98da9983639e1625e694f2bd0c"])

04:47:41 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x7e00, 0x0)

04:47:41 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x200000, 0x0)

04:47:41 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x200004)

04:47:41 executing program 2 (fault-call:9 fault-nth:16):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:41 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x1000000, 0x0)

04:47:41 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x8000000, 0x0)

[  891.510529][T26178] gfs2: Unknown parameter '|xí)¡¤ê¢¬�øÊ[–�lɬøú
)š'
04:47:41 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x200, 0x0)
getsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f00000003c0), &(0x7f0000000400)=0x4)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)

[  891.594449][T26192] FAULT_INJECTION: forcing a failure.
[  891.594449][T26192] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  891.650043][T26192] CPU: 0 PID: 26192 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  891.658933][T26192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  891.668995][T26192] Call Trace:
[  891.672318][T26192]  dump_stack+0x11d/0x187
[  891.676691][T26192]  should_fail.cold+0x5/0xf
[  891.681384][T26192]  __alloc_pages_nodemask+0xcf/0x310
[  891.686701][T26192]  alloc_pages_current+0xca/0x170
[  891.693359][T26192]  push_pipe+0x18b/0x340
[  891.697923][T26192]  ? __radix_tree_lookup+0x18d/0x1c0
[  891.703257][T26192]  iov_iter_get_pages+0x49d/0x8cc
[  891.708319][T26192]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  891.714248][T26192]  bio_iov_iter_get_pages+0x106/0x5a0
[  891.719654][T26192]  iomap_dio_bio_actor+0x5e8/0x970
[  891.724914][T26192]  iomap_dio_actor+0x83/0x390
[  891.729650][T26192]  iomap_apply+0x1e6/0x660
[  891.735216][T26192]  ? iomap_dio_bio_actor+0x970/0x970
[  891.740728][T26192]  iomap_dio_rw+0x67e/0x9a0
[  891.745259][T26192]  ? iomap_dio_bio_actor+0x970/0x970
[  891.750642][T26192]  ? ext4_file_read_iter+0x2b4/0x360
[  891.755943][T26192]  ext4_file_read_iter+0x2b4/0x360
[  891.761083][T26192]  generic_file_splice_read+0x2df/0x470
[  891.767076][T26192]  ? add_to_pipe+0x1b0/0x1b0
[  891.771777][T26192]  do_splice_to+0xc7/0x100
[  891.776352][T26192]  splice_direct_to_actor+0x1b9/0x540
[  891.781756][T26192]  ? generic_pipe_buf_nosteal+0x20/0x20
[  891.787856][T26192]  do_splice_direct+0x152/0x1d0
[  891.792744][T26192]  do_sendfile+0x396/0x810
[  891.797373][T26192]  __x64_sys_sendfile64+0x121/0x140
[  891.802838][T26192]  do_syscall_64+0xc7/0x390
[  891.807364][T26192]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  891.813386][T26192] RIP: 0033:0x45c479
[  891.817402][T26192] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  891.839036][T26192] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
04:47:42 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xe000000, 0x0)

[  891.847498][T26192] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  891.855618][T26192] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  891.863755][T26192] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  891.871746][T26192] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  891.880116][T26192] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000010
04:47:42 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0xffffffff000)

04:47:42 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x40000000, 0x0)

04:47:42 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x80)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
close(r3)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x6a84)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r8, r9, 0x0, 0x80001d00c0d0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r9, 0xc0502100, &(0x7f0000000200))
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000140)={0x80000000, 0x2, 0x2, "3885fc5dee1602652f30df8a9e751d185e0af8c6567b8121d072da44a8dc0f77", 0x42474752})
ftruncate(r5, 0x200004)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r10)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r10, r11, 0x0, 0x80001d00c0d0)
ioctl$TIOCNOTTY(r11, 0x5422)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
r12 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r12, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:42 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r8, 0x200004)
sendfile(r7, r8, 0x0, 0x80001d00c0d0)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540)='/dev/hwrng\x00', 0x40640, 0x0)
accept$inet6(r9, &(0x7f0000000500)={0xa, 0x0, 0x0, @empty}, &(0x7f00000004c0))
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000180)={0x6, 0x3, 0x4, 0x20000000, 0x2, {}, {0x3, 0xc, 0x7f, 0x1, 0x5, 0x1, "1c6cbd8d"}, 0x5, 0x1, @fd=r1, 0x50cc6f30, 0x0, <r10=>r4})
ioctl$FS_IOC_FIEMAP(r10, 0xc020660b, &(0x7f0000000280)={0x200, 0x6, 0x2, 0x7fff, 0x7, [{0x9, 0x3ff, 0x7f, [], 0x208a}, {0x3, 0x1ff, 0xffffffff, [], 0x1704}, {0xfffffffffffffffc, 0x9, 0x0, [], 0xdee3f06e58b7a51b}, {0x7, 0x5, 0xffffffff80000000, [], 0x380}, {0x5, 0x0, 0x1, [], 0x200}, {0x3, 0xbb02, 0x5, [], 0x102}, {0x2, 0xffffffffffffff00, 0x8, [], 0x1800}]})
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/95)
syz_mount_image$gfs2(&(0x7f0000000040)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7c780ced29a1a4ea1404a2ac8ff8ca5b96906cc9acf8fa0d299a2c7a045654bf64ce0a14156a861ebe5ddf76964c037486b044fab8485432ffc03df8640600000094d153838380d2a85567dddee43df247f66f227cf16f5718dee9a7fc8725d81b52c8692e632e73729c2ebf98da9983639e1625e694f2bd0c"])

04:47:42 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x7e000000, 0x0)

04:47:42 executing program 2 (fault-call:9 fault-nth:17):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:42 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xfeffffff, 0x0)

04:47:42 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
setsockopt$netrom_NETROM_T2(r6, 0x103, 0x2, &(0x7f0000000040), 0x4)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r7, 0x0, 0x80001d00c0d1)

04:47:42 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
r6 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x5, 0x248000)
fremovexattr(r6, &(0x7f0000000180)=@known='trusted.overlay.redirect\x00')
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f00000000c0)={0x1})
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:43 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xfffffffe, 0x0)

04:47:43 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
close(r1)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  892.797977][T26249] FAULT_INJECTION: forcing a failure.
[  892.797977][T26249] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  892.921163][T26249] CPU: 0 PID: 26249 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  892.929978][T26249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  892.940336][T26249] Call Trace:
[  892.943654][T26249]  dump_stack+0x11d/0x187
[  892.948028][T26249]  should_fail.cold+0x5/0xf
[  892.952709][T26249]  __alloc_pages_nodemask+0xcf/0x310
[  892.958089][T26249]  alloc_pages_current+0xca/0x170
[  892.963178][T26249]  push_pipe+0x18b/0x340
[  892.967565][T26249]  iov_iter_get_pages+0x49d/0x8cc
[  892.972629][T26249]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  892.978569][T26249]  bio_iov_iter_get_pages+0x106/0x5a0
[  892.984082][T26249]  iomap_dio_bio_actor+0x5e8/0x970
[  892.989244][T26249]  iomap_dio_actor+0x83/0x390
[  892.994042][T26249]  iomap_apply+0x1e6/0x660
[  892.998626][T26249]  ? iomap_dio_bio_actor+0x970/0x970
[  893.004364][T26249]  iomap_dio_rw+0x67e/0x9a0
[  893.008883][T26249]  ? iomap_dio_bio_actor+0x970/0x970
[  893.014336][T26249]  ? ext4_file_read_iter+0x2b4/0x360
[  893.019653][T26249]  ext4_file_read_iter+0x2b4/0x360
[  893.024792][T26249]  generic_file_splice_read+0x2df/0x470
[  893.030365][T26249]  ? add_to_pipe+0x1b0/0x1b0
[  893.034988][T26249]  do_splice_to+0xc7/0x100
[  893.039573][T26249]  splice_direct_to_actor+0x1b9/0x540
[  893.045019][T26249]  ? generic_pipe_buf_nosteal+0x20/0x20
[  893.050588][T26249]  do_splice_direct+0x152/0x1d0
[  893.055490][T26249]  do_sendfile+0x396/0x810
[  893.061097][T26249]  __x64_sys_sendfile64+0x121/0x140
[  893.066341][T26249]  do_syscall_64+0xc7/0x390
[  893.070905][T26249]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  893.076816][T26249] RIP: 0033:0x45c479
[  893.080737][T26249] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  893.100652][T26249] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  893.109138][T26249] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
04:47:43 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x20000000000000, 0x0)

[  893.117125][T26249] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  893.125223][T26249] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  893.133331][T26249] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  893.141319][T26249] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000011
04:47:43 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x100000000000000, 0x0)

[  893.211916][   T27] kauditd_printk_skb: 61 callbacks suppressed
[  893.211936][   T27] audit: type=1804 audit(1583210863.484:9018): pid=26276 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/586/bus" dev="sda1" ino=16729 res=1
[  893.253555][   T27] audit: type=1800 audit(1583210863.504:9019): pid=26276 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=16729 res=0
[  893.308508][T26234] gfs2: Unknown parameter '|xí)¡¤ê¢¬�øÊ[–�lɬøú
)š'
04:47:43 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x800000000000000, 0x0)

[  893.373619][   T27] audit: type=1804 audit(1583210863.504:9020): pid=26262 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/652/bus" dev="sda1" ino=16577 res=1
04:47:43 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r5=>0xffffffffffffffff}}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000100)=0x1, r5, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r5, 0x9}}, 0x10)
sendfile(r0, r1, 0x0, 0x20008)

[  893.488142][   T27] audit: type=1800 audit(1583210863.504:9021): pid=26262 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16577 res=0
[  893.537928][   T27] audit: type=1804 audit(1583210863.504:9022): pid=26276 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir897152764/syzkaller.4OjoYb/586/bus" dev="sda1" ino=16729 res=1
[  893.642836][   T27] audit: type=1804 audit(1583210863.514:9023): pid=26268 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/652/bus" dev="sda1" ino=16577 res=1
04:47:43 executing program 2 (fault-call:9 fault-nth:18):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:43 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xe00000000000000, 0x0)

04:47:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
dup(r4)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
r6 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000)
ioctl$SOUND_MIXER_READ_RECMASK(r6, 0x80044dfd, &(0x7f0000000080))
close(r5)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r5, r7, 0x0, 0x80001d00c0d1)

04:47:44 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
r6 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x5, 0x248000)
fremovexattr(r6, &(0x7f0000000180)=@known='trusted.overlay.redirect\x00')
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f00000000c0)={0x1})
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  893.674132][   T27] audit: type=1804 audit(1583210863.844:9024): pid=26299 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/653/bus" dev="sda1" ino=16737 res=1
04:47:44 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x4000000000000000, 0x0)

[  893.810962][   T27] audit: type=1800 audit(1583210863.844:9025): pid=26299 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16737 res=0
[  893.843869][T26313] FAULT_INJECTION: forcing a failure.
[  893.843869][T26313] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  893.909260][   T27] audit: type=1804 audit(1583210863.844:9026): pid=26299 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/653/bus" dev="sda1" ino=16737 res=1
[  893.944647][T26313] CPU: 1 PID: 26313 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  893.953389][T26313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  893.963459][T26313] Call Trace:
[  893.966774][T26313]  dump_stack+0x11d/0x187
[  893.971244][T26313]  should_fail.cold+0x5/0xf
[  893.975793][T26313]  __alloc_pages_nodemask+0xcf/0x310
[  893.981112][T26313]  alloc_pages_current+0xca/0x170
[  893.986162][T26313]  push_pipe+0x18b/0x340
[  893.990482][T26313]  ? __radix_tree_lookup+0x18d/0x1c0
[  893.996113][T26313]  iov_iter_get_pages+0x49d/0x8cc
[  894.001852][T26313]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  894.007808][T26313]  bio_iov_iter_get_pages+0x106/0x5a0
[  894.013236][T26313]  iomap_dio_bio_actor+0x5e8/0x970
[  894.018400][T26313]  iomap_dio_actor+0x83/0x390
[  894.024191][T26313]  iomap_apply+0x1e6/0x660
[  894.028904][T26313]  ? iomap_dio_bio_actor+0x970/0x970
[  894.034244][T26313]  iomap_dio_rw+0x67e/0x9a0
[  894.038879][T26313]  ? iomap_dio_bio_actor+0x970/0x970
[  894.044223][T26313]  ? ext4_file_read_iter+0x2b4/0x360
[  894.049532][T26313]  ext4_file_read_iter+0x2b4/0x360
[  894.054683][T26313]  generic_file_splice_read+0x2df/0x470
[  894.060262][T26313]  ? add_to_pipe+0x1b0/0x1b0
[  894.064982][T26313]  do_splice_to+0xc7/0x100
[  894.069427][T26313]  splice_direct_to_actor+0x1b9/0x540
[  894.075095][T26313]  ? generic_pipe_buf_nosteal+0x20/0x20
[  894.080674][T26313]  do_splice_direct+0x152/0x1d0
[  894.085586][T26313]  do_sendfile+0x396/0x810
[  894.087905][   T27] audit: type=1804 audit(1583210864.044:9027): pid=26306 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/586/bus" dev="sda1" ino=17233 res=1
[  894.090036][T26313]  __x64_sys_sendfile64+0x121/0x140
[  894.090063][T26313]  do_syscall_64+0xc7/0x390
[  894.090094][T26313]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  894.130815][T26313] RIP: 0033:0x45c479
[  894.134872][T26313] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:47:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x804840, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000280)='./bus/file0\x00', 0x48400, 0x18)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-monitor\x00', 0x3, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
r10 = socket$inet6_sctp(0xa, 0x4, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @rand_addr="545e194b4b9dd01c354e907f26dd523c"}], 0x1c)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r10, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r10, 0x84, 0x20, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
close(r9)
r11 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r11, 0x200004)
sendfile(r9, r11, 0x0, 0x80001d00c0d0)
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000040)={0x0, r11})
sendfile(r4, r8, 0x0, 0x80001d00c0d1)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x18b200, 0x0)
r12 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r12)
r13 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r13, 0x200004)
sendfile(r12, r13, 0x0, 0x80001d00c0d0)
r14 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r14)
r15 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r15, 0x200004)
sendfile(r14, r15, 0x0, 0x80001d00c0d0)
r16 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r16)
r17 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r17, 0x200004)
sendfile(r16, r17, 0x0, 0x80001d00c0d0)
r18 = socket$inet6(0xa, 0x400000000001, 0x0)
r19 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r19, 0x200004)
sendfile(r18, r19, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_SET_MASTER(r19, 0x641e)

04:47:44 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x7e00000000000000, 0x0)

04:47:44 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r5)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d0)
ioctl$EVIOCGABS0(r6, 0x80184540, &(0x7f0000000200)=""/225)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  894.155138][T26313] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  894.163565][T26313] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  894.171641][T26313] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  894.179627][T26313] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  894.187698][T26313] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  894.195686][T26313] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000012
04:47:44 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x8000000000000000, 0x0)

04:47:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
ioctl$sock_TIOCOUTQ(r6, 0x5411, &(0x7f0000000040))
r7 = eventfd(0x9)
sendfile(r7, r4, 0x0, 0x4)
socket$inet6(0xa, 0x0, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0106401, &(0x7f00000000c0)={0x95, &(0x7f0000000140)=""/149})
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r8, r9, 0x0, 0x80001d00c0d1)

04:47:44 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xfeffffff00000000, 0x0)

04:47:44 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x50, 0x1405, 0x4, 0x70bd28, 0x25dfdbfe, "", [{{0x8, 0x1, 0x1}, {0x8, 0x3, 0x4}}, {{0x8, 0x1, 0x2}, {0x8, 0x3, 0x1}}, {{0x8, 0x1, 0x2}, {0x8, 0x3, 0x3}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x4}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x1c}, 0x4}], 0x1c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
dup(r2)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:44 executing program 2 (fault-call:9 fault-nth:19):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:45 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0xffffffff00000000, 0x0)

04:47:45 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
r6 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x5, 0x248000)
fremovexattr(r6, &(0x7f0000000180)=@known='trusted.overlay.redirect\x00')
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f00000000c0)={0x1})
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  894.914492][T26373] FAULT_INJECTION: forcing a failure.
[  894.914492][T26373] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  894.932415][T26373] CPU: 1 PID: 26373 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  894.941255][T26373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  894.951341][T26373] Call Trace:
[  894.954919][T26373]  dump_stack+0x11d/0x187
[  894.959571][T26373]  should_fail.cold+0x5/0xf
[  894.964113][T26373]  __alloc_pages_nodemask+0xcf/0x310
[  894.969431][T26373]  alloc_pages_current+0xca/0x170
[  894.974484][T26373]  push_pipe+0x18b/0x340
[  894.978762][T26373]  ? __radix_tree_lookup+0x18d/0x1c0
[  894.984182][T26373]  iov_iter_get_pages+0x49d/0x8cc
[  894.989238][T26373]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  894.995165][T26373]  bio_iov_iter_get_pages+0x106/0x5a0
[  895.000582][T26373]  iomap_dio_bio_actor+0x5e8/0x970
[  895.005868][T26373]  iomap_dio_actor+0x83/0x390
04:47:45 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r4=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r4)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000200)=<r5=>0x0)
r6 = getuid()
r7 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r8=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r8)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f0000000340)=0xe8)
r10 = getuid()
r11 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r11)
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r12, 0x200004)
sendfile(r11, r12, 0x0, 0x80001d00c0d0)
statx(r12, &(0x7f0000000380)='./bus\x00', 0xc00, 0x800, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
r14 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r14)
r15 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r15, 0x200004)
sendfile(r14, r15, 0x0, 0x80001d00c0d0)
statx(r15, &(0x7f00000004c0)='./bus\x00', 0x6000, 0x800, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r16=>0x0})
r17 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r17, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, <r18=>0x0}, &(0x7f0000b34ffc)=0xc)
setuid(r18)
r19 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r19, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r20=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r20}}]})
fstat(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, <r21=>0x0})
stat(&(0x7f0000000680)='./bus\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
r23 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r23, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r24=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r24}}]})
r25 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r26=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r26}}]})
r27 = socket(0xa, 0x80001, 0x0)
getsockopt$sock_cred(r27, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0, <r28=>0x0}, &(0x7f0000b34ffc)=0xc)
syz_mount_image$jfs(&(0x7f00000000c0)='jfs\x00', &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@gid={'gid', 0x3d, r28}}]})
r29 = getgid()
lsetxattr$system_posix_acl(&(0x7f0000000140)='./bus\x00', &(0x7f0000000180)='system.posix_acl_access\x00', &(0x7f0000000740)=ANY=[@ANYBLOB="02000000010001000000000000000000", @ANYRES32=r4, @ANYBLOB="02000300", @ANYRES32=r5, @ANYBLOB="02000200", @ANYRES32=r6, @ANYBLOB="02000200", @ANYRES32=r8, @ANYBLOB="02000700", @ANYRES32=r9, @ANYBLOB="02000200", @ANYRES32=r10, @ANYBLOB="02000600", @ANYRES32=r13, @ANYBLOB="02000200", @ANYRES32=r16, @ANYBLOB="02000400", @ANYRES32=r18, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="040000000000000008000000", @ANYRES32=r20, @ANYBLOB="08000100", @ANYRES32=r21, @ANYBLOB="08000100", @ANYRES32=r22, @ANYBLOB="08000400", @ANYRES32=r24, @ANYBLOB="08000100", @ANYRES32=r26, @ANYBLOB="08000500", @ANYRES32=r28, @ANYBLOB="08000600", @ANYRES32=r29, @ANYBLOB="10000200000000002000030000000000"], 0xac, 0x3)
r30 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r30, 0x200004)
ioctl$ASHMEM_GET_PROT_MASK(r30, 0x7706, &(0x7f00000000c0))
sendfile(r2, r30, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r31 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r31, 0x0, 0x0)
r32 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r32, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  895.010680][T26373]  iomap_apply+0x1e6/0x660
[  895.015818][T26373]  ? iomap_dio_bio_actor+0x970/0x970
[  895.021170][T26373]  iomap_dio_rw+0x67e/0x9a0
[  895.025711][T26373]  ? iomap_dio_bio_actor+0x970/0x970
[  895.031165][T26373]  ? ext4_file_read_iter+0x2b4/0x360
[  895.036563][T26373]  ext4_file_read_iter+0x2b4/0x360
[  895.041804][T26373]  generic_file_splice_read+0x2df/0x470
[  895.047380][T26373]  ? add_to_pipe+0x1b0/0x1b0
[  895.052218][T26373]  do_splice_to+0xc7/0x100
[  895.056796][T26373]  splice_direct_to_actor+0x1b9/0x540
[  895.062195][T26373]  ? generic_pipe_buf_nosteal+0x20/0x20
[  895.067768][T26373]  do_splice_direct+0x152/0x1d0
[  895.072656][T26373]  do_sendfile+0x396/0x810
[  895.077125][T26373]  __x64_sys_sendfile64+0x121/0x140
[  895.082474][T26373]  do_syscall_64+0xc7/0x390
[  895.087008][T26373]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  895.092919][T26373] RIP: 0033:0x45c479
04:47:45 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000007, 0x30, r4, 0x462b000)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r5 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r6, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  895.096891][T26373] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  895.116643][T26373] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  895.125248][T26373] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  895.133226][T26373] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  895.141362][T26373] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  895.149376][T26373] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  895.157483][T26373] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000013
04:47:45 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x8)

04:47:45 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0xe)

04:47:45 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

04:47:45 executing program 3:
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000300)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0xf697724e0e4a4379)
ftruncate(r3, 0x200004)
statfs(&(0x7f0000000240)='./bus\x00', &(0x7f0000000280)=""/76)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)
sendto$rose(0xffffffffffffffff, &(0x7f0000000100)="c1c80d7280b8e270f7e21e1e80ebde867c2bec2061389c80c794d26a3962bbfd729d3d3d0d9742c97179fdbe4262afa4bda06a2cba9744e4571261d220f2326d762e3313df5363b58867d77209007a55ac0c8ade5605aeb3e202d997c0b58066c85eb2a03e629530288a6bc88452866cbe79adbd6816ab412ff2e3d53c55d5ba51", 0x81, 0x20044010, &(0x7f0000000200)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, 0x2, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x40)

04:47:45 executing program 2 (fault-call:9 fault-nth:20):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:46 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r4 = open(0x0, 0x0, 0x0)
open_by_handle_at(r2, &(0x7f0000000140)={0x42, 0x2, "81e1985cc57b4770a199044f1f329eb1ab0dc5968b457fed8b562f9d7c5ba992c8a7f46f8c5c0ffc6125e1c56954850f12819d08bb41385b8796"}, 0x400000)
sendfile(0xffffffffffffffff, r4, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x81, @mcast1, 0x3}}, 0x2, 0x2, [{{0xa, 0x4e21, 0x1ff, @dev={0xfe, 0x80, [], 0x33}, 0x8}}, {{0xa, 0x4e20, 0x10000, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x5}}]}, 0x190)
close(r1)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r1, r4, 0x0, 0x80001d00c0d0)
ioctl$FS_IOC_SETFSLABEL(r4, 0x41009432, &(0x7f0000000280)="c1ec7b74347f13158131ef9c3be2fd3e8e6804b65009a63c5f7994efa749717eef0aa9b954e5a33edb4176d94e14bb0845e08b8f16d473380d247ee535af7621d7f6f3846fde6b4f5d787ae50f7e7f5dea6b39a4bad3cbe2e912a89e1a4893a19cdacf54c6fb2d86ab89ffba54a0e5f4b867cfcdf390e61cb8308dab2094d4ccad3d8dbcd7755c2979ba739d100fb45f04f451f55b0ab9a18bbc96a8b89074f9bd0cc200e6aadba3c2cb27a7278846c6de0a967faf3c7354ca42170018e6988bf6d93d20add88e2ffc4c4e847e3377ff12bdc29485f2f75a46e03d0e50554a7103974a1c251c9f03743db53bd697a06a0697947d642e0c608de81b32850a3914")
r5 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
lstat(&(0x7f0000000040)='./bus\x00', &(0x7f0000000380))
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r8 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r8)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r8, r9, 0x0, 0x80001d00c0d1)

04:47:46 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r4, 0x111, 0x4, 0x0, 0x4)
r5 = accept4$unix(r4, &(0x7f0000000440), &(0x7f00000004c0)=0x6e, 0x0)
setsockopt$inet_dccp_buf(r1, 0x21, 0xc, &(0x7f0000000540)="79224a17a79d83026c902897f1fcb51a20270c22dc828be7e87b3127ace5093ad49188a35b006ed01ff4ee67232c513be2d085444d335e3759fd4d6014fdc492cfbc42c2b33ce60d7b7eb5a58b2f0964e65631f1cdacd1325e37", 0x5a)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000500)='veth0_to_hsr\x00', 0x10)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)
syz_mount_image$ceph(&(0x7f0000000200)='ceph\x00', &(0x7f0000000240)='./bus\x00', 0xfff, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000280)="3a9de102681e4f793b4e79507b18bf5949ac7ed172b04d5c7c6233903a23249a18b73f32bfc5cb7147d689c677be2667eecb1bd75dff6aa05b6ecada35ce554425a5217d9f89a9fc75ab2138866c43472646db7894131861bc90a2340db24d3a7a740ca25519f3226c4e0062ba15f8f6d8d4f788f82c3a660f4f47514e40e49ae6f91ea690a8e77fac4f5f668789453f61c397847679983e83f60d28b346fea1b951d5002b198e1fedcbc7779274359be82225a28ec7d32185458acb47f7e26fe59351ad62d9b180ec176021ca348146b11094e59391d77eca48913820bca54ae7c78e9574db", 0xe6, 0x404000000000}, {&(0x7f0000000380)="77c52b", 0x3, 0xfffffffffffffffc}], 0x2, &(0x7f0000000400)='%eth0/\x00')
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000001, 0x2, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0xfff9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snapshot\x00', 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r13}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r13}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000600)={@ipv4={[], [], @multicast1}, r13}, 0x14)
sendfile(r0, r1, 0x0, 0x20008)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000000c0)={0x6, 'batadv0\x00', {0x7}, 0x800})
ioctl$sock_SIOCSIFBR(r6, 0x8941, &(0x7f0000000180)=@get={0x1, &(0x7f0000000140)=""/60, 0x1ff})

[  895.872978][T26419] FAULT_INJECTION: forcing a failure.
[  895.872978][T26419] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  895.908742][T26419] CPU: 1 PID: 26419 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  895.917544][T26419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  895.928168][T26419] Call Trace:
[  895.931476][T26419]  dump_stack+0x11d/0x187
[  895.935929][T26419]  should_fail.cold+0x5/0xf
[  895.940740][T26419]  __alloc_pages_nodemask+0xcf/0x310
[  895.946063][T26419]  alloc_pages_current+0xca/0x170
[  895.953799][T26419]  push_pipe+0x18b/0x340
[  895.958231][T26419]  ? __radix_tree_lookup+0x18d/0x1c0
[  895.964003][T26419]  iov_iter_get_pages+0x49d/0x8cc
[  895.969338][T26419]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  895.975359][T26419]  bio_iov_iter_get_pages+0x106/0x5a0
[  895.980853][T26419]  iomap_dio_bio_actor+0x5e8/0x970
[  895.985995][T26419]  iomap_dio_actor+0x83/0x390
[  895.990778][T26419]  iomap_apply+0x1e6/0x660
[  895.995234][T26419]  ? iomap_dio_bio_actor+0x970/0x970
[  896.000556][T26419]  iomap_dio_rw+0x67e/0x9a0
[  896.005285][T26419]  ? iomap_dio_bio_actor+0x970/0x970
[  896.010615][T26419]  ? ext4_file_read_iter+0x2b4/0x360
[  896.015941][T26419]  ext4_file_read_iter+0x2b4/0x360
[  896.021114][T26419]  generic_file_splice_read+0x2df/0x470
[  896.026689][T26419]  ? add_to_pipe+0x1b0/0x1b0
[  896.031305][T26419]  do_splice_to+0xc7/0x100
[  896.035837][T26419]  splice_direct_to_actor+0x1b9/0x540
[  896.041235][T26419]  ? generic_pipe_buf_nosteal+0x20/0x20
[  896.047106][T26419]  do_splice_direct+0x152/0x1d0
[  896.052016][T26419]  do_sendfile+0x396/0x810
[  896.056490][T26419]  __x64_sys_sendfile64+0x121/0x140
[  896.061718][T26419]  do_syscall_64+0xc7/0x390
[  896.066250][T26419]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
04:47:46 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x60)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
recvmmsg(r5, &(0x7f0000001cc0)=[{{&(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, <r6=>0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000001280)=[{&(0x7f0000000200)=""/67, 0x43}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/33, 0x21}], 0x3}, 0xfffffffb}, {{&(0x7f00000012c0)=@generic, 0x80, &(0x7f0000001400)=[{&(0x7f0000001340)=""/137, 0x89}], 0x1, &(0x7f0000001440)=""/138, 0x8a}, 0x7}, {{&(0x7f0000001500), 0x80, &(0x7f0000001800)=[{&(0x7f0000001580)=""/42, 0x2a}, {&(0x7f00000015c0)=""/236, 0xec}, {&(0x7f00000016c0)=""/16, 0x10}, {&(0x7f0000001700)=""/141, 0x8d}, {&(0x7f00000017c0)=""/20, 0x14}], 0x5}, 0x7fffffff}, {{&(0x7f0000001880)=@vsock={0x28, 0x0, 0x0, @host}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001900)=""/161, 0xa1}, {&(0x7f00000019c0)=""/70, 0x46}, {&(0x7f0000001a40)=""/179, 0xb3}, {&(0x7f0000001b00)=""/194, 0xc2}], 0x4, &(0x7f0000001c40)=""/120, 0x78}, 0x80000001}], 0x4, 0x40, &(0x7f0000001dc0)={0x0, 0x1c9c380})
r7 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000440)=@assoc_value={<r8=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=r8, @ANYBLOB="00000004"], 0x0)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000001e00)={<r9=>r8, 0xd7, "1ce16e99111aeaa019975efa74d59178afae876381af1fcfbbfd504bdf50409e3cbaa1f78c012d878322ff6dc33ee123f4f022ccf98d04e8953f62ba53962ab8645ad45a013b89ef92afbceb0a546f9229560b15578795c911eb01694f2e7371b19b6066ecd72b66eb7b24e1f9bf0193b4efc38486faf57f899ca8bab9f07a8e068f50913de63318c0a4001e2e8328d78e5df9a571901381af831584273e6df9c4e660c92c6a7f112469a81c5020779a682ae7361a0f9938b430c0d77f794f1e42e2b008dd9932d9f67df80ce94f61ef9a16918929b997"}, &(0x7f0000001f00)=0xdf)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r6, 0x84, 0x78, &(0x7f0000001f40)=r9, 0x4)
r10 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r10, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  896.072165][T26419] RIP: 0033:0x45c479
[  896.076170][T26419] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  896.096069][T26419] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  896.104495][T26419] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  896.112651][T26419] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  896.120733][T26419] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  896.129381][T26419] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  896.137686][T26419] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000014
[  896.200911][T26436] ceph: No path or : separator in source
04:47:46 executing program 2 (fault-call:9 fault-nth:21):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:46 executing program 1:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x800)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
fadvise64(r3, 0x40000000, 0x4, 0x2)
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f00000000c0))
r5 = open(&(0x7f0000000000)='./bus\x00', 0x761042, 0x4)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
close(0xffffffffffffffff)
r6 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r6, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  896.725379][T26452] FAULT_INJECTION: forcing a failure.
[  896.725379][T26452] name failslab, interval 1, probability 0, space 0, times 0
[  896.749057][T26452] CPU: 1 PID: 26452 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  896.757771][T26452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  896.767929][T26452] Call Trace:
[  896.771299][T26452]  dump_stack+0x11d/0x187
[  896.775843][T26452]  should_fail.cold+0x5/0xf
[  896.780668][T26452]  __should_failslab+0x82/0xb0
[  896.785471][T26452]  should_failslab+0x5/0xf
[  896.789904][T26452]  kmem_cache_alloc_node+0x35/0x680
[  896.795133][T26452]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  896.801443][T26452]  create_task_io_context+0x56/0x270
[  896.806763][T26452]  generic_make_request_checks+0xeed/0x1030
[  896.812707][T26452]  ? alloc_pages_current+0xd7/0x170
[  896.817934][T26452]  generic_make_request+0x3e/0x700
04:47:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r6 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x303000, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r6, 0x1, 0x53, &(0x7f0000000080)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f00000000c0)=0x2c)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r5, 0x8982, &(0x7f0000000100)={0x6, 'ip6_vti0\x00', {0x7}, 0x1})

[  896.823601][T26452]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  896.829526][T26452]  ? iov_iter_advance+0x21c/0x900
[  896.834581][T26452]  submit_bio+0x8f/0x3a0
[  896.838863][T26452]  ? bio_iov_iter_get_pages+0x450/0x5a0
[  896.844500][T26452]  iomap_dio_submit_bio.isra.0+0xf1/0x110
[  896.850241][T26452]  iomap_dio_bio_actor+0x412/0x970
[  896.855504][T26452]  iomap_dio_actor+0x83/0x390
[  896.860211][T26452]  iomap_apply+0x1e6/0x660
[  896.864636][T26452]  ? iomap_dio_bio_actor+0x970/0x970
[  896.869960][T26452]  iomap_dio_rw+0x67e/0x9a0
[  896.875253][T26452]  ? iomap_dio_bio_actor+0x970/0x970
[  896.875350][T26452]  ? ext4_file_read_iter+0x2b4/0x360
[  896.887509][T26452]  ext4_file_read_iter+0x2b4/0x360
[  896.892650][T26452]  generic_file_splice_read+0x2df/0x470
[  896.898239][T26452]  ? add_to_pipe+0x1b0/0x1b0
[  896.903981][T26452]  do_splice_to+0xc7/0x100
[  896.908445][T26452]  splice_direct_to_actor+0x1b9/0x540
[  896.913841][T26452]  ? generic_pipe_buf_nosteal+0x20/0x20
[  896.919420][T26452]  do_splice_direct+0x152/0x1d0
[  896.924291][T26452]  do_sendfile+0x396/0x810
[  896.928759][T26452]  __x64_sys_sendfile64+0x121/0x140
[  896.933994][T26452]  do_syscall_64+0xc7/0x390
[  896.938721][T26452]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  896.944632][T26452] RIP: 0033:0x45c479
[  896.948606][T26452] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  896.968324][T26452] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
04:47:47 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
fcntl$addseals(r2, 0x409, 0x9fd72b36328dcb54)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  896.976754][T26452] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
[  896.984746][T26452] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  896.992730][T26452] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  896.992746][T26452] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  896.992766][T26452] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000015
04:47:48 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x7e)

04:47:48 executing program 0:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r4, 0x111, 0x4, 0x0, 0x4)
r5 = accept4$unix(r4, &(0x7f0000000440), &(0x7f00000004c0)=0x6e, 0x0)
setsockopt$inet_dccp_buf(r1, 0x21, 0xc, &(0x7f0000000540)="79224a17a79d83026c902897f1fcb51a20270c22dc828be7e87b3127ace5093ad49188a35b006ed01ff4ee67232c513be2d085444d335e3759fd4d6014fdc492cfbc42c2b33ce60d7b7eb5a58b2f0964e65631f1cdacd1325e37", 0x5a)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000500)='veth0_to_hsr\x00', 0x10)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r2, r6, 0x0, 0x80001d00c0d0)
syz_mount_image$ceph(&(0x7f0000000200)='ceph\x00', &(0x7f0000000240)='./bus\x00', 0xfff, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000280)="3a9de102681e4f793b4e79507b18bf5949ac7ed172b04d5c7c6233903a23249a18b73f32bfc5cb7147d689c677be2667eecb1bd75dff6aa05b6ecada35ce554425a5217d9f89a9fc75ab2138866c43472646db7894131861bc90a2340db24d3a7a740ca25519f3226c4e0062ba15f8f6d8d4f788f82c3a660f4f47514e40e49ae6f91ea690a8e77fac4f5f668789453f61c397847679983e83f60d28b346fea1b951d5002b198e1fedcbc7779274359be82225a28ec7d32185458acb47f7e26fe59351ad62d9b180ec176021ca348146b11094e59391d77eca48913820bca54ae7c78e9574db", 0xe6, 0x404000000000}, {&(0x7f0000000380)="77c52b", 0x3, 0xfffffffffffffffc}], 0x2, &(0x7f0000000400)='%eth0/\x00')
r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000001, 0x2, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6, 0xfff9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r7, 0x4, 0x42000)
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snapshot\x00', 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r13}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r13}, [@IFA_LOCAL={0x8, 0x2, @rand_addr=0x1}]}, 0x20}}, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000600)={@ipv4={[], [], @multicast1}, r13}, 0x14)
sendfile(r0, r1, 0x0, 0x20008)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000000c0)={0x6, 'batadv0\x00', {0x7}, 0x800})
ioctl$sock_SIOCSIFBR(r6, 0x8941, &(0x7f0000000180)=@get={0x1, &(0x7f0000000140)=""/60, 0x1ff})

04:47:48 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0xffffffc1)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r3 = open(&(0x7f00000001c0)='./bus\x00', 0x492d81, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
getsockopt$inet_tcp_buf(r7, 0x6, 0xd, &(0x7f0000000140)=""/111, &(0x7f0000000200)=0x6f)
close(0xffffffffffffffff)
r8 = open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r8, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000000c0), 0x8}, 0x0, 0xfffffffffffffffd, 0x100, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x4)
fcntl$setstatus(r11, 0x4, 0x2000)
sendfile(r2, r3, 0x0, 0x20008)

04:47:48 executing program 2 (fault-call:9 fault-nth:22):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:48 executing program 3:
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r2, 0x4, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r3)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d0)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r6)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r7, 0x200004)
sendfile(r6, r7, 0x0, 0x80001d00c0d0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r7, 0xc01064c8, &(0x7f0000000140)={0x5, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})
fcntl$setstatus(r5, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

04:47:48 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x200004)
sendfile(r0, r1, 0x0, 0x80001d00c0d0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f00000000c0)=0x80000001, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r4)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d0)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00')
sendmsg$L2TP_CMD_SESSION_MODIFY(r5, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r6, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x6e}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0xe9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4084}, 0x8080)
socket$inet6(0xa, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r7)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r9 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r9)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d0)
ioctl$KVM_SET_CPUID(r10, 0x4008ae8a, &(0x7f0000000040)={0x4, 0x0, [{0x7, 0x78a4, 0x800, 0x3, 0xa0be}, {0x40000000, 0x7fff, 0x2, 0x3, 0x40}, {0x80000007, 0x5cb, 0x9, 0x5, 0x3f}, {0x4, 0x2000000, 0xec8b, 0x24, 0x8}]})
sendfile(r7, r8, 0x0, 0x80001d00c0d1)

[  898.529320][   T27] kauditd_printk_skb: 72 callbacks suppressed
[  898.529342][   T27] audit: type=1804 audit(1583210868.794:9100): pid=26488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/658/bus" dev="sda1" ino=16833 res=1
04:47:48 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0xe00)

[  898.572088][   T27] audit: type=1800 audit(1583210868.794:9101): pid=26488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=16833 res=0
[  898.598036][   T27] audit: type=1804 audit(1583210868.804:9102): pid=26485 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/590/bus" dev="sda1" ino=16881 res=1
[  898.614862][T26497] FAULT_INJECTION: forcing a failure.
[  898.614862][T26497] name failslab, interval 1, probability 0, space 0, times 0
[  898.635492][T26497] CPU: 1 PID: 26497 Comm: syz-executor.2 Not tainted 5.6.0-rc1-syzkaller #0
[  898.641010][   T27] audit: type=1800 audit(1583210868.804:9103): pid=26485 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=16881 res=0
[  898.644346][T26497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  898.644352][T26497] Call Trace:
[  898.644383][T26497]  dump_stack+0x11d/0x187
[  898.644482][T26497]  should_fail.cold+0x5/0xf
[  898.644528][T26497]  ? mempool_free+0x190/0x190
[  898.689351][   T27] audit: type=1804 audit(1583210868.804:9104): pid=26485 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir756079000/syzkaller.vQNFih/590/bus" dev="sda1" ino=16881 res=1
[  898.691735][T26497]  __should_failslab+0x82/0xb0
[  898.691801][T26497]  should_failslab+0x5/0xf
[  898.716921][   T27] audit: type=1804 audit(1583210868.804:9105): pid=26488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/658/bus" dev="sda1" ino=16833 res=1
[  898.721152][T26497]  kmem_cache_alloc+0x23/0x5e0
[  898.721171][T26497]  ? ctx_sched_out+0xba/0x560
[  898.721197][T26497]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  898.721296][T26497]  ? mempool_free+0x190/0x190
[  898.726407][   T27] audit: type=1804 audit(1583210868.844:9106): pid=26487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/632/bus" dev="sda1" ino=16897 res=1
[  898.750085][T26497]  mempool_alloc_slab+0x21/0x30
[  898.750106][T26497]  mempool_alloc+0x8d/0x280
[  898.750196][T26497]  ? _find_next_bit.constprop.0+0x126/0x160
[  898.750226][T26497]  sg_pool_alloc+0xa6/0xc0
[  898.758047][   T27] audit: type=1800 audit(1583210868.844:9107): pid=26487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=16897 res=0
[  898.760004][T26497]  __sg_alloc_table+0x1da/0x260
[  898.760103][T26497]  sg_alloc_table_chained+0xa5/0x160
[  898.760171][T26497]  ? mac_pton+0x1a0/0x1a0
[  898.766319][   T27] audit: type=1804 audit(1583210868.844:9108): pid=26487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir958922759/syzkaller.WYJESU/632/bus" dev="sda1" ino=16897 res=1
[  898.770797][T26497]  scsi_init_io+0xba/0x380
[  898.770886][T26497]  sd_init_command+0x145/0x1db0
[  898.770929][T26497]  ? blk_mq_start_request+0x167/0x360
[  898.798032][T26503] ceph: No path or : separator in source
[  898.800455][T26497]  scsi_queue_rq+0xc3a/0x1770
[  898.800491][T26497]  blk_mq_dispatch_rq_list+0x9ca/0xe70
[  898.805553][   T27] audit: type=1804 audit(1583210868.874:9109): pid=26495 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir382957218/syzkaller.oRvUPD/658/bus" dev="sda1" ino=16833 res=1
[  898.811014][T26497]  ? deadline_remove_request+0xa1/0x250
[  898.811040][T26497]  ? blk_req_needs_zone_write_lock+0x9a/0x140
[  898.811069][T26497]  ? _raw_spin_unlock+0x38/0x60
[  898.876266][T26497]  ? dd_dispatch_request+0x14b/0x4f0
[  898.876289][T26497]  blk_mq_do_dispatch_sched+0x12b/0x270
[  898.876317][T26497]  blk_mq_sched_dispatch_requests+0x2b6/0x380
[  898.885700][T26497]  ? rb_insert_color+0x108/0x340
[  898.885754][T26497]  __blk_mq_run_hw_queue+0xb1/0x150
[  898.896780][T26497]  __blk_mq_delay_run_hw_queue+0x315/0x390
[  898.896814][T26497]  blk_mq_run_hw_queue+0xfa/0x1b0
[  898.986148][T26497]  ? dd_merged_requests+0x260/0x260
[  898.991353][T26497]  blk_mq_sched_insert_requests+0x19c/0x270
[  898.997259][T26497]  blk_mq_flush_plug_list+0x2f0/0x4c0
[  899.002701][T26497]  blk_flush_plug_list+0x281/0x2b0
[  899.007872][T26497]  blk_finish_plug+0x59/0x7a
[  899.012474][T26497]  iomap_dio_rw+0x909/0x9a0
[  899.012515][T26497]  ? ext4_file_read_iter+0x2b4/0x360
[  899.012540][T26497]  ext4_file_read_iter+0x2b4/0x360
04:47:49 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x2000)

[  899.027716][T26497]  generic_file_splice_read+0x2df/0x470
[  899.033750][T26497]  ? add_to_pipe+0x1b0/0x1b0
[  899.038455][T26497]  do_splice_to+0xc7/0x100
[  899.042911][T26497]  splice_direct_to_actor+0x1b9/0x540
[  899.048397][T26497]  ? generic_pipe_buf_nosteal+0x20/0x20
[  899.053993][T26497]  do_splice_direct+0x152/0x1d0
[  899.058972][T26497]  do_sendfile+0x396/0x810
[  899.063515][T26497]  __x64_sys_sendfile64+0x121/0x140
[  899.069272][T26497]  do_syscall_64+0xc7/0x390
[  899.074199][T26497]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
04:47:49 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x4000)

[  899.080432][T26497] RIP: 0033:0x45c479
[  899.084470][T26497] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  899.105568][T26497] RSP: 002b:00007fed6069bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  899.118659][T26497] RAX: ffffffffffffffda RBX: 00007fed6069c6d4 RCX: 000000000045c479
04:47:49 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x7e00)

[  899.126833][T26497] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  899.134862][T26497] RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000
[  899.142972][T26497] R10: 0000000000020008 R11: 0000000000000246 R12: 0000000000000007
[  899.151419][T26497] R13: 00000000000008d1 R14: 00000000004cb364 R15: 0000000000000016
[  899.347046][T26488] ==================================================================
[  899.355193][T26488] BUG: KCSAN: data-race in ext4_mpage_readpages / ext4_setattr
[  899.362732][T26488] 
[  899.365080][T26488] write to 0xffff8880abe86570 of 8 bytes by task 26514 on cpu 0:
[  899.372984][T26488]  ext4_setattr+0xd58/0x1290
[  899.377595][T26488]  notify_change+0x82b/0xb00
[  899.382198][T26488]  do_truncate+0xf9/0x180
[  899.386540][T26488]  path_openat+0x1241/0x2f70
[  899.391137][T26488]  do_filp_open+0x11e/0x1b0
04:47:49 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x200000)

[  899.395692][T26488]  do_sys_openat2+0x4f5/0x620
[  899.400377][T26488]  do_sys_open+0xa2/0x110
[  899.404716][T26488]  __x64_sys_creat+0x42/0x60
[  899.409350][T26488]  do_syscall_64+0xc7/0x390
[  899.413870][T26488]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  899.420137][T26488] 
[  899.422568][T26488] read to 0xffff8880abe86570 of 8 bytes by task 26488 on cpu 1:
[  899.430236][T26488]  ext4_mpage_readpages+0x52d/0x1400
[  899.435548][T26488]  ext4_readpages+0x8e/0xb0
[  899.440293][T26488]  read_pages+0xa2/0x2d0
[  899.445275][T26488]  __do_page_cache_readahead+0x358/0x380
[  899.452099][T26488]  ondemand_readahead+0x369/0x730
[  899.457937][T26488]  page_cache_async_readahead+0x237/0x260
[  899.463764][T26488]  generic_file_read_iter+0xff2/0x1490
[  899.469255][T26488]  ext4_file_read_iter+0x103/0x360
[  899.469272][T26488]  generic_file_splice_read+0x2df/0x470
[  899.469294][T26488]  do_splice_to+0xc7/0x100
[  899.484531][T26488]  splice_direct_to_actor+0x1b9/0x540
[  899.489937][T26488]  do_splice_direct+0x152/0x1d0
04:47:49 executing program 5:
r0 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r0)
clone(0x80002180, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@empty, 0x7a})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/73, 0x3f4fd7a220e5df02}], 0x0, 0x0, 0x15d, 0x0)
tkill(r1, 0x5)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x1000000)

04:47:49 executing program 2 (fault-call:9 fault-nth:23):
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ftruncate(r3, 0x200004)
sendfile(r2, r3, 0x0, 0x80001d00c0d0)
r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
sendfile(r0, r1, 0x0, 0x20008)

[  899.494950][T26488]  do_sendfile+0x396/0x810
[  899.499553][T26488]  __x64_sys_sendfile64+0x121/0x140
[  899.504881][T26488]  do_syscall_64+0xc7/0x390
[  899.509549][T26488]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  899.515443][T26488] 
[  899.517772][T26488] Reported by Kernel Concurrency Sanitizer on:
[  899.523944][T26488] CPU: 1 PID: 26488 Comm: syz-executor.3 Not tainted 5.6.0-rc1-syzkaller #0
[  899.532622][T26488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  899.542818][T26488] ==================================================================
[  899.551037][T26488] Kernel panic - not syncing: panic_on_warn set ...
[  899.557650][T26488] CPU: 1 PID: 26488 Comm: syz-executor.3 Not tainted 5.6.0-rc1-syzkaller #0
[  899.566416][T26488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  899.576480][T26488] Call Trace:
[  899.579917][T26488]  dump_stack+0x11d/0x187
[  899.584497][T26488]  panic+0x210/0x640
[  899.588433][T26488]  ? vprintk_func+0x89/0x13a
[  899.593063][T26488]  kcsan_report.cold+0xc/0x14
[  899.597794][T26488]  kcsan_setup_watchpoint+0x304/0x400
[  899.603305][T26488]  ext4_mpage_readpages+0x52d/0x1400
[  899.608630][T26488]  ? get_page_from_freelist+0x94b/0x1640
[  899.614309][T26488]  ? mempool_free+0x84/0x190
[  899.618934][T26488]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  899.624874][T26488]  ext4_readpages+0x8e/0xb0
[  899.629602][T26488]  ? ext4_releasepage+0x1e0/0x1e0
[  899.634658][T26488]  read_pages+0xa2/0x2d0
[  899.638948][T26488]  ? __page_cache_alloc+0xac/0x1a0
[  899.644131][T26488]  __do_page_cache_readahead+0x358/0x380
[  899.649830][T26488]  ondemand_readahead+0x369/0x730
[  899.654907][T26488]  page_cache_async_readahead+0x237/0x260
[  899.660650][T26488]  generic_file_read_iter+0xff2/0x1490
[  899.666299][T26488]  ? fsnotify+0x6ab/0x7d0
[  899.670691][T26488]  ext4_file_read_iter+0x103/0x360
[  899.675831][T26488]  generic_file_splice_read+0x2df/0x470
[  899.681403][T26488]  ? add_to_pipe+0x1b0/0x1b0
[  899.686258][T26488]  do_splice_to+0xc7/0x100
[  899.690713][T26488]  splice_direct_to_actor+0x1b9/0x540
[  899.696295][T26488]  ? generic_pipe_buf_nosteal+0x20/0x20
[  899.701875][T26488]  do_splice_direct+0x152/0x1d0
[  899.706760][T26488]  do_sendfile+0x396/0x810
[  899.711212][T26488]  __x64_sys_sendfile64+0x121/0x140
[  899.716433][T26488]  do_syscall_64+0xc7/0x390
[  899.720977][T26488]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  899.726882][T26488] RIP: 0033:0x45c479
[  899.730798][T26488] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  899.750407][T26488] RSP: 002b:00007fd333e27c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  899.758810][T26488] RAX: ffffffffffffffda RBX: 00007fd333e286d4 RCX: 000000000045c479
[  899.766795][T26488] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  899.775061][T26488] RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000
[  899.783242][T26488] R10: 000080001d00c0d0 R11: 0000000000000246 R12: 00000000ffffffff
[  899.791323][T26488] R13: 00000000000008d1 R14: 00000000004cb364 R15: 000000000076bf2c
[  899.801016][T26488] Kernel Offset: disabled
[  899.805373][T26488] Rebooting in 86400 seconds..